Jump to content

Pilsberyhomeboy

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral

About Pilsberyhomeboy

  • Birthday May 8

Profile Information

  • Location
    United States
  • Interests
    Building computers
  1. I was just looking at my FRST scans and found this: 2015-12-31 22:33 - 2015-06-21 11:42 - 00000080 _____ C:\Users\Joe\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 I really don't know what this is because I don't think i should be seeing Japanese characters. I think more scans would be appropriate.
  2. I am almost 90% sure there is an infection on my PC, it crashes sometimes and was able to open Google chrome and download files without my permission or awareness. I would really like to run some more scans or flush my DNS just to be 100% sure that my computer is clean. If you can show me some more scans/tests I can do for my PC, your help is greatly appreciated, thank you.
  3. Then how do you explain me coming home with all these downloads at the bottom of my screen, it wasn't me and nobody was home
  4. Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015 Ran by Joe (2016-01-02 20:02:27) Running from C:\Users\Joe\Downloads Windows 8.1 (X64) (2015-05-09 09:26:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4290914269-1144193900-1776241538-500 - Administrator - Disabled) Guest (S-1-5-21-4290914269-1144193900-1776241538-501 - Limited - Disabled) Joe (S-1-5-21-4290914269-1144193900-1776241538-1001 - Administrator - Enabled) => C:\Users\Joe ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «City Car Driving» version 1.5.0 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version: 1.5.0 - Forward Development) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) A3Launcher version 0.0.1.5 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.1.5 - Maca134) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) APP Shop v1.0.13 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.13 - ASRock Inc.) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) ASRock Restart to UEFI v1.0.3 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden ASUS UEFI (HKLM-x32\...\InstallShield_{926C75FA-31A5-45B9-A26D-33EF1097D569}) (Version: 1.1.1.0 - ASUSTek COMPUTER INC.) ASUS UEFI (x32 Version: 1.1.1.0 - ASUSTek COMPUTER INC.) Hidden A-Tuning v2.0.119.5 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.119.5 - ) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts) CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - ) Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft) Classroom Aquatic Demo (HKLM-x32\...\Steam App 317560) (Version: - Sunken Places) Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dev Guy (HKLM-x32\...\Steam App 351800) (Version: - ) Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®) Epic Games Launcher (HKLM\...\{7C8ED4CE-7D28-442D-AD14-C95C18A7CB1A}) (Version: 1.1.35.0 - Epic Games, Inc.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 Multiplayer 0.2.0.5.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.1 Alpha - ETS2MP Team) FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Fishing Planet (HKLM-x32\...\Steam App 380600) (Version: - Fishing Planet LLC) Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team) Fuse (HKLM-x32\...\Steam App 257400) (Version: - Mixamo) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto) Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - OP Productions LLC) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation) Intel® Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) Intel® Smart Connect Technology (HKLM\...\{3CC1CC76-AB3A-4360-AB6F-1355D05A2A17}) (Version: 5.0.10.2907 - Intel Corporation) Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios) Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD) Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 359.06 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors) Project CARS (HKLM-x32\...\Steam App 234630) (Version: - Slightly Mad Studios) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) ROBLOX Player for Joe (HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios) Spotify (HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB) STAR WARS™ Battlefront™ Beta (HKLM-x32\...\{8A863B64-C9BE-4203-9ED7-92981CF690D3}) (Version: 1.0.3.51560 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com) Supraball (closed beta) (HKLM-x32\...\Steam App 321400) (Version: - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) TortoiseSVN 1.8.11.26392 (64 bit) (HKLM\...\{11309CA9-9118-44D6-B345-83C86A5111D5}) (Version: 1.8.26392 - TortoiseSVN) Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds) Unreal Development Kit: 2012-10 (HKLM\...\UDK-9557cda4-3ad9-4792-bd8e-9d00f23625ee) (Version: - Epic Games, Inc.) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Wireshark 1.12.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, hxxp://www.wireshark.org) XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4290914269-1144193900-1776241538-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-4290914269-1144193900-1776241538-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Joe\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\RobloxProxy64.dll (ROBLOX Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2118B824-5D2A-4919-AB31-DD204AB1844F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {2ADCCC17-A790-4812-9136-8F37F6097A4C} - System32\Tasks\ASUS UEFI => C:\Program Files (x86)\ASUS\UEFI\ASUS UEFI.exe [2013-06-08] (ASUS VGA) Task: {2BC2EADE-CE48-4AF3-B359-900BFC1E7BAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {51B482B3-F929-4CF0-98A8-CCB739EA4D09} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {55EDE168-9C0E-4949-BF13-9A39030399CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {6722F04B-4D25-4121-9441-53BD026AA067} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {8E33EED0-5222-48CB-A9F2-DD5212A9A01B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {9B6AB864-B736-4031-863A-84F6CB3F8B47} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {9F1BDC2B-CA9C-4FB9-86C3-1B653FE9723F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-08] (Microsoft Corporation) Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {C81C6327-0669-4FC3-9C89-07C5BA9D627B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd) Task: {DC4DD1D5-A60F-4DC0-A59D-2EC55DC9023D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated) Task: {EEE04919-C288-494A-949F-4ECF5D60A3A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {FA3DBFA3-9C50-463E-981E-C0050A4CDE04} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-04-18] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2015-05-09 05:24 - 2013-07-25 17:04 - 00454656 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe 2015-12-20 14:06 - 2015-12-08 20:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2015-05-09 15:36 - 2015-05-09 15:36 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-05-15 19:05 - 2015-11-24 13:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-10-16 05:02 - 2015-10-16 05:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-03-19 18:55 - 2015-03-19 18:55 - 00088960 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2015-10-16 05:02 - 2015-10-16 05:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2014-03-20 13:43 - 2014-03-20 13:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2015-03-19 18:29 - 2015-03-19 18:29 - 00072064 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll 2015-05-15 19:20 - 2015-12-08 20:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-05-08 03:57 - 2015-11-10 14:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-05-08 03:57 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-05-08 03:57 - 2015-12-14 15:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll 2015-05-08 03:57 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-05-08 03:57 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-05-08 03:57 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-05-08 03:57 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-05-08 03:57 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-05-08 03:57 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-05-08 03:57 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-05-08 03:57 - 2015-12-14 15:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-21 19:14 - 2015-11-03 17:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-05-08 03:57 - 2015-11-16 19:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-05-08 03:57 - 2015-09-24 18:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2015-12-16 15:02 - 2015-12-10 22:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 15:02 - 2015-12-10 22:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Joe:Heroes & Generals AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "XFast LAN" HKLM\...\StartupApproved\Run: => "ISCT Tray" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "Clownfish" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "ooVoo.exe" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{EAE21093-1E49-4A7E-8605-DE60F15B109C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DA343498-AB2C-411B-B683-B75CF29534E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C7D9A17E-595F-420E-8360-2B0DA5A122F0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{31613C54-0BEB-4183-8C1B-106B2EBF74F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AE21E921-3B2B-4DED-9077-E7FD6612E252}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{22C12AD7-DFA6-4C27-BD28-FE80B4667052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{0F21A06D-00F3-417C-A5A9-929B4F181ABD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{DBD8EEC7-6289-4707-A88F-159D1CB8F3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{8D0648D6-1A23-4DD3-8B39-BE94D52EAC48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [uDP Query User{A18672DC-5547-48C8-A181-AB90E6A58C56}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{61EE8DD3-B6A6-4711-B099-FB7BC8CD9D2F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D41D9144-8492-453A-8F6A-E9260C3BC86C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CC888242-7E11-4351-9C62-A1860EFEBC3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{89E8BEAD-32FB-4239-BDE4-C6F4C569BBD1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{02BB9ADE-AF3E-4298-80B7-EB30997136D5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{5055A414-EAC6-43CA-B3EF-4AD666F7C413}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{B90364A3-67FD-4B90-8FAE-3C47F0A7B5D5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{A5D59F75-8452-4957-9668-B575978E2DE1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{AF103D71-759A-4DB0-86B7-E5311E1FC68B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C8C5F66D-4D96-4302-A25A-E933491A95D6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D07A8190-EB8B-4D7B-9E86-E33EAFB6A710}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{806FBCD5-88B9-418A-850B-F79D498A7A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{A65D6B1B-ECC6-4FC5-8DBD-522AC00D2202}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{34B6FCF1-7B47-406B-956E-AC55DDD52D47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{C7453CE8-8085-41F5-BE2F-642B38598B4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{B100320A-56CE-412B-AF21-E86EC24F8D85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{C60FFB81-3CB4-479D-8C6B-15B6F41A4F99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe FirewallRules: [{D154CEE5-8202-4589-A2FF-5E415F6BF927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SleepingDogs\HKShip.exe FirewallRules: [{973A92C5-1BE4-4E75-A581-A71387F9F44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{11048E4E-9708-4CC0-89E7-AF99324463D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{ED94280A-932F-491E-904F-DFFEAF235A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{254F20A8-629F-4849-9A7E-CAB66EE318BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{0DCB6333-EE97-4417-B033-933635381883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe FirewallRules: [{6E071A23-9C3C-4554-A3DA-9ECE3B74E3CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe FirewallRules: [{E2468351-AAA4-4347-A6F1-7A4589D56533}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{E81CC901-497F-418D-AC49-9087E8688535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{FE848C39-2F4B-4385-BE9C-BBE89AC3AB62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{55163AE8-85DA-4BD2-85D3-8D70CE8243BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{AF763021-AD00-4B37-86B0-525129A5F488}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dev Guy\Binaries\Win64\Dev Guy.exe FirewallRules: [{62A6A8F5-58F0-4427-865E-8CA635C9CEE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dev Guy\Binaries\Win64\Dev Guy.exe FirewallRules: [{090C8219-2C8A-4544-BDE5-F857EE6AE942}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supraball\launcher\supraball-launcher.exe FirewallRules: [{7EBC6276-6739-4D1C-A00A-C0E164446D7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supraball\launcher\supraball-launcher.exe FirewallRules: [{C023F3A1-7683-4DAD-B003-6727C388947B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{1F935250-D639-4E63-A36E-FB1F1C6651C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{90EADEDE-9D25-437E-9211-9F358F1F5929}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{A4B0996C-D28E-4492-AF0D-B600778B7924}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{AD7CE437-CE0F-4A81-8F27-1FF9D8585EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{B9406DB7-3871-429D-9511-63D79119B148}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{386C10FF-ED40-422F-8D12-F1271E06BAC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{292BF04B-9AEE-46A9-BF2A-EF81EDA178E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{C1B1F126-6030-45F9-AC6D-1E43EF7489CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{CE797326-64E9-4F1B-A005-BD3C62174461}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{1C5C6B3D-A4BD-4AAE-9067-FBECFAA823CE}C:\users\joe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joe\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{43BDCE5E-705C-4946-A8E9-3EC645A99ADE}C:\users\joe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joe\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3B0E138E-6A6F-4239-B6B5-2FE9C948EEC7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [uDP Query User{F44D20B2-A764-4855-B93A-2CDF613E362E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{F94879BE-B715-467E-B701-40033FCFE4AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{91AD5BA0-FC3D-485C-9772-D73904082236}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D74AB4CD-7564-4796-BDD6-0FA6A5793227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{0760AEF2-F323-4526-9CC5-9CC2DA45E555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E35349BC-A9FD-4D8B-80DC-94C432784623}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2B1572CE-EBCB-4AB8-B246-48883E7AA83A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{750C429C-E38D-460B-934C-676D2BBDCBE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{CCD6F18C-8654-4889-AB28-BC60596390BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Classroom Aquatic Demo\game.exe FirewallRules: [{393FDFF1-A405-46F1-A818-D6A8052A1078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Classroom Aquatic Demo\game.exe FirewallRules: [{9DEB9FD7-1A40-4DB0-8F79-38AB26F1BE26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The War Z\WarZlauncher.exe FirewallRules: [{F347E68F-B1D7-40A4-9F86-0F38A14E6535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The War Z\WarZlauncher.exe FirewallRules: [TCP Query User{D35E6945-EB6D-42C6-BAA9-5A8F8E6E3ADD}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe FirewallRules: [uDP Query User{907490F8-7518-422C-B92E-90DBDCD7777C}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe FirewallRules: [TCP Query User{15D7515F-323F-4A41-9EC3-6146D0C152E7}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe FirewallRules: [uDP Query User{B9F67C99-A4F3-44B3-B1CD-1554C661456C}C:\gmod\srcds.exe] => (Allow) C:\gmod\srcds.exe FirewallRules: [TCP Query User{92441597-8317-4E3B-833F-A4FAF5CF4FFD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [uDP Query User{D73D0EB1-81E9-4DCE-ABFB-50B7B379B12D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{86280866-AB8B-450D-B5F4-71FE3AFBC80D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [uDP Query User{AC62CB7C-90B6-4691-B0F0-6A3280D119A1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{BD4C2244-8DBB-41E3-B754-3BF0CD246669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe FirewallRules: [{6F355B88-EABF-478F-9DD2-40869EB9FF2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fuse\Code\Build\Output\bin\Release\Fuse.exe FirewallRules: [TCP Query User{863C5E16-E8ED-48AA-AB1A-E713ABF6BE03}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [uDP Query User{D2E2F008-8EA3-42A5-B487-FB7809BFBA65}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [{C52F5F1E-BF33-4BF2-B57D-5375D38C0DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{25931B09-EE94-4076-A9B4-BB5E71D4C3AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{5D84E4BC-FC31-4E56-8A8D-99CF8B64569C}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe FirewallRules: [{2CF3E978-6AA3-49F1-BA87-9F8E6666D897}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe FirewallRules: [TCP Query User{A206236D-E01C-4040-B34F-DA10341BFD0C}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe FirewallRules: [uDP Query User{93814377-F05D-46FA-9D7A-30861C5121CB}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe FirewallRules: [{94FBA8C9-96BB-4140-A9B5-F8CE6ACB93DB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{B936FE67-DA4D-4561-AA2B-26A2A045A079}] => (Allow) LPort=2869 FirewallRules: [{F751DA71-2EF1-4482-B0FC-B50D126BBE1D}] => (Allow) LPort=1900 FirewallRules: [{4BB970F7-19D5-4339-B797-AACEB6049107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [{3ED81FA4-3486-4955-BF91-349712553633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [TCP Query User{B7E1D5EC-6719-400F-A6C2-46E317B45A8C}C:\darkrp\srcds.exe] => (Allow) C:\darkrp\srcds.exe FirewallRules: [uDP Query User{EFB3FCFB-3439-472F-98EE-23C4D5F3C9C9}C:\darkrp\srcds.exe] => (Allow) C:\darkrp\srcds.exe FirewallRules: [{DD75CD25-B2AE-485C-8241-2A0B883D6BA0}] => (Allow) C:\Program Files (x86)\Forward Development\City Car Driving Home Edition\bin\win32\starter.exe FirewallRules: [{3FED0629-D666-47D3-B87C-2CC1D4757995}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{24AC2EBE-524B-490E-96B4-E0A7D0CB8A65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{73778357-AE5A-4547-A48D-5925FAF3DF12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{170F9183-2295-4A92-A495-E62C4B52B21C}C:\users\joe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joe\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{3D3BD0A8-4925-4738-B28F-6D2A467AD784}C:\users\joe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joe\appdata\roaming\spotify\spotify.exe FirewallRules: [{89232FCC-D6EA-4616-BF80-F313E105DECC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{03B53CE2-3290-4F60-8C1B-914F56915CCD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{44AA64EF-1564-4AB6-8C8C-CE9C9FBFCC8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{81010B5F-77EA-4C1C-8813-283FAD0F714E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{20DDA456-9285-4828-9FAA-687358C6920A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [uDP Query User{9EA7F6E2-8AD8-49D3-9F58-B9ABA00DF16D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{42B047CF-CA04-42D3-A927-4454EC38364E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{3B56A04D-1EED-4C2D-9B69-984A8C89088C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F44E637F-59EA-4024-9E2B-73AACF4A38B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{19C2C2B7-9D11-47CF-83A8-218616629B24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{AA7FFCF0-0661-4920-9AF2-CDF85B171233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{AAEC2406-C09A-4B31-B8DB-A8317225EE5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{7C4376AB-2E7E-44AC-BE26-A2133977CD90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe FirewallRules: [{DBF266EA-841F-496F-9B08-F2E474905D34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe FirewallRules: [TCP Query User{201F76B4-33DE-44E2-BB61-F038585555DC}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe FirewallRules: [uDP Query User{FD9DF36D-AC18-4824-A585-08F07A60D0FA}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe FirewallRules: [{ECE95086-583D-4011-8E58-91500794F6BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe FirewallRules: [{5587E2BA-55A5-4CAE-B6DF-4AF8185C8FB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe FirewallRules: [{008EA107-3B0D-4534-B680-D0EE36B1B243}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{58EDC81E-B172-4356-B251-3AD402E77E5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{1A060E19-5B86-4F1B-8706-268885159C53}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe FirewallRules: [uDP Query User{13BACE4D-78C8-4306-84B9-78CF631860D5}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe FirewallRules: [TCP Query User{C2FC6A23-AE7C-436E-B987-49183D9416AD}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [uDP Query User{CA547064-6D64-4438-B444-7019C0C0EE45}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe ==================== Restore Points ========================= 28-12-2015 22:01:17 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/31/2015 07:27:39 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: JOE_GAMING_PC) Description: windows_ie_ac_0013 Error: (12/31/2015 07:23:58 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Error: (12/30/2015 12:05:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ASUS UEFI.exe, version: 1.1.1.0, time stamp: 0x51b2d9e3 Faulting module name: Exeio.dll, version: 1.0.4.0, time stamp: 0x513ec0ad Exception code: 0xc0000005 Fault offset: 0x00004df8 Faulting process id: 0xd1c Faulting application start time: 0xASUS UEFI.exe0 Faulting application path: ASUS UEFI.exe1 Faulting module path: ASUS UEFI.exe2 Report Id: ASUS UEFI.exe3 Faulting package full name: ASUS UEFI.exe4 Faulting package-relative application ID: ASUS UEFI.exe5 Error: (12/29/2015 01:55:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ASUS UEFI.exe, version: 1.1.1.0, time stamp: 0x51b2d9e3 Faulting module name: Exeio.dll, version: 1.0.4.0, time stamp: 0x513ec0ad Exception code: 0xc0000005 Fault offset: 0x00004df8 Faulting process id: 0x11ac Faulting application start time: 0xASUS UEFI.exe0 Faulting application path: ASUS UEFI.exe1 Faulting module path: ASUS UEFI.exe2 Report Id: ASUS UEFI.exe3 Faulting package full name: ASUS UEFI.exe4 Faulting package-relative application ID: ASUS UEFI.exe5 Error: (12/29/2015 10:40:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ASUS UEFI.exe, version: 1.1.1.0, time stamp: 0x51b2d9e3 Faulting module name: Exeio.dll, version: 1.0.4.0, time stamp: 0x513ec0ad Exception code: 0xc0000005 Fault offset: 0x00004df8 Faulting process id: 0x1140 Faulting application start time: 0xASUS UEFI.exe0 Faulting application path: ASUS UEFI.exe1 Faulting module path: ASUS UEFI.exe2 Report Id: ASUS UEFI.exe3 Faulting package full name: ASUS UEFI.exe4 Faulting package-relative application ID: ASUS UEFI.exe5 Error: (12/28/2015 11:58:21 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4 Error: (12/28/2015 11:58:20 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (12/28/2015 11:58:20 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (12/28/2015 11:58:20 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4 Error: (12/28/2015 11:58:20 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll4 System errors: ============= Error: (12/31/2015 04:15:20 PM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/31/2015 04:14:50 PM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/31/2015 10:31:22 AM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/31/2015 10:30:52 AM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/30/2015 04:22:19 PM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/30/2015 04:11:03 PM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/30/2015 04:10:33 PM) (Source: DCOM) (EventID: 10010) (User: JOE_GAMING_PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/30/2015 01:21:31 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 12:56:22 PM on ‎12/‎30/‎2015 was unexpected. Error: (12/30/2015 12:05:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The IOMap service failed to start due to the following error: %%2 Error: (12/30/2015 12:05:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The IOMap service failed to start due to the following error: %%2 ==================== Memory info =========================== Processor: Intel® Core i5-4690K CPU @ 3.50GHz Percentage of memory in use: 27% Total physical RAM: 8149.57 MB Available physical RAM: 5868.15 MB Total Virtual: 10402.54 MB Available Virtual: 7414.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.17 GB) (Free:577.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6D79A418) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  5. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015 Ran by Joe (administrator) on JOE_GAMING_PC (02-01-2016 20:01:50) Running from C:\Users\Joe\Downloads Loaded Profiles: Joe (Available Profiles: Joe) Platform: Windows 8.1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe () C:\Windows\SysWOW64\ASGT.exe () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (NVIDIA Corporation) C:\Users\Joe\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coNatHst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2009952 2013-05-31] (cFos Software GmbH) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft) HKLM\...\Run: [iSCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-08] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.) HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [ASRock A-Tuning] => [X] HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [ASRockRuefi] => [X] HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-27] (SUPERAntiSpyware) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [spotify Web Helper] => C:\Users\Joe\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-19] (Spotify Ltd) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50515576 2015-11-30] (Skype Technologies S.A.) HKU\S-1-5-21-4290914269-1144193900-1776241538-1001\...\Run: [spotify] => C:\Users\Joe\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-19] (Spotify Ltd) HKU\S-1-5-18\...\Run: [] => 0 ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5500B69B-CE55-4987-9FB7-28159B7F4EE7}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation) Toolbar: HKU\S-1-5-21-4290914269-1144193900-1776241538-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] () FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] () FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin HKU\S-1-5-21-4290914269-1144193900-1776241538-1001: @nsroblox.roblox.com/launcher -> C:\Users\Joe\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-4290914269-1144193900-1776241538-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Joe\AppData\Local\Roblox\Versions\version-f7131a583a8d4ea7\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn [2015-12-30] Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-08] CHR Extension: (BetterTTV) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-08-17] CHR Extension: (Google Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-08] CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Sheets) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-08] CHR Extension: (Google Docs Offline) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17] CHR Extension: (AdRemover for Google Chrome™) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2015-05-11] CHR Extension: (Chrome Web Store Payments) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Norton Security Toolbar) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-08-10] CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08] CHR Extension: (Abstract-Blue) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2015-05-08] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-07-22] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-07-22] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-07-25] () [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-28] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-11-15] (altPUG LLC) R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-05-31] (cFos Software GmbH) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [235744 2015-05-26] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-08] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-21] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation) S2 iSCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-08] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-08] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-08] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-09] (Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-05-09] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-09] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-02-27] () R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-05-09] (ASRock Incorporation) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-02-03] (Intel Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) S3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [3791872 2014-05-21] (Intel Corporation) [File not signed] R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] () S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] () R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-02-19] (ASUSTeK Computer Inc.) R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-02] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X] S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X] U2 TMAgent; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-02 20:01 - 2016-01-02 20:02 - 00026618 _____ C:\Users\Joe\Downloads\FRST.txt 2016-01-02 20:01 - 2016-01-02 20:01 - 02370560 _____ (Farbar) C:\Users\Joe\Downloads\FRST64.exe 2016-01-02 20:01 - 2016-01-02 20:01 - 00000000 ____D C:\FRST 2016-01-02 19:55 - 2013-02-19 17:02 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2015-12-31 19:31 - 2015-12-31 21:39 - 00000000 ____D C:\Users\Joe\AppData\Roaming\vlc 2015-12-31 19:31 - 2015-12-31 19:31 - 00001086 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-12-31 19:31 - 2015-12-31 19:31 - 00000000 ____D C:\Users\Joe\AppData\Roaming\dvdcss 2015-12-31 19:31 - 2015-12-31 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-12-31 19:30 - 2015-12-31 19:30 - 28849904 _____ C:\Users\Joe\Downloads\vlc-2.2.1-win32.exe 2015-12-31 19:30 - 2015-12-31 19:30 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2015-12-31 19:27 - 2015-12-31 19:27 - 00000000 ___HD C:\OneDriveTemp 2015-12-31 19:26 - 2016-01-02 19:55 - 00000000 ___RD C:\Users\Joe\OneDrive 2015-12-30 15:49 - 2015-12-30 15:49 - 00000947 _____ C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\TeamSpeak 3 Client.lnk 2015-12-30 12:57 - 2016-01-02 19:55 - 00002972 _____ C:\Windows\System32\Tasks\AsrSP.exe 2015-12-29 23:53 - 2015-12-29 23:53 - 00001988 _____ C:\Users\Joe\Desktop\mc acc.txt 2015-12-28 20:13 - 2015-12-28 20:14 - 16920266 _____ C:\Users\Joe\Downloads\ets2mp_20510 (1).zip 2015-12-28 19:34 - 2015-12-28 22:27 - 00000000 ____D C:\Program Files (x86)\A3Launcher 2015-12-28 19:34 - 2015-12-28 19:34 - 00001047 _____ C:\Users\Public\Desktop\A3Launcher.lnk 2015-12-28 19:34 - 2015-12-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A3Launcher 2015-12-28 19:33 - 2015-12-28 19:33 - 14946192 _____ (Maca134 ) C:\Users\Joe\Downloads\setup_a3launcher.exe 2015-12-28 18:41 - 2015-12-31 11:25 - 00000000 ____D C:\Users\Joe\AppData\Local\Arma 3 2015-12-28 18:41 - 2015-12-28 18:44 - 00000000 ____D C:\Users\Joe\Documents\Arma 3 2015-12-28 18:41 - 2015-12-28 18:41 - 00000000 ____D C:\ProgramData\Bohemia Interactive 2015-12-28 18:40 - 2015-12-28 18:42 - 00000000 ____D C:\Users\Joe\AppData\Local\Arma 3 Launcher 2015-12-28 18:40 - 2015-12-28 18:40 - 00000000 ____D C:\Users\Joe\AppData\Local\Bohemia_Interactive 2015-12-27 23:29 - 2015-12-27 23:29 - 00000222 _____ C:\Users\Joe\Desktop\Arma 3.url 2015-12-27 22:31 - 2015-12-28 20:14 - 00001205 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk 2015-12-27 22:29 - 2015-12-27 22:29 - 16920266 _____ C:\Users\Joe\Downloads\ets2mp_20510.zip 2015-12-27 18:08 - 2015-12-27 18:14 - 00000000 ____D C:\Users\Joe\Documents\Project CARS 2015-12-27 18:08 - 2015-12-27 18:08 - 00000000 ____D C:\Users\Joe\Documents\wmd_symbol_cache 2015-12-27 14:36 - 2015-12-30 13:06 - 00000000 ____D C:\Users\Joe\Documents\Assetto Corsa 2015-12-27 14:26 - 2015-12-27 14:26 - 00000222 _____ C:\Users\Joe\Desktop\Project CARS.url 2015-12-27 13:30 - 2015-12-27 15:51 - 00000000 ____D C:\Users\Joe\AppData\Roaming\SpinTires 2015-12-27 13:26 - 2015-12-27 13:26 - 00000222 _____ C:\Users\Joe\Desktop\Spintires.url 2015-12-27 13:22 - 2015-12-27 13:22 - 00000000 ____D C:\Program Files\Logitech 2015-12-27 13:22 - 2015-12-27 13:22 - 00000000 ____D C:\Program Files\Common Files\Logitech 2015-12-27 13:21 - 2015-12-27 13:22 - 17276616 _____ (Logitech ) C:\Users\Joe\Downloads\lgs510_x64.exe 2015-12-27 13:17 - 2015-12-27 13:17 - 00000222 _____ C:\Users\Joe\Desktop\Assetto Corsa.url 2015-12-22 21:15 - 2015-12-27 13:39 - 00000000 ____D C:\Users\Joe\AppData\Local\Logitech 2015-12-22 21:12 - 2015-12-27 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-12-22 21:12 - 2015-12-22 21:13 - 00000000 ____D C:\Program Files\Logitech Gaming Software 2015-12-22 21:11 - 2015-12-22 21:11 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Logitech 2015-12-22 21:11 - 2015-12-22 21:11 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Logishrd 2015-12-22 21:10 - 2015-12-22 21:11 - 97288008 _____ (Logitech Inc.) C:\Users\Joe\Downloads\LGS_8.76.155_x64_Logitech.exe 2015-12-20 14:34 - 2015-11-24 13:29 - 00102704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-12-20 14:33 - 2015-11-24 18:10 - 42913912 _____ C:\Windows\system32\nvcompiler.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 15717672 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 11131184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-12-20 14:33 - 2015-11-24 18:10 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435906.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435906.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00878816 _____ C:\Windows\system32\nvmcumd.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00422056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-12-20 14:33 - 2015-11-24 18:10 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00151184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-12-20 14:33 - 2015-11-24 18:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-12-20 14:06 - 2015-12-08 20:51 - 00111520 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2015-12-20 10:07 - 2015-12-20 10:07 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2015-12-20 10:07 - 2015-12-20 10:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-12-20 10:06 - 2015-12-20 10:06 - 09616448 _____ (TeamViewer GmbH) C:\Users\Joe\Downloads\TeamViewer_Setup_en.exe 2015-12-19 20:42 - 2015-12-19 20:42 - 00000000 ___HD C:\ProgramData\CanonBJ 2015-12-19 20:42 - 2012-04-16 05:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL 2015-12-08 14:48 - 2015-11-22 01:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-08 14:48 - 2015-11-22 01:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-08 14:48 - 2015-11-22 01:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-08 14:48 - 2015-11-22 01:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-08 14:48 - 2015-11-22 01:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-08 14:48 - 2015-11-22 01:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-08 14:48 - 2015-11-22 01:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-08 14:48 - 2015-11-21 13:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-08 14:48 - 2015-11-21 12:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-08 14:48 - 2015-11-21 11:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-08 14:48 - 2015-11-21 11:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-08 14:48 - 2015-11-21 11:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-08 14:48 - 2015-11-21 11:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-08 14:48 - 2015-11-20 17:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-08 14:48 - 2015-11-20 13:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-08 14:48 - 2015-11-20 11:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-08 14:48 - 2015-11-20 11:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-08 14:48 - 2015-11-20 11:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-08 14:48 - 2015-11-20 11:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-12-08 14:48 - 2015-11-20 11:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-08 14:48 - 2015-11-20 11:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-08 14:48 - 2015-11-20 11:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-08 14:48 - 2015-11-20 11:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-08 14:48 - 2015-11-20 11:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-08 14:48 - 2015-11-20 11:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-08 14:48 - 2015-11-20 11:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-08 14:48 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-08 14:48 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-08 14:48 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-08 14:48 - 2015-11-11 10:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-08 14:48 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-08 14:48 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-08 14:48 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-08 14:48 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-08 14:48 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-08 14:48 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-08 14:48 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-08 14:48 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-08 14:48 - 2015-11-09 18:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-08 14:48 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-08 14:48 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-08 14:48 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-08 14:48 - 2015-11-09 18:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-08 14:48 - 2015-11-09 18:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-08 14:48 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-08 14:48 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-08 14:48 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-08 14:48 - 2015-11-08 19:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-08 14:48 - 2015-11-08 17:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-08 14:48 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-08 14:48 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-08 14:48 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-08 14:48 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-08 14:48 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-08 14:48 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-08 14:48 - 2015-11-08 16:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-08 14:48 - 2015-11-08 16:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-08 14:48 - 2015-11-08 16:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-08 14:48 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-08 14:48 - 2015-11-08 16:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-08 14:48 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-08 14:48 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-08 14:48 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-08 14:48 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-08 14:48 - 2015-11-08 16:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-08 14:48 - 2015-11-08 16:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-08 14:48 - 2015-11-08 15:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-08 14:48 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-08 14:48 - 2015-11-08 15:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-08 14:48 - 2015-11-08 15:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-08 14:48 - 2015-11-08 15:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-08 14:48 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-08 14:48 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-08 14:48 - 2015-11-05 03:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-08 14:48 - 2015-10-28 10:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-08 14:48 - 2015-10-28 10:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-08 14:48 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2015-12-08 14:48 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL 2015-12-08 14:48 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2015-12-08 14:48 - 2015-10-22 12:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2015-12-08 14:48 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2015-12-08 14:48 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL 2015-12-08 14:48 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2015-12-08 14:48 - 2015-10-22 11:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2015-12-08 14:48 - 2015-10-22 11:21 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2015-12-08 14:48 - 2015-10-22 11:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2015-12-08 14:48 - 2015-10-22 10:58 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2015-12-08 14:48 - 2015-10-22 10:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2015-12-08 14:48 - 2015-10-22 09:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls 2015-12-08 14:48 - 2015-10-22 09:08 - 00513456 _____ C:\Windows\system32\locale.nls 2015-12-08 14:48 - 2015-10-11 01:34 - 00468824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2015-12-08 14:48 - 2015-10-11 01:34 - 00462168 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-12-08 14:48 - 2015-10-11 01:34 - 00443224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-12-08 14:48 - 2015-10-11 01:34 - 00092504 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-12-08 14:48 - 2015-10-11 01:34 - 00027992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-12-08 14:48 - 2015-10-10 13:41 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2015-12-08 14:48 - 2015-10-10 13:41 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2015-12-08 14:48 - 2015-10-10 13:40 - 00078848 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2015-12-08 14:48 - 2015-10-10 12:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2015-12-08 14:48 - 2015-10-08 11:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2015-12-08 14:48 - 2015-10-08 10:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2015-12-08 14:48 - 2015-10-03 14:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-12-08 14:48 - 2015-10-03 14:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-12-08 14:47 - 2015-10-05 13:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2015-12-08 14:47 - 2015-10-05 13:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-12-03 20:38 - 2015-12-03 20:43 - 00000000 ____D C:\ProgramData\TEMP 2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\Users\Joe\Documents\Forward Development 2015-12-03 20:38 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2015-12-03 20:38 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2015-12-03 20:38 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2015-12-03 20:38 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2015-12-03 20:38 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2015-12-03 20:38 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2015-12-03 20:38 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2015-12-03 20:38 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2015-12-03 20:38 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2015-12-03 20:38 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2015-12-03 20:38 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2015-12-03 20:38 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2015-12-03 20:38 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2015-12-03 20:38 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2015-12-03 20:38 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2015-12-03 20:38 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2015-12-03 20:38 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2015-12-03 20:38 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2015-12-03 20:38 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2015-12-03 20:38 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2015-12-03 20:38 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2015-12-03 20:38 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2015-12-03 20:38 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2015-12-03 20:38 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2015-12-03 20:38 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2015-12-03 20:38 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2015-12-03 20:38 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2015-12-03 20:38 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2015-12-03 20:38 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2015-12-03 20:38 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2015-12-03 20:38 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2015-12-03 20:38 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2015-12-03 20:38 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2015-12-03 20:38 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2015-12-03 20:38 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2015-12-03 20:38 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2015-12-03 20:38 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2015-12-03 20:38 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2015-12-03 20:38 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2015-12-03 20:38 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2015-12-03 20:38 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2015-12-03 20:38 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2015-12-03 20:38 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2015-12-03 20:38 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2015-12-03 20:38 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2015-12-03 20:38 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2015-12-03 20:38 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2015-12-03 20:38 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2015-12-03 20:38 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2015-12-03 20:38 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2015-12-03 20:38 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2015-12-03 20:38 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2015-12-03 20:38 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2015-12-03 20:38 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2015-12-03 20:38 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2015-12-03 20:38 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2015-12-03 20:38 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2015-12-03 20:38 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2015-12-03 20:38 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2015-12-03 20:38 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2015-12-03 20:38 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2015-12-03 20:38 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2015-12-03 20:38 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2015-12-03 20:38 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2015-12-03 20:38 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2015-12-03 20:38 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2015-12-03 20:38 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2015-12-03 20:38 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2015-12-03 20:38 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2015-12-03 20:38 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2015-12-03 20:38 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2015-12-03 20:38 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2015-12-03 20:38 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2015-12-03 20:38 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2015-12-03 20:38 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2015-12-03 20:38 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2015-12-03 20:38 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2015-12-03 20:38 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2015-12-03 20:38 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2015-12-03 20:38 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2015-12-03 20:38 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2015-12-03 20:38 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2015-12-03 20:38 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2015-12-03 20:38 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2015-12-03 20:38 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2015-12-03 20:38 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2015-12-03 20:38 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2015-12-03 20:38 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2015-12-03 20:38 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2015-12-03 20:38 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2015-12-03 20:38 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2015-12-03 20:37 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2015-12-03 20:37 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2015-12-03 20:37 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-12-03 20:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-12-03 20:37 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2015-12-03 20:37 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-12-03 20:37 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2015-12-03 20:37 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-12-03 20:37 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-12-03 20:37 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-12-03 20:37 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-12-03 20:37 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-12-03 20:37 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-12-03 20:37 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-12-03 20:37 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-12-03 20:37 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-12-03 20:37 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-12-03 20:37 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-12-03 20:36 - 2015-12-03 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forward Development 2015-12-03 19:51 - 2015-12-03 20:30 - 1222067228 _____ (Forward Development ) C:\Users\Joe\Downloads\CityCarDriving_En.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-02 20:01 - 2013-08-22 08:36 - 00000000 ____D C:\Windows 2016-01-02 20:00 - 2015-05-08 07:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-02 19:59 - 2015-05-09 05:23 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-02 19:56 - 2015-05-08 03:56 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-02 19:55 - 2015-06-11 18:46 - 00000000 ____D C:\Users\Joe\AppData\Local\TSVNCache 2016-01-02 19:55 - 2015-05-09 05:23 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-02 19:33 - 2015-08-17 20:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-01 00:32 - 2015-05-08 08:17 - 00000000 ____D C:\Users\Joe\AppData\Local\ClassicShell 2016-01-01 00:32 - 2015-05-08 03:48 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Skype 2016-01-01 00:26 - 2015-05-09 04:31 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4EDBDB83-C58F-4071-BC1C-F9FACF4F0250} 2015-12-31 22:33 - 2015-06-21 11:42 - 00000080 _____ C:\Users\Joe\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 2015-12-31 22:23 - 2015-05-22 17:36 - 00000000 ____D C:\Users\Joe\AppData\Roaming\.minecraft 2015-12-31 22:20 - 2015-05-22 17:35 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-12-31 21:44 - 2015-05-09 04:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290914269-1144193900-1776241538-1001 2015-12-31 19:32 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness 2015-12-31 19:27 - 2015-05-09 04:26 - 00000000 ____D C:\Users\Joe\AppData\Local\Packages 2015-12-31 19:27 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-31 19:26 - 2015-05-09 04:26 - 00000000 ____D C:\Users\Joe 2015-12-30 17:52 - 2015-07-22 19:31 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Spotify 2015-12-30 17:43 - 2015-07-22 19:32 - 00000000 ____D C:\Users\Joe\AppData\Local\Spotify 2015-12-30 16:33 - 2015-05-25 11:48 - 00000000 ____D C:\Users\Joe\AppData\Roaming\TS3Client 2015-12-30 15:52 - 2015-10-11 09:21 - 00000166 _____ C:\Users\Joe\Documents\ClownfishForTeamspeak.ini 2015-12-30 13:27 - 2014-11-21 03:44 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-30 13:27 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf 2015-12-30 13:21 - 2015-05-15 19:06 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-30 13:21 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-30 12:17 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp 2015-12-30 12:17 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-12-30 12:08 - 2015-07-01 13:48 - 00000000 ____D C:\Users\Joe\AppData\Local\CrashDumps 2015-12-28 21:34 - 2015-09-24 16:19 - 00000000 ____D C:\Users\Joe\Documents\Euro Truck Simulator 2 2015-12-28 20:14 - 2015-09-22 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2015-12-28 20:14 - 2015-09-22 15:41 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer 2015-12-28 14:33 - 2015-08-17 20:42 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-27 23:29 - 2015-05-08 04:05 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-26 03:48 - 2014-11-21 11:03 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 03:48 - 2014-11-21 11:03 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-23 19:32 - 2015-07-16 11:05 - 00000000 ___RD C:\Users\Joe\Desktop\Sheeeeeit 2015-12-23 19:32 - 2015-05-13 19:02 - 00000000 ____D C:\Users\Joe\AppData\Roaming\OBS 2015-12-23 19:11 - 2015-09-15 10:06 - 00000000 ____D C:\Users\Joe\.gimp-2.8 2015-12-22 21:14 - 2013-08-22 09:44 - 00337864 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-22 18:43 - 2015-05-13 19:02 - 00000000 ____D C:\Program Files\OBS 2015-12-21 15:38 - 2015-10-10 18:59 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-12-20 14:34 - 2015-05-15 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-20 14:34 - 2015-05-15 19:05 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-20 14:05 - 2015-05-20 18:46 - 00000000 ____D C:\Users\Joe\Downloads\LiveSetup 2015-12-20 12:33 - 2015-06-27 14:01 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2015-12-20 11:44 - 2015-06-13 19:41 - 00000000 ____D C:\Users\Joe\AppData\Roaming\TeamViewer 2015-12-19 20:43 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-12-19 20:30 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\NDF 2015-12-18 17:45 - 2015-05-09 14:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-12-18 17:45 - 2015-05-09 14:52 - 00000000 ___SD C:\Windows\system32\GWX 2015-12-16 15:04 - 2015-06-21 11:41 - 00000000 ____D C:\Program Files\Rockstar Games 2015-12-16 15:04 - 2015-06-21 11:41 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-12-12 17:06 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache 2015-12-11 21:41 - 2015-06-23 17:54 - 00000000 ____D C:\Users\Joe\AppData\Local\DayZ 2015-12-08 22:39 - 2015-07-23 16:01 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-08 20:51 - 2015-05-15 19:20 - 01846016 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-12-08 20:51 - 2015-05-15 19:20 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-12-08 20:51 - 2015-05-15 19:20 - 01530240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-12-08 20:51 - 2015-05-15 19:20 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-12-08 16:10 - 2015-05-09 10:38 - 00000000 ____D C:\Windows\system32\MRT 2015-12-08 16:06 - 2015-05-09 10:38 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-03 15:03 - 2015-05-08 03:48 - 00000000 ____D C:\ProgramData\Skype 2015-12-03 14:54 - 2015-05-09 05:23 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-03 14:54 - 2015-05-09 05:23 - 00003670 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2015-10-21 16:04 - 2015-10-21 16:04 - 0003806 _____ () C:\Users\Joe\AppData\Local\recently-used.xbel Some files in TEMP: ==================== C:\Users\Joe\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Joe\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Joe\AppData\Local\Temp\nvSCPAPISvr.exe C:\Users\Joe\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-30 16:10 ==================== End of FRST.txt ============================
  6. Hello, I recently purchased a bitcoin miner so me and my friends can mine. The next day I woke up in the morning and turned on my PC and started a steam download for a game so it would download when I was at school. When I returned from school I saw chrome open with a fake adobe flash player website and at the bottom of chrome, the download bar was full of stuff I didn't download. I've done endless scans with Malware bytes (yes I have premium) and nothing has been detected. Also my PC crashes a lot, not from overheating because I have 4 case fans and a water cooler and the temperature never goes past 70•F. I don't know what other programs this one virus has downloaded but I'm afraid I might also have a keylogger so I haven't been signing into my steam account or my emails. Any help would be greatly appreciated. Also I have about 4 different MBAM services running. Thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.