Jump to content

tacnker

Members
  • Content Count

    22
  • Joined

  • Last visited

About tacnker

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. # DelFix v1.013 - Logfile created 11/09/2017 at 21:08:33 # Updated 17/04/2016 by Xplode # Username : CniiperAc3 - DESKTOP-5OFL8IF # Operating System : Windows 10 Pro (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\CniiperAc3\Desktop\FRST-OlderVersion Deleted : C:\Users\CniiperAc3\Desktop\mbar Deleted : C:\FRST64.exe Deleted : C:\TDSSKiller.3.1.0.15_11.09.2017_18.17.47_log.txt Deleted : C:\Users\CniiperAc3\Desktop\Addition.txt Deleted : C:\Users\CniiperAc3\Desktop\adwcleaner_7.0.2.1.exe Deleted : C:\Users\CniiperAc3\Desktop\Fixlog.txt Deleted : C:\Users\CniiperAc3\Desktop\FRST.txt Deleted : C:\Users\CniiperAc3\Desktop\FRST64.exe Deleted : C:\Users\CniiperAc3\Desktop\Rkill.txt Deleted : C:\Users\Public\Desktop\RogueKiller.lnk Deleted : C:\Users\CniiperAc3\Downloads\Addition.txt Deleted : C:\Users\CniiperAc3\Downloads\aswMBR (1).exe Deleted : C:\Users\CniiperAc3\Downloads\aswMBR (2).exe Deleted : C:\Users\CniiperAc3\Downloads\aswMBR (3).exe Deleted : C:\Users\CniiperAc3\Downloads\aswMBR.exe Deleted : C:\Users\CniiperAc3\Downloads\ComboFix.exe Deleted : C:\Users\CniiperAc3\Downloads\Fixlog.txt Deleted : C:\Users\CniiperAc3\Downloads\FRST.txt Deleted : C:\Users\CniiperAc3\Downloads\JRT.exe Deleted : C:\Users\CniiperAc3\Downloads\tdsskiller (1).exe Deleted : C:\Users\CniiperAc3\Downloads\tdsskiller.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #51 [Removed Microsoft Silverlight | 08/31/2017 02:15:39] Deleted : RP #52 [Installed Sophos Virus Removal Tool. | 09/05/2017 22:52:29] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2017 02 Ran by CniiperAc3 (11-09-2017 20:16:36) Running from C:\Users\CniiperAc3\Desktop Windows 10 Pro Version 1607 (X64) (2017-03-08 18:39:39) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-241418353-3479239940-2468962699-500 - Administrator - Disabled) CniiperAc3 (S-1-5-21-241418353-3479239940-2468962699-1001 - Administrator - Enabled) => C:\Users\CniiperAc3 DefaultAccount (S-1-5-21-241418353-3479239940-2468962699-503 - Limited - Disabled) defaultuser0 (S-1-5-21-241418353-3479239940-2468962699-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-241418353-3479239940-2468962699-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{E99F3005-A18B-4BF7-B751-7E780C5E87F0}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{26ABF655-7062-4BBB-B954-F21DF44A1D76}) (Version: 2.9.0.2 - Intel) Hidden µTorrent (HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) 3DMark (HKLM\...\{55B50DFB-C31F-4D90-9B7F-75233BE6DCC6}) (Version: 2.3.3693.0 - Futuremark) Hidden 3DMark (HKLM-x32\...\{39f8dcb1-5f2e-4057-980e-f463756a0465}) (Version: 2.3.3693.0 - Futuremark) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Action! (HKLM-x32\...\Mirillis Action!) (Version: 2.4.1 - Mirillis) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated) Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden APP Shop v1.0.31 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.31 - ASRock Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - ) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blue Satin Skin (HKLM-x32\...\{FB7D6550-9260-42E6-83C8-BF3A7E54442F}) (Version: 2.2.1 - Screaming Bee) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.34.1574 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.80 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee) Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee) Discord (HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Driver Easy 5.5.3 (HKLM\...\DriverEasy_is1) (Version: 5.5.3 - Easeware) Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.5.53.158 - OSToto Co., Ltd.) Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - ) Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Futuremark SystemInfo (HKLM-x32\...\{85F94959-7098-4B55-9F39-27D880FE5BA1}) (Version: 5.1.620.0 - Futuremark) Galactic Voices (HKLM-x32\...\{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}) (Version: 1.3.1 - Screaming Bee) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{e0c04d85-bdcb-4572-ac96-c3e248f87a87}) (Version: 2.9.0.2 - Intel) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LawBreakers (HKLM\...\Steam App 350280) (Version: - Boss Key Productions) Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC) Male Voice Pack (HKLM-x32\...\{2CC32E0E-9A10-4BCC-94F0-614F85375F59}) (Version: 1.3.1 - Screaming Bee) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) MEmu (HKLM-x32\...\MEmu) (Version: 2.9.6.1 - Microvirt) Microsoft OneDrive (HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MorphVOX Effects Rack (HKLM-x32\...\{4439ED25-D9ED-4E78-A41E-6C6C5DCEDE62}) (Version: 4.3.0 - Screaming Bee) MorphVOX Pro (HKLM-x32\...\{1DDBB040-3BEB-4057-90BB-B38B5E081D1B}) (Version: 4.3.21 - Screaming Bee) Mozilla Firefox 55.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 55.0.3 (x64 en-US)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) NiceHash Miner 2 0.0.12 (HKLM\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.0.12 - NiceHash) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation) NVIDIA Graphics Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OpenIV (HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\OpenIV) (Version: 2.9.907 - .black/OpenIV Team) Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment) Pascal Coin Wallet, Explorer and JSON-RPC Server (Build 2.1.2) (HKLM-x32\...\Pascal Coin Wallet (Build 2.1.2)_is1) (Version: - Albert Molina 2017) Personality Voices (HKLM-x32\...\{4B886E97-AF5B-46F0-9F48-6BE03149D972}) (Version: 1.0.1 - Screaming Bee) RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R) Real Hide IP (HKLM-x32\...\RealHideIP) (Version: 4.6.1.8 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8233 - Realtek Semiconductor Corp.) Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.1 - Red Giant, LLC) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) RogueKiller version 12.11.14.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.14.0 - Adlice Software) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) Sci-Fi 2 Sound Pack (HKLM-x32\...\{62DC2D57-7AB8-4181-994B-C62D55FCE6F4}) (Version: 1.3.1 - Screaming Bee) Sci-Fi Sound Pack (HKLM-x32\...\{D16C611D-CA6F-402B-9EDA-9862CF4A701B}) (Version: 1.1.1 - Screaming Bee) Sci-Fi Voice Pack (HKLM-x32\...\{BC038C91-D3C6-4E43-8439-B65976FE7937}) (Version: 1.3.1 - Screaming Bee) Security Task Manager 2.1i (HKLM-x32\...\Security Task Manager) (Version: 2.1i - Neuber Software) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited) Sp5 (HKLM-x32\...\{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (HKLM-x32\...\{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (HKLM-x32\...\{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (HKLM-x32\...\{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 - Microsoft) Hidden Special Effects Voices (HKLM-x32\...\{913C4C4F-9E3E-41A6-A614-1BDC1352A225}) (Version: 1.0.2 - Screaming Bee) Spooky Sounds (HKLM-x32\...\{F71EBF86-9A73-44C0-A674-55FA3E4A8428}) (Version: 2.1.1 - Screaming Bee) SpPhones (HKLM-x32\...\{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteamVR Performance Test (HKLM\...\Steam App 323910) (Version: - Valve) Sylenth1 v1.01.3 (HKLM-x32\...\Sylenth1_is1) (Version: - ) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Text-To-VoIP Plug-in (HKLM-x32\...\{C1A6E1A4-B337-41B5-B580-30EB1FF76D56}) (Version: 4.0.0 - Screaming Bee) Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal) Translator Fun Voice Pack (HKLM-x32\...\{C39768C1-82E7-4466-8526-2D8AC44B768F}) (Version: 1.5.1 - Screaming Bee) Trapcode Suite v13.1.1 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.1 - Red Giant, LLC) Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{D264BD11-6A9B-11E4-A4F7-F04DA23A5C58}) (Version: 13.0.428 - Sony) Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 2.00 - NCH Software) VRMark (HKLM\...\{7136C393-4272-4B52-8477-6A8C48C6B818}) (Version: 1.0.1272.0 - Futuremark) Hidden VRMark (HKLM-x32\...\{540e0642-dd45-4d9e-b83b-439f10cf90b1}) (Version: 1.0.1272.0 - Futuremark) vShare Helper (HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\vShare Helper) (Version: 1.7.4.0 - vShare.com Co.,LTD) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Workplace Backgrounds (HKLM-x32\...\{13304708-E115-4044-82DA-88A6F5424359}) (Version: 1.0.0 - Screaming Bee) XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-241418353-3479239940-2468962699-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-08D9C32F85B6}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-241418353-3479239940-2468962699-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-04] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-04] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-09-04] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-04] (AVAST Software) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers1: [ObjectDockShellExt] -> {1984D045-52CF-49cd-DB77-08F378FEA4DB} => C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll -> No File ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-04] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers4: [ObjectDockShellExt] -> {1984D045-52CF-49cd-DB77-08F378FEA4DB} => C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-21] (NVIDIA Corporation) ContextMenuHandlers5: [ObjectDockShellExt] -> {1984D045-52CF-49cd-DB77-08F378FEA4DB} => C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll -> No File ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-09-04] () ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-04] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [ObjectDockShellExt] -> {1984D045-52CF-49cd-DB77-08F378FEA4DB} => C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0689AD10-85D0-4642-877D-8EE8F0BE38C4} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {09CB1855-0EF9-4C6D-894E-408FAD434F40} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-5OFL8IF-CniiperAc3 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {0B59D743-A116-4695-A9F1-353C89645AA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) Task: {0CEB691F-B239-43A4-9EBA-58D48001F827} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) Task: {220CCAB0-C556-41F5-8931-7C184E71E943} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-04] (AVAST Software) Task: {2B3EE477-2527-4FBE-9F33-DDEB647B9859} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-04-12] (GIGABYTE Technology Co.,Ltd.) Task: {333DDF7D-3AC2-4791-930D-126E8F40F003} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {62BE9234-B30C-4011-93EE-C244EEC03BAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation) Task: {65A8C63A-C7D8-466E-984A-73DECC2F9F15} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation) Task: {6C57D0B1-4C27-4554-9630-A473C5112070} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {756B056A-2E0F-4670-865F-AAAC6E25EB53} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation) Task: {77390926-723D-4130-8B3B-CDFD3215C7BF} - System32\Tasks\{EA52D602-8C3C-42F2-9210-7B75552AEEC1} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.35.0.103/en/go/help.faq.installer?LastError=1618 Task: {7AB4D074-C0BB-434E-9BE7-EDBA6134DF08} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {7AD7CF51-1257-4072-8C58-097D34C7920F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {7BB3B6CE-0FFC-47B5-B243-9A84B2B42D54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {8BAE2566-E8BC-47D8-80E6-F94E9E2E0546} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: {9FF312A6-9962-4CF1-AAAC-83B0DA75344D} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.) Task: {ACED94AA-07FA-4FA6-826E-9F7F4EFB2AFD} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2016-12-02] () Task: {C0421717-49A3-45B4-AEFF-67E4475506F9} - System32\Tasks\tvhostservice.exe => C:\Program Files (x86)\Mircosoft\tvhost.exe Task: {C2D4D23E-2322-4A23-8995-A36E315C202F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) Task: {D8727A5F-3075-4C60-AD8C-D4E2CC89E9AB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation) Task: {E05E73B6-1172-4C50-811A-2D8BBC3D10BC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {E1D0F8E7-6FFD-42F7-B054-020BEB684D20} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {F235F047-B25D-4A06-BFE8-51ED4086873E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-01] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\CniiperAc3\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm Shortcut: C:\Users\CniiperAc3\Desktop\A Folder\Mirillis Action!\Action!_crack.lnk -> C:\Program Files (x86)\Mirillis\Action!\Action!.bat () Shortcut: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Оpеrа.lnk -> C:\Program Files (x86)\Opera\launcher.bat (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Оpеrа.lnk -> C:\Program Files (x86)\Opera\launcher.bat (No File) ShortcutWithArgument: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Until AM for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-07-30 10:13 - 2017-06-21 03:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-08-04 00:38 - 2017-08-21 19:10 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-13 17:56 - 2017-01-13 17:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-12-24 21:50 - 2017-08-18 00:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-06-07 16:09 - 2017-06-07 16:09 - 000598528 _____ () C:\Users\CniiperAc3\AppData\Local\MEGAsync\ShellExtX64.dll 2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2017-03-08 14:15 - 2017-03-08 14:15 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 21:51 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-08-23 06:46 - 2017-08-23 06:47 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 06:46 - 2017-08-23 06:47 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-23 06:46 - 2017-08-23 06:47 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-23 06:46 - 2017-08-23 06:47 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-09-04 11:24 - 2017-09-04 11:24 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-08-28 20:46 - 2017-08-23 04:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll 2017-08-28 20:46 - 2017-08-23 04:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll 2017-03-14 21:51 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 21:51 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 21:51 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-08-08 20:22 - 2017-03-04 02:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-08-08 20:22 - 2017-08-01 14:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-08-08 20:22 - 2017-08-01 14:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-04-11 22:22 - 2017-03-28 02:26 - 003388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000180904 _____ () c:\program files (x86)\ostotosoft\drivertalent\ldrvsvc.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000254824 _____ () c:\program files (x86)\ostotosoft\drivertalent\updater\checkupdate.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000172200 _____ () c:\program files (x86)\ostotosoft\drivertalent\substat.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000174760 _____ () c:\program files (x86)\ostotosoft\drivertalent\DtlPlug.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000113832 _____ () c:\program files (x86)\ostotosoft\drivertalent\dstudp.dll 2017-08-04 21:05 - 2017-06-12 04:00 - 000126120 _____ () c:\program files (x86)\ostotosoft\drivertalent\udp.dll 2016-12-24 21:50 - 2017-08-18 00:36 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-01-21 22:43 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll 2017-01-21 22:43 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll 2016-12-24 21:50 - 2017-08-18 00:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-01-21 22:43 - 2016-10-25 09:03 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Led\GvFireware.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HideMyIpSRV => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 07:47 - 2017-09-11 17:31 - 000000993 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\CniiperAc3\Downloads\5wjpNuT.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AvastUI.exe" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "DSATray" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\StartupFolder: => "Stardock ObjectDock.lnk" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\StartupFolder: => "rubies.lnk" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "H0RZ62RXOE" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "C0Z40QW3XB" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "MTS1JYOJHN" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "AppleIEDAV" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "steinbach" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "jen" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "MinerGateGui" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\StartupApproved\Run: => "" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{CC0640FF-8C3D-4A93-A00A-3F67045A734D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{24D2CDC4-AAE5-4448-89D2-E920A7F196E8}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{CBFC2F5B-36BD-4AF2-89F1-078DDEF5BC5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{30D728DB-E868-4C60-A73B-ECB3F8B26804}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3F6F0DB7-8782-4698-B7EB-C30197D546EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1AFF6F41-A944-48ED-97FF-5BF8DB42C84B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{7ED40654-BE8A-4725-90D8-D1A2364E5775}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3BF6F7B0-E37A-407F-9972-44D6B89CA4D8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{1A2069C2-E3BD-40CC-B6AF-280F9367A6D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{BFF3B730-05BD-4512-89A0-0B6F5C0871FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{46EA7329-5877-426D-9A2D-2CCCBAA2B1DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{D3EB2BBE-9AC9-41D0-8444-4FFC6B3FAD17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{D1EAC248-A35F-4A29-84E2-C762E33DAFE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{C268063F-D20F-4580-AB18-6523985AEC92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2B12FFB6-563E-4DB0-991B-A9027ACC33A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3CDBEDAB-D9E2-40F7-BD1F-D07E3F069BC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{53CA5BC1-1157-421E-B17D-121E2E6AD026}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe FirewallRules: [UDP Query User{3CC036F4-CE3C-4025-920E-C6A330BAD355}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe FirewallRules: [{D69D4086-49A1-480A-8E49-F65F02A2A175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{82676035-6963-4BBD-BFD5-F4A65F86C14C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{9948B5AE-3BF9-4BA9-9D13-2B885180CD72}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{CEDFC905-5302-4784-9AC8-93766749BFF5}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{CCA616B2-32CA-479B-9BF9-EB77A2DDF414}C:\users\cniiperac3\desktop\mw2 by olive\iw4m.exe] => (Block) C:\users\cniiperac3\desktop\mw2 by olive\iw4m.exe FirewallRules: [UDP Query User{ABE76E38-269E-439D-99CF-7122161F31E8}C:\users\cniiperac3\desktop\mw2 by olive\iw4m.exe] => (Block) C:\users\cniiperac3\desktop\mw2 by olive\iw4m.exe FirewallRules: [TCP Query User{006416F8-BBCF-4B7A-946B-0CBBD0C27FEE}C:\users\cniiperac3\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cniiperac3\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{26B71B7D-5F36-43B6-A029-6FA534B531F4}C:\users\cniiperac3\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cniiperac3\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{981385B4-8F0D-47A6-8CA1-EB197396EF7A}C:\games\call of duty black ops 2\t6mpv43.exe] => (Allow) C:\games\call of duty black ops 2\t6mpv43.exe FirewallRules: [UDP Query User{87C1511A-C50A-44CF-A661-106AE1D82571}C:\games\call of duty black ops 2\t6mpv43.exe] => (Allow) C:\games\call of duty black ops 2\t6mpv43.exe FirewallRules: [{675E4ADD-7442-4C63-B5EB-39BCE4248E06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F7527681-0DBD-4BAA-8303-41FDD7FC21FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AD947A09-C1DF-415B-907B-11646CD1559E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4BC30DAC-C163-463B-A276-215780FC574A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{563D6F65-5C97-4719-9DA6-A2404D1ED54F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{68A59EDD-C56C-4E14-A1A6-E02127362E0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CBB85D01-406A-449D-A799-D59D777E5A8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BE75668E-DD70-483A-9523-3C0A4EC00647}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{0AC47885-20A1-4F7E-B340-E8D4EDCDDFDE}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{5AB09553-C334-4241-863C-D1A68E372076}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [TCP Query User{2095CB61-8403-4777-B8B2-AEC1B65C716F}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe FirewallRules: [UDP Query User{5957C830-6AF5-4246-9EAA-410953F8BE1C}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe FirewallRules: [{FF81BC42-C302-42E9-B684-B9E0A559D188}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶䍜瑩汯獥瑯敦楲䍜瑩汯獥瑯敦楲攮數 FirewallRules: [{2BD608D1-D2C3-4E5B-9398-0AF2D994D5C0}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶䍜瑩汯獥瑯敦楲䍜瑩汯獥瑯敦楲⹟硥e FirewallRules: [TCP Query User{ED62ECB6-0CCC-403F-A14F-2C664F20C1E2}C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe FirewallRules: [UDP Query User{28982DCB-348D-4F6E-BFBB-C7C8628EBF09}C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe FirewallRules: [{136CF960-686B-4DD3-8FA1-0F8009FB1945}] => (Allow) C:\Program Files (x86)\Hide My IP 6\HideMyIP.exe FirewallRules: [{575D28A0-8B99-4E37-BB51-8444365F6321}] => (Allow) C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe FirewallRules: [{5C2A2BBF-4443-4152-9C76-D6378F2C7D53}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe FirewallRules: [{E28E72B7-644E-4E9F-99FD-807A2B55D095}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe FirewallRules: [TCP Query User{340F8F94-9742-47AA-B311-A34E288ECCAC}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{DD60444F-1A6C-4123-A5E3-74ABAC04EAAE}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{3B96AA52-0840-437D-B425-EE6FF120A650}C:\program files (x86)\call of duty infinite warfare\iw7_ship.exe] => (Allow) C:\program files (x86)\call of duty infinite warfare\iw7_ship.exe FirewallRules: [UDP Query User{ADABCD49-D7D3-471F-8AB8-EBF8E5854EBB}C:\program files (x86)\call of duty infinite warfare\iw7_ship.exe] => (Allow) C:\program files (x86)\call of duty infinite warfare\iw7_ship.exe FirewallRules: [{CD90B096-7624-41CA-9A4A-060F73467902}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{67FB935C-054B-49D8-9CA4-5C9E847424E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{420A95FC-47EE-417F-A7C7-495991369506}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{823B7408-F2B3-4A87-91E8-C42011BA14D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{062A57C3-ECF5-4832-8710-4666656AE3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C086E153-2FDC-446A-AFFD-F1DA4EE57A51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe FirewallRules: [{2134A67D-6AA5-484D-9223-45DE79E3BDB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe FirewallRules: [{5B7ECDAE-8231-475D-9D8A-28B45B8282A9}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe FirewallRules: [{0796A50B-0144-46E2-9EEB-088CB4F9A9A5}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe FirewallRules: [{3CE14BD8-8E36-45A6-B0DF-7152F56C78BD}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe FirewallRules: [{61A3FECF-C3DD-4244-9408-4DEAF53144C0}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe FirewallRules: [{64467B62-4F39-4DF2-9B5D-AC3D2B5F7507}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe FirewallRules: [{61DE20FF-2754-4567-8442-757701355840}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LawBreakers\ShooterGame\Binaries\Win64\LawBreakers.exe FirewallRules: [TCP Query User{54C50A79-556C-475C-A27B-00D8EF4853C9}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe FirewallRules: [UDP Query User{853361B6-DD4C-459E-9715-7F371A46ECF8}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe FirewallRules: [TCP Query User{DCB3F2F6-20A8-4CF3-94EE-2F1290014B0A}C:\users\cniiperac3\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe] => (Allow) C:\users\cniiperac3\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe FirewallRules: [UDP Query User{93274C75-9B7C-4421-9E1A-1E5426730465}C:\users\cniiperac3\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe] => (Allow) C:\users\cniiperac3\appdata\roaming\ethereum wallet\binaries\geth\unpacked\geth.exe FirewallRules: [TCP Query User{2205B63A-5203-42DC-9817-559A93AF9FCF}C:\users\cniiperac3\desktop\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe] => (Allow) C:\users\cniiperac3\desktop\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe FirewallRules: [UDP Query User{C6C1B442-649F-4884-84FC-6EFF516A62BE}C:\users\cniiperac3\desktop\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe] => (Allow) C:\users\cniiperac3\desktop\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe FirewallRules: [TCP Query User{42770CF6-0F62-40D9-A90B-F533F339F67A}C:\program files (x86)\pascal coin\pascalcoinwallet.exe] => (Allow) C:\program files (x86)\pascal coin\pascalcoinwallet.exe FirewallRules: [UDP Query User{C3B0A8A2-B8BC-44AE-8F0A-6464BABD157B}C:\program files (x86)\pascal coin\pascalcoinwallet.exe] => (Allow) C:\program files (x86)\pascal coin\pascalcoinwallet.exe FirewallRules: [{BC5A974B-08B0-4F59-A8C7-4C30924BBD45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{C3A84A3C-6D2C-45E3-BC46-6679F5BAC0E6}] => (Allow) C:\Program Files (x86)\Deibler\discomfited.exe FirewallRules: [{5BE0EB14-CF21-4A41-948C-74690CFDA710}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{21055ED7-E72A-4106-AE0B-C40F2040DD50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{0CD26C06-AA86-4F5F-9547-E9EA225A133F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{9E923390-DEC1-4557-B088-038253443FCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{2B8B8288-E324-4AEA-BFEA-CF46789DA918}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D1C54861-9D86-43E6-9FD2-C11F96624249}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe FirewallRules: [TCP Query User{2A94DE06-1A5F-4E05-B2FC-19B286CFAAB6}C:\users\cniiperac3\desktop\a folder\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe] => (Allow) C:\users\cniiperac3\desktop\a folder\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe FirewallRules: [UDP Query User{B97E1885-5A8F-4CF8-B7BE-48D80789A8C9}C:\users\cniiperac3\desktop\a folder\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe] => (Allow) C:\users\cniiperac3\desktop\a folder\claymore.s.dual.ethereum.decred_siacoin_lbry_pascal.amd.nvidia.gpu.miner.v9.8\ethdcrminer64.exe FirewallRules: [{2C721D53-3B10-425B-B57F-BE8523BEC0FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7949CB7F-3168-4848-A22E-4957049CE52D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 30-08-2017 22:15:39 Removed Microsoft Silverlight 05-09-2017 18:52:29 Installed Sophos Virus Removal Tool. ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/11/2017 08:01:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2 Faulting module name: ntdll.dll, version: 10.0.14393.1532, time stamp: 0x5965abad Exception code: 0xc0000374 Fault offset: 0x00000000000f8363 Faulting process id: 0x1974 Faulting application start time: 0x01d32b5a28e075ec Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 90675902-fe2f-4c1d-a33c-2c0d66184874 Faulting package full name: Faulting package-relative application ID: Error: (09/11/2017 07:25:21 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (09/11/2017 07:25:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.14393.1593, time stamp: 0x5980c918 Faulting module name: eModel.dll, version: 11.0.14393.1593, time stamp: 0x5980ca0d Exception code: 0xc0000409 Fault offset: 0x00000000000d47a0 Faulting process id: 0x2604 Faulting application start time: 0x01d32b5538aa9e5a Faulting application path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Faulting module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll Report Id: 5ca1f9c5-bbd3-4f14-a887-63b6e3a52b99 Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (09/11/2017 05:38:15 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/11/2017 05:34:05 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/11/2017 05:10:52 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/11/2017 05:04:07 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/11/2017 03:34:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1016 Error: (09/11/2017 03:34:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1016 Error: (09/11/2017 03:34:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (09/11/2017 08:15:25 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 08:15:25 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 07:42:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/11/2017 06:26:29 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 06:26:29 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 06:22:52 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 06:22:52 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/11/2017 05:45:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/11/2017 05:38:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (09/11/2017 05:38:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. CodeIntegrity: =================================== Date: 2017-09-11 19:28:00.476 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-11 06:15:24.299 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-10 04:18:11.479 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-09 08:17:15.654 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-08 06:51:17.458 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-07 03:49:18.214 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-06 03:52:48.594 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-05 04:09:18.671 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-04 11:43:30.081 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-09-04 11:42:45.466 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Percentage of memory in use: 34% Total physical RAM: 16336.03 MB Available physical RAM: 10685.45 MB Total Virtual: 17360.03 MB Available Virtual: 12047.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.02 GB) (Free:456.09 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 23309991) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2017 02 Ran by CniiperAc3 (administrator) on DESKTOP-5OFL8IF (11-09-2017 20:15:31) Running from C:\Users\CniiperAc3\Desktop Loaded Profiles: CniiperAc3 (Available Profiles: defaultuser0 & CniiperAc3) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Led\GvLedService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-28] (Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-04] (AVAST Software) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [137976 2017-08-10] (Intel) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [Discord] => C:\Users\CniiperAc3\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [MTS1JYOJHN] => "C:\Program Files\2IPVBJGPP8\2IPVBJGPP.exe" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [C0Z40QW3XB] => "C:\Program Files\OBLM5HVP8C\IP3UXLL83.exe" HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1092920 2017-02-16] (Apple Inc.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-05-09] (Apple Inc.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-05-09] (Apple Inc.) HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe HKU\S-1-5-21-241418353-3479239940-2468962699-1001\...\Run: [ASRockRuefi] => [X] HKU\S-1-5-18\...\Run: [XDM] => C:\Program Files (x86)\Subhra Das Gupta\Xtreme Download Manager\xdm.exe -m Startup: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-09-11] ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe () Startup: C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-12-25] ShortcutTarget: MEGAsync.lnk -> C:\Users\CniiperAc3\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{19b5480a-8a32-42a1-9fa8-7e38e709c3f7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{19b5480a-8a32-42a1-9fa8-7e38e709c3f7}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7b542c95-21fe-49df-bea4-4bdf7f40c0ea}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{90a338c1-5824-4186-bfd2-22716c1b919b}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{90a338c1-5824-4186-bfd2-22716c1b919b}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{95da4add-063e-4549-bb84-5c1faeeb6f10}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{f8f4da70-042b-11e7-8bdb-806e6f6e6963}: [NameServer] 8.8.8.8 Internet Explorer: ================== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-95d4aabb&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-95d4aabb&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-95d4aabb&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-95d4aabb&q={searchTerms} SearchScopes: HKU\S-1-5-21-241418353-3479239940-2468962699-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-30] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-30] (Oracle Corporation) Edge: ====== Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-06-12] FireFox: ======== FF DefaultProfile: ufzyd0we.default FF ProfilePath: C:\Users\CniiperAc3\AppData\Roaming\Mozilla\Firefox\Profiles\ufzyd0we.default [2017-09-06] FF Extension: (Avast SafePrice) - C:\Users\CniiperAc3\AppData\Roaming\Mozilla\Firefox\Profiles\ufzyd0we.default\Extensions\sp@avast.com.xpi [2017-09-04] FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-30] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-21] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/ CHR Profile: C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default [2017-09-11] CHR Extension: (Google Slides) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-13] CHR Extension: (Google Docs) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-13] CHR Extension: (Google Drive) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-13] CHR Extension: (Adguard AdBlocker) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-08-01] CHR Extension: (Authenticator) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2017-08-20] CHR Extension: (YouTube) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-13] CHR Extension: (Adblock Plus) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-02] CHR Extension: (Tampermonkey) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-08-11] CHR Extension: (ARC Welder) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2017-08-01] CHR Extension: (Google Sheets) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-13] CHR Extension: (Google Docs Offline) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15] CHR Extension: (AdBlock) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-09] CHR Extension: (Avast Online Security) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-05] CHR Extension: (Until AM Web App) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2017-08-01] CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2017-08-01] CHR Extension: (Until AM for Chrome) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2017-08-01] CHR Extension: (Video Downloader GetThemAll) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-08-01] CHR Extension: (Chrome Web Store Payments) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21] CHR Extension: (Gmail) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-13] CHR Extension: (Chrome Media Router) - C:\Users\CniiperAc3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-02] CHR HKU\S-1-5-21-241418353-3479239940-2468962699-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-04] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-04] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-08-26] () S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-08-02] (BlueStack Systems, Inc.) R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [22264 2017-08-10] (Intel) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (Futuremark) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 LDrvSvc; C:\Program Files (x86)\OSTotoSoft\DriverTalent\LDrvSvc.dll [180904 2017-06-12] () R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 NGS; C:\WINDOWS\NGService.exe [2466888 2017-08-09] (NEXON Korea Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-21] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889888 2017-08-01] (Microsoft Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2017-08-18] () [File not signed] R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) S2 HideMyIpSRV; C:\Program Files (x86)\Hide My IP 6\HideMyIpSRV.exe [X] S2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ADSPIDEREX; C:\WINDOWS\system32\drivers\adspiderex.sys [55664 2015-12-28] ((주)디지탈온넷) S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-08-05] (ASRock Incorporation) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-04] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-04] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-04] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-04] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-04] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-04] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-04] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-04] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-04] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-04] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-04] (AVAST Software) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164592 2017-08-28] (Qualcomm Atheros, Inc.) R3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM) R3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM) S3 KillerEth; C:\WINDOWS\System32\drivers\e24w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-14] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-09-11] (Malwarebytes) R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-08-21] (NVIDIA Corporation) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-06-15] (Anchorfree Inc.) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-04-21] (The OpenVPN Project) R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [File not signed] R3 VCSVADHWSer; C:\WINDOWS\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) S3 voxaldriver; C:\WINDOWS\system32\DRIVERS\voxaldriverx64.sys [52976 2017-08-20] () S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-09-04] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-09-04] (Zemana Ltd.) S0 zbdqgde; System32\drivers\vsoeszad.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2081-09-15 03:34 - 2017-09-08 20:11 - 000002378 _____ C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2081-09-15 03:34 - 2017-09-08 20:11 - 000000000 ___RD C:\Users\CniiperAc3\OneDrive 2081-09-15 03:32 - 2081-09-15 03:32 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\TileDataLayer 2081-09-15 03:32 - 2081-09-15 03:32 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Publishers 2081-09-15 03:32 - 2017-08-11 19:50 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Adobe 2081-09-15 03:32 - 2017-08-09 13:48 - 000000000 __RHD C:\Users\Public\AccountPictures 2081-09-15 03:32 - 2017-06-12 15:11 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Packages 2081-09-15 03:32 - 2017-04-24 20:30 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\VirtualStore 2081-09-15 03:32 - 2016-12-24 15:08 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\ConnectedDevicesPlatform 2081-09-15 03:31 - 2081-09-15 03:31 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore 2081-09-15 03:31 - 2081-09-15 03:31 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer 2081-09-15 03:31 - 2081-09-15 03:31 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform 2081-09-15 03:31 - 2017-03-08 14:27 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages 2081-09-15 03:29 - 2081-09-15 03:29 - 000000000 _SHDL C:\Documents and Settings 2017-09-11 20:15 - 2017-09-11 20:15 - 000000000 ____D C:\Users\CniiperAc3\Desktop\FRST-OlderVersion 2017-09-11 19:25 - 2017-09-11 20:10 - 000000000 ____D C:\ProgramData\RogueKiller 2017-09-11 19:25 - 2017-09-11 19:25 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-09-11 19:25 - 2017-09-11 19:25 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-09-11 19:25 - 2017-09-11 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-09-11 19:25 - 2017-09-11 19:25 - 000000000 ____D C:\Program Files\RogueKiller 2017-09-11 19:24 - 2017-09-11 19:24 - 035835424 _____ (Adlice Software ) C:\Users\CniiperAc3\Downloads\setup.exe 2017-09-11 18:17 - 2017-09-11 18:19 - 000144186 _____ C:\TDSSKiller.3.1.0.15_11.09.2017_18.17.47_log.txt 2017-09-11 17:40 - 2017-09-11 17:40 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-09-11 17:35 - 2017-09-11 19:27 - 000000000 ____D C:\AdwCleaner 2017-09-11 00:12 - 2017-09-11 17:37 - 091488256 _____ C:\WINDOWS\system32\config\SOFTWARE 2017-09-10 21:04 - 2017-09-10 21:04 - 018357776 _____ (Microsoft Corporation) C:\Users\CniiperAc3\Downloads\MediaCreationTool (1).exe 2017-09-10 20:45 - 2017-09-10 20:55 - 000000000 ____D C:\ESD 2017-09-10 20:44 - 2017-09-10 20:44 - 018357776 _____ (Microsoft Corporation) C:\Users\CniiperAc3\Downloads\MediaCreationTool.exe 2017-09-10 20:44 - 2017-09-10 20:44 - 000000000 ____D C:\$Windows.~WS 2017-09-10 20:06 - 2017-09-10 20:06 - 000001790 _____ C:\Users\CniiperAc3\Downloads\redist.txt 2017-09-10 19:44 - 2017-09-10 19:44 - 000001229 _____ C:\Users\CniiperAc3\Downloads\fixlist (3).txt 2017-09-10 19:44 - 2017-09-10 19:44 - 000001229 _____ C:\Users\CniiperAc3\Desktop\fixlist.txt 2017-09-10 18:06 - 2017-09-10 18:06 - 000085595 _____ C:\Users\CniiperAc3\Downloads\FRST.txt 2017-09-10 18:06 - 2017-09-10 18:06 - 000064466 _____ C:\Users\CniiperAc3\Downloads\Addition.txt 2017-09-10 18:06 - 2017-09-10 18:06 - 000029779 _____ C:\Users\CniiperAc3\Downloads\Fixlog.txt 2017-09-10 17:56 - 2017-09-10 17:56 - 000000292 _____ C:\Users\CniiperAc3\Downloads\fixlist (2).txt 2017-09-10 17:55 - 2017-09-10 17:55 - 066347240 _____ (Malwarebytes ) C:\Users\CniiperAc3\Downloads\mb3-setup-consumer-3.2.2.2018 (1).exe 2017-09-10 17:54 - 2017-09-10 17:54 - 000000111 _____ C:\Users\CniiperAc3\Downloads\fixlist (1).txt 2017-09-10 17:51 - 2017-09-10 17:51 - 000000111 _____ C:\Users\CniiperAc3\Downloads\fixlist.txt 2017-09-10 17:50 - 2017-09-10 17:51 - 016564750 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.4.1001 (1).exe 2017-09-10 17:40 - 2017-09-10 17:40 - 005336518 _____ C:\Users\CniiperAc3\Downloads\rakhnidecryptor (1).zip 2017-09-10 17:40 - 2017-09-10 17:40 - 000801040 _____ (Kaspersky Lab ZAO) C:\Users\CniiperAc3\Downloads\xoristdecryptor.exe 2017-09-10 17:39 - 2017-09-10 17:39 - 005336518 _____ C:\Users\CniiperAc3\Downloads\rakhnidecryptor.zip 2017-09-10 17:39 - 2017-09-10 17:39 - 000591870 _____ C:\Users\CniiperAc3\Downloads\rannohdecryptor.zip 2017-09-10 17:38 - 2017-09-10 17:38 - 004922400 _____ (AO Kaspersky Lab) C:\Users\CniiperAc3\Downloads\tdsskiller (1).exe 2017-09-10 17:33 - 2017-09-10 17:34 - 016563352 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.3.1001 (2).exe 2017-09-10 17:29 - 2017-09-10 17:29 - 016563352 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.3.1001 (1).exe 2017-09-06 19:49 - 2017-09-06 20:10 - 000000000 ____D C:\Users\CniiperAc3\Documents\BeamNG.drive 2017-09-06 19:47 - 2017-09-06 19:47 - 000000000 ____D C:\Users\CniiperAc3\Downloads\IGG-BeamNG.drive.v0.5.5 2017-09-06 19:37 - 2017-09-06 19:47 - 2156156956 _____ C:\Users\CniiperAc3\Downloads\IGG-BeamNG.drive.v0.5.5.zip 2017-09-06 17:22 - 2017-09-06 17:22 - 000002500 _____ C:\Users\CniiperAc3\Documents\aswMBR.txt 2017-09-06 17:22 - 2017-09-06 17:22 - 000000512 _____ C:\Users\CniiperAc3\Documents\MBR.dat 2017-09-06 16:31 - 2017-09-06 16:31 - 002105973 _____ C:\Users\CniiperAc3\Downloads\SpyDLLRemover.zip 2017-09-06 16:28 - 2017-09-06 16:28 - 005198336 _____ (AVAST Software) C:\Users\CniiperAc3\Downloads\aswMBR (3).exe 2017-09-06 16:28 - 2017-09-06 16:28 - 001790024 _____ (Malwarebytes) C:\Users\CniiperAc3\Downloads\JRT.exe 2017-09-06 16:27 - 2017-09-06 16:27 - 005659851 _____ (Swearware) C:\Users\CniiperAc3\Downloads\ComboFix.exe 2017-09-06 16:27 - 2017-09-06 16:27 - 005198336 _____ (AVAST Software) C:\Users\CniiperAc3\Downloads\aswMBR (2).exe 2017-09-06 16:26 - 2017-09-06 16:26 - 005198336 _____ (AVAST Software) C:\Users\CniiperAc3\Downloads\aswMBR (1).exe 2017-09-06 16:25 - 2017-09-06 16:25 - 006559869 _____ C:\Users\CniiperAc3\Downloads\PCHunter_free.zip 2017-09-06 16:24 - 2017-09-06 16:24 - 004922400 _____ (AO Kaspersky Lab) C:\Users\CniiperAc3\Downloads\tdsskiller.exe 2017-09-06 16:22 - 2017-09-06 16:22 - 011427128 _____ (Bitdefender LLC) C:\Users\CniiperAc3\Downloads\BootkitRemoval_x64.exe 2017-09-06 16:20 - 2017-09-06 16:20 - 000784152 _____ (McAfee, Inc.) C:\Users\CniiperAc3\Downloads\rootkitremover.exe 2017-09-05 19:59 - 2006-11-01 14:07 - 000334720 _____ (Sysinternals - www.sysinternals.com) C:\Users\CniiperAc3\Desktop\RootkitRevealer.exe 2017-09-05 19:57 - 2017-09-10 17:36 - 000000000 ____D C:\Users\CniiperAc3\Pavark 2017-09-05 19:57 - 2017-09-05 19:57 - 001020640 _____ C:\Users\CniiperAc3\Downloads\antirootkit.exe 2017-09-05 18:53 - 2017-09-05 18:53 - 000000000 ____D C:\ProgramData\Sophos 2017-09-05 18:53 - 2017-09-05 18:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2017-09-05 18:53 - 2017-09-05 18:53 - 000000000 ____D C:\Program Files (x86)\Sophos 2017-09-05 18:51 - 2017-09-05 18:52 - 175519016 _____ (Sophos Limited) C:\Users\CniiperAc3\Downloads\Sophos Virus Removal Tool.exe 2017-09-04 14:47 - 2017-09-11 21:09 - 000000000 _____ C:\Recovery.txt 2017-09-04 13:23 - 2017-09-04 13:23 - 013665032 _____ C:\Users\CniiperAc3\Desktop\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.8(1).zip 2017-09-04 13:00 - 2017-09-10 17:48 - 000000000 ____D C:\Users\CniiperAc3\Desktop\New folder 2017-09-04 12:56 - 2017-09-04 12:56 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\CniiperAc3\Downloads\iExplore64.exe 2017-09-04 11:42 - 2017-09-11 20:15 - 000176848 _____ C:\WINDOWS\ZAM.krnl.trace 2017-09-04 11:42 - 2017-09-11 20:15 - 000055650 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-09-04 11:42 - 2017-09-04 12:02 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-09-04 11:42 - 2017-09-04 11:42 - 005766464 _____ (Zemana Ltd. ) C:\Users\CniiperAc3\Downloads\eXplorer(1).exe 2017-09-04 11:42 - 2017-09-04 11:42 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2017-09-04 11:42 - 2017-09-04 11:42 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2017-09-04 11:42 - 2017-09-04 11:42 - 000001145 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2017-09-04 11:42 - 2017-09-04 11:42 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Zemana 2017-09-04 11:42 - 2017-09-04 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2017-09-04 11:25 - 2017-09-04 11:25 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-09-04 11:25 - 2017-09-04 11:25 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-09-04 11:25 - 2017-09-04 11:25 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-09-04 11:25 - 2017-09-04 11:25 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\AVAST Software 2017-09-04 11:25 - 2017-09-04 11:24 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-09-04 11:25 - 2017-09-04 11:24 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-09-04 11:25 - 2017-09-04 11:24 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-09-04 11:24 - 2017-09-04 11:24 - 000000000 ____D C:\Users\CniiperAc3\Downloads\Avast Premier 2017 2017-09-04 11:23 - 2017-09-04 11:23 - 000000000 ____D C:\Program Files\AVAST Software 2017-09-04 11:13 - 2017-09-11 20:15 - 002397184 _____ (Farbar) C:\Users\CniiperAc3\Desktop\FRST64.exe 2017-09-04 11:12 - 2017-09-04 11:12 - 008182736 _____ (Malwarebytes) C:\Users\CniiperAc3\Desktop\adwcleaner_7.0.2.1.exe 2017-09-04 10:17 - 2017-09-04 10:23 - 000000000 ____D C:\$WINDOWS.~BT 2017-09-04 10:09 - 2017-09-04 10:10 - 066347240 _____ (Malwarebytes ) C:\Users\CniiperAc3\Downloads\mb3-setup-consumer-3.2.2.2018(2).exe 2017-09-04 10:05 - 2017-09-04 10:05 - 000000119 _____ C:\fixlist.txt 2017-09-02 11:42 - 2017-09-02 11:43 - 066347240 _____ (Malwarebytes ) C:\Users\CniiperAc3\Downloads\mb3-setup-consumer-3.2.2.2018(1).exe 2017-09-02 11:03 - 2017-09-02 11:03 - 016564750 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.4.1001(1).exe 2017-09-02 10:57 - 2017-09-11 17:09 - 000003251 _____ C:\Users\CniiperAc3\Desktop\Fixlog.txt 2017-09-02 10:55 - 2017-09-11 20:15 - 000025125 _____ C:\Users\CniiperAc3\Desktop\FRST.txt 2017-09-02 10:55 - 2017-09-10 18:05 - 000064466 _____ C:\Users\CniiperAc3\Desktop\Addition.txt 2017-09-02 10:54 - 2017-09-11 20:15 - 000000000 ____D C:\FRST 2017-09-02 10:43 - 2017-09-02 10:43 - 002395648 _____ (Farbar) C:\FRST64.exe 2017-09-02 10:37 - 2017-09-02 10:37 - 016564750 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.4.1001.exe 2017-09-01 22:49 - 2017-09-10 17:58 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-09-01 22:38 - 2017-09-01 22:38 - 000000000 ____D C:\WINDOWS\pss 2017-09-01 22:20 - 2017-09-01 22:20 - 016563352 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\explorer.exe 2017-09-01 22:17 - 2017-09-01 22:17 - 016563352 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\mbar-1.09.3.1001.exe 2017-09-01 22:15 - 2017-09-01 22:15 - 000784152 _____ (McAfee, Inc.) C:\Users\CniiperAc3\Downloads\iExplorer.exe 2017-09-01 22:13 - 2016-10-06 04:05 - 009534160 _____ (一普明为(北京)信息技术有限公司) C:\Users\CniiperAc3\Desktop\IExplorer.exe 2017-09-01 22:07 - 2017-09-04 12:59 - 000001462 _____ C:\Users\CniiperAc3\Desktop\Rkill.txt 2017-09-01 22:07 - 2017-09-01 22:07 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\CniiperAc3\Downloads\iExplore.exe 2017-09-01 22:00 - 2017-09-01 22:00 - 000000000 ____D C:\Users\CniiperAc3\Documents\mbar 2017-09-01 21:47 - 2017-09-01 21:47 - 005659851 _____ (Swearware) C:\Users\CniiperAc3\Downloads\icloud.exe 2017-09-01 21:39 - 2017-09-01 21:39 - 1384860117 _____ C:\WINDOWS\MEMORY.DMP 2017-09-01 21:39 - 2017-09-01 21:39 - 000662964 _____ C:\WINDOWS\Minidump\090117-23750-01.dmp 2017-09-01 21:35 - 2017-09-01 21:35 - 005198336 _____ (AVAST Software) C:\Users\CniiperAc3\Downloads\aswMBR.exe 2017-09-01 21:34 - 2017-09-01 21:34 - 000000000 ____D C:\Users\CniiperAc3\Downloads\TMRBLog 2017-09-01 17:26 - 2017-09-01 17:26 - 016563352 _____ (Malwarebytes Corp.) C:\Users\CniiperAc3\Downloads\iexplore (2).exe 2017-09-01 17:22 - 2017-09-11 18:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-09-01 17:20 - 2017-09-11 18:16 - 000000000 ____D C:\Users\CniiperAc3\Desktop\mbar 2017-09-01 17:14 - 2017-09-01 17:14 - 000000000 ____D C:\Users\CniiperAc3\Desktop\kts18.0.0.405en-us_full 2017-09-01 17:12 - 2017-05-08 13:06 - 157627472 _____ (Kaspersky Lab) C:\Users\CniiperAc3\Desktop\kts18.0.0.405en-us_full.exe 2017-08-31 19:57 - 2017-08-31 19:59 - 065942208 _____ (Malwarebytes ) C:\Users\CniiperAc3\Downloads\mb3-setup-consumer-3.2.2.2018.exe 2017-08-31 12:18 - 2017-09-06 19:04 - 000000000 ____D C:\Users\CniiperAc3\AppData\LocalLow\Mozilla 2017-08-31 12:18 - 2017-08-31 12:23 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Mozilla 2017-08-31 12:18 - 2017-08-31 12:18 - 000245720 _____ (Mozilla) C:\Users\CniiperAc3\Downloads\Firefox Installer.exe 2017-08-31 12:18 - 2017-08-31 12:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-08-31 12:18 - 2017-08-31 12:18 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-08-31 12:18 - 2017-08-31 12:18 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Mozilla 2017-08-31 12:18 - 2017-08-31 12:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-08-31 12:18 - 2017-08-31 12:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-08-30 22:01 - 2017-08-30 22:01 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignff7dc2a91ed49fbc 2017-08-30 22:01 - 2017-08-30 22:01 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignc1c58facd28588c5 2017-08-30 21:27 - 2017-08-30 21:27 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign3f66c2a40aebd920 2017-08-30 21:26 - 2017-08-30 21:26 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign06486583963eccfb 2017-08-30 21:15 - 2017-08-30 21:15 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignc78a5708a44314e8 2017-08-30 21:15 - 2017-08-30 21:15 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign8a4ff1e046a52690 2017-08-30 21:15 - 2017-08-30 21:15 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign371aee92b18a5548 2017-08-30 21:13 - 2017-08-30 21:13 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity 2017-08-29 20:23 - 2017-08-29 20:23 - 013665032 _____ C:\Users\CniiperAc3\Downloads\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.8.zip 2017-08-29 20:17 - 2017-08-29 20:17 - 011763087 _____ C:\Users\CniiperAc3\Downloads\MinerGate-6.9-win64.exe 2017-08-28 22:18 - 2017-08-28 22:18 - 000000000 ____D C:\Program Files\Realtek 2017-08-28 22:17 - 2017-08-28 22:18 - 000000000 ____D C:\WINDOWS\LastGood 2017-08-28 22:17 - 2017-08-28 22:17 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000406456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000360344 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000203840 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll 2017-08-28 22:17 - 2017-08-28 22:17 - 000154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 001159184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 000877432 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 000737968 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll 2017-08-28 22:16 - 2017-08-28 22:16 - 000378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2017-08-28 22:15 - 2017-08-28 22:16 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 003099544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 001959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 000604800 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 000362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2017-08-28 22:15 - 2017-08-28 22:15 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2017-08-28 22:14 - 2017-08-28 22:15 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 002190984 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2017-08-28 22:14 - 2017-08-28 22:14 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2017-08-28 22:13 - 2017-08-28 22:14 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2017-08-28 22:13 - 2017-08-28 22:13 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2017-08-28 21:44 - 2017-08-28 21:44 - 000054680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2017-08-28 21:44 - 2017-08-28 21:44 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-08-28 21:43 - 2017-08-28 22:13 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll 2017-08-28 21:43 - 2017-08-28 21:43 - 001730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01009.dll 2017-08-28 21:43 - 2017-08-28 21:43 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll 2017-08-28 21:43 - 2017-08-28 21:43 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-08-28 21:43 - 2017-08-28 21:43 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2017-08-28 21:43 - 2017-08-28 21:43 - 000038680 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys 2017-08-28 21:42 - 2017-08-28 21:42 - 013213369 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-08-28 21:42 - 2017-08-28 21:42 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 000852136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2017-08-28 21:42 - 2017-08-28 21:42 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-08-28 21:41 - 2017-08-28 21:42 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 000158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2017-08-28 21:41 - 2017-08-28 21:41 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2017-08-28 21:40 - 2017-08-28 21:41 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2017-08-28 21:40 - 2017-08-28 21:40 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2017-08-28 21:39 - 2017-08-28 21:40 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 001348160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 000209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2017-08-28 21:39 - 2017-08-28 21:39 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-08-28 21:37 - 2017-08-28 21:39 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2017-08-28 21:36 - 2017-08-28 21:37 - 002211296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-08-28 21:36 - 2017-08-28 21:36 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-08-28 21:35 - 2017-08-28 21:35 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-08-28 21:27 - 2017-09-11 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2017-08-28 21:27 - 2017-08-28 22:10 - 000000448 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2017-08-28 21:27 - 2017-08-28 21:27 - 000003930 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan 2017-08-28 21:26 - 2017-08-28 21:27 - 003840047 _____ C:\Users\CniiperAc3\Downloads\Driver Easy v5.5.3 Setup + Crack.rar 2017-08-28 21:15 - 2017-08-28 21:15 - 000001229 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.9.lnk 2017-08-28 21:15 - 2017-08-28 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2017-08-28 21:12 - 2017-08-28 21:12 - 000000000 ____D C:\Users\CniiperAc3\Downloads\Temp 2017-08-28 20:59 - 2017-08-04 01:31 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-08-28 20:59 - 2017-08-04 01:31 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-08-28 20:59 - 2017-08-04 01:31 - 000034656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-08-28 20:59 - 2017-08-04 00:26 - 000192864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-08-26 21:06 - 2017-08-26 21:06 - 000001274 _____ C:\Users\CniiperAc3\Desktop\Uplay.lnk 2017-08-26 21:06 - 2017-08-26 21:06 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2017-08-26 21:06 - 2017-08-26 21:06 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2017-08-26 21:05 - 2017-08-26 21:06 - 076242992 _____ (Ubisoft) C:\Users\CniiperAc3\Downloads\UplayInstaller.exe 2017-08-26 19:44 - 2017-08-26 19:44 - 000000222 _____ C:\Users\CniiperAc3\Desktop\Tom Clancy's Rainbow Six Siege.url 2017-08-25 07:25 - 2017-08-25 07:25 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Steam 2017-08-25 07:25 - 2017-08-25 07:25 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Fallout4 2017-08-25 02:27 - 2017-08-25 02:27 - 000001123 _____ C:\Users\CniiperAc3\Desktop\Fallout 4.lnk 2017-08-25 02:15 - 2017-09-05 10:36 - 000000000 ____D C:\Program Files (x86)\Fallout 4 2017-08-24 23:02 - 2017-08-24 23:02 - 000000000 ____D C:\Users\CniiperAc3\Downloads\Game of Thrones S07E06 HD - Good Audio [Leaked] - [ECLiPSE] 2017-08-24 23:01 - 2017-08-25 02:03 - 000000000 ____D C:\Users\CniiperAc3\Downloads\Fallout.4-CODEX 2017-08-24 22:58 - 2017-08-24 22:58 - 002091598 _____ (AppsForMega.info ) C:\Users\CniiperAc3\Downloads\mega.nz - MegaDownloader.exe 2017-08-24 22:58 - 2017-08-24 22:58 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\MegaDownloader 2017-08-24 22:44 - 2017-08-24 22:49 - 000001100 _____ C:\Users\Public\Desktop\Real Hide IP.lnk 2017-08-24 22:44 - 2017-08-24 22:49 - 000000000 ____D C:\Program Files (x86)\RealHideIP 2017-08-24 22:41 - 2017-08-24 22:41 - 000000000 ____D C:\Users\CniiperAc3\Downloads\Real Hide IP v4.0.9.8+Creak[kkhan][SilverRG] 2017-08-24 22:36 - 2017-08-24 22:38 - 007277235 _____ C:\Users\CniiperAc3\Downloads\B150 Gaming K4Hyper(1.30)WIN.zip 2017-08-24 22:24 - 2017-08-24 22:24 - 000000000 ___HD C:\$AV_ASW 2017-08-24 21:57 - 2017-09-04 11:25 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-08-24 21:57 - 2017-08-24 21:57 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO4edb.tmp 2017-08-24 21:54 - 2017-08-24 21:54 - 005872920 _____ C:\Users\CniiperAc3\Downloads\Avast Premier 2017.rar 2017-08-24 21:51 - 2017-08-24 21:51 - 000000000 ____D C:\Users\CniiperAc3\Downloads\CCleaner (Pro) 2017-08-24 21:50 - 2017-08-24 21:50 - 008006636 _____ C:\Users\CniiperAc3\Downloads\CCleaner (Pro).rar 2017-08-24 21:48 - 2017-08-24 21:48 - 015139472 _____ (Windscribe ) C:\Users\CniiperAc3\Downloads\Windscribe.exe 2017-08-24 21:31 - 2017-08-25 07:23 - 000000000 ____D C:\Users\CniiperAc3\AppData\LocalLow\uTorrent 2017-08-24 20:47 - 2017-08-24 20:47 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-08-24 20:47 - 2017-08-21 18:33 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-08-24 20:47 - 2017-06-15 15:32 - 000541984 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-08-24 20:47 - 2017-06-15 15:32 - 000525088 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-08-24 20:47 - 2017-06-15 15:32 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-08-24 20:47 - 2017-06-15 15:32 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-08-24 20:45 - 2017-08-21 21:01 - 040240248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 035924600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 035314112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 029019072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 023132184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 018849456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 013782904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 012225984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 011692344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 010072768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 004162496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 003590592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438541.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001597888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438541.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001292096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001289840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001008816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001007280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000972736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000690320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000617232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-08-24 20:45 - 2017-08-21 21:01 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-08-24 20:45 - 2017-08-21 21:01 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-08-24 19:55 - 2017-08-24 19:55 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\MaskMyIP 2017-08-24 19:55 - 2017-08-24 19:55 - 000000000 ____D C:\ProgramData\MaskMyIP 2017-08-24 19:54 - 2017-08-24 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mask My IP 2017-08-23 12:50 - 2017-08-23 12:50 - 000000000 ____D C:\Users\CniiperAc3\AppData\LocalLow\Creta 2017-08-23 12:49 - 2017-02-22 05:39 - 000000000 ____D C:\Users\CniiperAc3\Desktop\MyProjects 2017-08-22 20:32 - 2017-08-30 11:48 - 000000000 ____D C:\Users\CniiperAc3\Desktop\A Folder 2017-08-22 20:28 - 2017-09-02 10:17 - 000000000 ____D C:\Users\CniiperAc3\Downloads\ALL ZIP 2017-08-22 19:54 - 2017-08-22 19:54 - 000000000 ____D C:\ProgramData\rgt 2017-08-22 19:41 - 2017-08-22 19:41 - 000000000 ____D C:\Users\CniiperAc3\Documents\Stardock 2017-08-22 19:41 - 2017-08-22 19:41 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\ODUI 2017-08-22 19:32 - 2017-08-22 19:32 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Stardock 2017-08-22 19:15 - 2017-08-28 21:03 - 000000000 ____D C:\Program Files (x86)\Stardock 2017-08-22 19:15 - 2017-08-28 21:02 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Stardock 2017-08-22 19:15 - 2017-08-28 21:02 - 000000000 ____D C:\ProgramData\Stardock 2017-08-22 18:54 - 2017-08-22 18:54 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Mirillis 2017-08-22 18:54 - 2017-08-22 18:54 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Mirillis 2017-08-22 18:54 - 2017-08-22 18:54 - 000000000 ____D C:\ProgramData\Mirillis 2017-08-22 18:48 - 2017-08-22 18:48 - 000000000 ____D C:\Action! 2017-08-22 18:47 - 2017-08-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2017-08-22 18:47 - 2017-08-22 18:47 - 000000000 ____D C:\Program Files (x86)\Mirillis 2017-08-20 14:12 - 2017-08-20 15:17 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Screaming Bee 2017-08-20 14:06 - 2017-08-20 14:12 - 000000000 ____D C:\ProgramData\Screaming Bee 2017-08-20 14:06 - 2017-08-20 14:12 - 000000000 ____D C:\Program Files (x86)\Screaming Bee 2017-08-20 14:06 - 2017-08-20 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee 2017-08-20 13:56 - 2017-08-20 15:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2017-08-20 13:56 - 2017-08-20 13:56 - 000052976 _____ C:\WINDOWS\system32\Drivers\voxaldriverx64.sys 2017-08-20 13:56 - 2017-08-20 13:56 - 000002281 _____ C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2017-08-20 13:56 - 2017-08-20 13:56 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2017-08-20 13:56 - 2017-08-20 13:56 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxal Voice Changer.lnk 2017-08-20 13:56 - 2017-08-20 13:56 - 000001167 _____ C:\Users\CniiperAc3\AppData\Roaming\trace_FilterInstaller.txt 2017-08-20 13:56 - 2017-08-20 13:56 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\NCH Software 2017-08-20 13:56 - 2017-08-20 13:56 - 000000000 ____D C:\ProgramData\NCH Software 2017-08-20 13:56 - 2017-08-20 13:56 - 000000000 ____D C:\Program Files (x86)\NCH Software 2017-08-20 13:56 - 2017-08-20 13:56 - 000000000 _____ C:\Users\CniiperAc3\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2017-08-20 13:47 - 2017-08-20 13:55 - 000000239 _____ C:\Users\CniiperAc3\Documents\ClownfishVoiceChanger.ini 2017-08-20 13:47 - 2017-08-20 13:47 - 000000000 ____D C:\Users\CniiperAc3\Documents\ClownfishSoundTemp 2017-08-19 01:20 - 2017-08-19 01:20 - 000010752 _____ C:\WINDOWS\SetupAfterRebootService.exe 2017-08-19 01:09 - 2017-08-19 01:09 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\PascalCoin 2017-08-19 01:09 - 2017-08-19 01:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pascal Coin 2017-08-19 01:09 - 2017-08-19 01:09 - 000000000 ____D C:\Program Files (x86)\Pascal Coin 2017-08-19 00:30 - 2017-08-19 00:30 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Jaxx 2017-08-19 00:22 - 2017-09-11 16:12 - 000000000 ____D C:\Users\CniiperAc3\Desktop\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.8 2017-08-19 00:08 - 2017-08-22 20:36 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Ethereum Wallet 2017-08-19 00:08 - 2017-08-19 00:08 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Ethereum 2017-08-18 21:14 - 2017-08-18 21:15 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\nhm2 2017-08-18 21:14 - 2017-08-18 21:14 - 000002022 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NiceHash Miner 2.lnk 2017-08-18 21:13 - 2017-08-18 21:14 - 000000000 ____D C:\Program Files\NiceHash Miner 2 2017-08-18 17:35 - 2017-08-09 20:34 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438528.dll 2017-08-18 17:35 - 2017-08-09 20:34 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438528.dll 2017-08-18 17:28 - 2017-08-28 21:45 - 000164592 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys 2017-08-14 20:21 - 2017-09-04 11:21 - 000000000 ____D C:\Program Files (x86)\Router Port Forwarding 2017-08-14 18:25 - 2017-08-14 18:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2017-08-14 13:54 - 2017-05-18 22:17 - 001499368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll 2017-08-14 13:54 - 2017-05-18 22:17 - 000716880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll 2017-08-14 13:54 - 2017-05-18 22:17 - 000166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2017-08-14 13:54 - 2017-05-18 22:17 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys 2017-08-14 13:49 - 2017-08-14 13:49 - 000000000 ____D C:\Program Files\SAMSUNG 2017-08-14 13:42 - 2017-08-14 13:42 - 000000000 ____D C:\ProgramData\Samsung 2017-08-13 18:10 - 2017-08-13 18:10 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign5c3b66af2543da3d 2017-08-13 18:10 - 2017-08-13 18:10 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign1c716ba6f45cbda2 2017-08-13 18:08 - 2017-08-13 18:08 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign8ea532723caa9c8f 2017-08-13 13:13 - 2017-08-13 13:13 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign12b63c63db8b0770 2017-08-13 13:05 - 2017-08-13 13:05 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignc4c72957c7bbe265 2017-08-13 12:48 - 2017-08-13 12:48 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign236f3a316703b60a 2017-08-13 12:40 - 2017-08-13 12:40 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignc1a70863d1c66160 2017-08-13 10:38 - 2017-08-13 10:38 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsigne41dab6d52598cc8 2017-08-13 10:38 - 2017-08-13 10:38 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsigna89c075241ddf9cf 2017-08-13 10:38 - 2017-08-13 10:38 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign77a510966eec5b02 2017-08-13 10:38 - 2017-08-13 10:38 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign37b486043bfae795 2017-08-12 23:38 - 2017-08-12 23:38 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignf8f80f6680b83cec 2017-08-12 23:36 - 2017-08-12 23:36 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign100ba2d966cd0e44 2017-08-12 21:51 - 2017-08-12 21:51 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign2b710df3ec2db704 2017-08-12 21:39 - 2017-08-12 21:39 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsignb3483f7f07ada744 2017-08-12 21:35 - 2017-08-12 21:35 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign74ae32e025c72cd0 2017-08-12 20:55 - 2017-08-12 21:18 - 000000081 _____ C:\Users\CniiperAc3\AppData\Local\FILM_AE_LogFile.txt 2017-08-12 20:52 - 2017-08-12 20:52 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Tempzxpsign595e1886e18a5087 2017-08-12 20:52 - 2017-08-12 20:52 - 000000000 ____D C:\Program Files (x86)\Red Giant Link 2017-08-12 20:52 - 2016-12-01 15:43 - 014733824 _____ C:\WINDOWS\system32\UniChooser.dll 2017-08-12 20:52 - 2016-12-01 15:43 - 013148672 _____ (Red Giant Software) C:\WINDOWS\system32\Gpu_Shader_Engine_x64.dll 2017-08-12 20:52 - 2016-12-01 15:43 - 005528064 _____ (Noesis Technologies) C:\WINDOWS\system32\Noesis.dll 2017-08-12 20:30 - 2017-08-12 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-08-12 20:30 - 2017-08-12 20:30 - 000000000 ____D C:\Program Files\7-Zip 2017-08-12 20:21 - 2017-08-12 20:21 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\Subhra Das Gupta ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-11 19:56 - 2017-03-08 14:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-11 19:25 - 2016-12-24 22:33 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\CrashDumps 2017-09-11 19:21 - 2017-08-03 23:55 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-11 18:50 - 2016-12-24 15:10 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Battle.net 2017-09-11 18:21 - 2017-03-08 14:26 - 000000000 ____D C:\Users\CniiperAc3 2017-09-11 18:20 - 2017-06-02 13:30 - 000000000 ____D C:\Program Files (x86)\Blizzard App 2017-09-11 17:41 - 2017-08-03 23:55 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-11 17:40 - 2017-08-03 23:55 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-09-11 17:39 - 2017-03-08 14:35 - 000003500 _____ C:\WINDOWS\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE 2017-09-11 17:39 - 2017-03-08 14:23 - 000000000 ____D C:\ProgramData\NVIDIA 2017-09-11 17:39 - 2017-01-21 22:43 - 000000000 ____D C:\Users\CniiperAc3\Documents\temp 2017-09-11 17:38 - 2017-03-08 14:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-11 17:37 - 2016-07-16 02:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2017-09-11 17:31 - 2017-08-11 21:43 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7 2017-09-11 17:19 - 2017-03-08 14:26 - 000000000 ____D C:\Users\defaultuser0 2017-09-11 17:02 - 2017-03-08 14:37 - 000001908 _____ C:\WINDOWS\diagwrn.xml 2017-09-11 17:02 - 2017-03-08 14:37 - 000001908 _____ C:\WINDOWS\diagerr.xml 2017-09-11 17:01 - 2017-07-30 11:46 - 000000000 ____D C:\WINDOWS\Panther 2017-09-11 06:13 - 2017-03-02 19:52 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Adobe 2017-09-11 00:12 - 2017-03-08 17:53 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2017-09-10 21:00 - 2016-07-16 02:04 - 018087936 _____ C:\WINDOWS\system32\config\HARDWARE 2017-09-08 20:11 - 2017-07-30 09:34 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-241418353-3479239940-2468962699-1001 2017-09-07 09:14 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-06 09:05 - 2016-07-16 07:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-05 09:39 - 2016-12-25 11:04 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-09-05 09:39 - 2016-12-25 11:04 - 000000000 ____D C:\ProgramData\Skype 2017-09-04 21:18 - 2017-03-06 20:08 - 000000000 ____D C:\Program Files (x86)\Intel Driver Update Utility 2017-09-04 21:09 - 2017-05-20 11:02 - 000003514 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics 2017-09-04 12:00 - 2017-03-24 19:43 - 000000000 ____D C:\Users\CniiperAc3\Desktop\PC 2017-09-04 11:23 - 2017-01-15 01:16 - 000000000 ____D C:\ProgramData\AVAST Software 2017-09-02 14:27 - 2017-08-05 14:00 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2017-09-01 21:39 - 2017-04-14 17:56 - 000000000 ____D C:\WINDOWS\Minidump 2017-08-31 19:49 - 2017-06-25 15:34 - 000000000 ____D C:\Program Files (x86)\Overwatch 2017-08-31 00:22 - 2016-12-24 16:36 - 000000000 ____D C:\Program Files (x86)\Steam 2017-08-30 21:57 - 2017-04-06 19:27 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\.minecraft 2017-08-30 21:14 - 2017-03-27 21:41 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\audacity 2017-08-30 20:47 - 2017-03-08 14:35 - 002777800 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-30 12:24 - 2016-12-30 10:54 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2017-08-30 12:23 - 2016-12-30 10:54 - 000000000 ____D C:\Program Files\Rockstar Games 2017-08-29 17:29 - 2017-02-10 10:46 - 000000000 ____D C:\Program Files (x86)\Origin 2017-08-28 22:18 - 2017-08-04 20:59 - 000000000 ____D C:\WINDOWS\system32\DAX3 2017-08-28 22:18 - 2017-03-08 14:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-08-28 22:18 - 2017-03-08 14:23 - 000000000 ____D C:\WINDOWS\system32\DAX2 2017-08-28 22:17 - 2016-07-16 07:45 - 000000000 ____D C:\WINDOWS\INF 2017-08-28 21:45 - 2016-09-20 15:04 - 000893416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys 2017-08-28 21:44 - 2017-08-04 00:37 - 001624144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2017-08-28 21:44 - 2017-08-04 00:37 - 000227408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2017-08-28 21:44 - 2016-09-07 01:59 - 000205984 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2017-08-28 21:36 - 2017-08-04 20:58 - 003517496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2017-08-28 21:36 - 2017-08-04 20:58 - 000023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2017-08-28 21:35 - 2017-08-04 20:58 - 005899752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2017-08-28 21:18 - 2017-08-04 21:05 - 000000000 ____D C:\ProgramData\DriverTalent 2017-08-28 21:17 - 2016-12-24 21:48 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-28 21:15 - 2017-03-06 20:07 - 000000000 ____D C:\ProgramData\Intel 2017-08-28 21:14 - 2017-03-24 19:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel 2017-08-28 21:02 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-08-28 21:00 - 2016-07-16 07:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-28 20:55 - 2017-08-09 20:16 - 000000000 ____D C:\Games 2017-08-28 20:51 - 2017-02-11 20:11 - 000000000 ____D C:\Program Files\Opera 2017-08-28 20:46 - 2017-08-01 21:57 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-27 21:02 - 2017-01-21 12:30 - 000000000 ____D C:\Users\CniiperAc3\AppData\Local\Ubisoft Game Launcher 2017-08-26 21:08 - 2017-01-21 12:34 - 000000000 ____D C:\Users\CniiperAc3\Documents\My Games 2017-08-25 07:23 - 2017-01-15 01:15 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\uTorrent 2017-08-24 22:49 - 2017-04-24 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Hide IP 2017-08-24 21:59 - 2017-08-04 22:37 - 000000000 ____D C:\Temp 2017-08-24 21:04 - 2017-01-28 14:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-08-24 20:48 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-08-24 20:47 - 2017-03-08 14:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-08-24 20:47 - 2016-12-24 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-08-24 20:28 - 2017-03-08 14:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-08-24 18:44 - 2016-12-25 12:22 - 000000000 ____D C:\Users\CniiperAc3\Documents\MEGAsync Downloads 2017-08-24 18:37 - 2017-05-14 17:21 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:37 - 2017-03-08 14:35 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:35 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-08-24 18:36 - 2017-03-08 14:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-08-22 19:18 - 2016-12-25 12:22 - 000000000 ___RD C:\Users\CniiperAc3\Documents\MEGA 2017-08-22 18:54 - 2016-07-16 07:47 - 000001631 _____ C:\WINDOWS\system32\Drivers\etc\HOSTS.BACKUP 2017-08-21 21:01 - 2017-08-04 00:37 - 004210360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-08-21 21:01 - 2017-08-04 00:37 - 003712024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-08-21 21:01 - 2017-08-04 00:37 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-08-21 21:01 - 2017-08-04 00:37 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-08-21 21:01 - 2017-08-04 00:37 - 000057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-08-21 21:01 - 2017-08-04 00:37 - 000046453 _____ C:\WINDOWS\system32\nvinfo.pb 2017-08-21 19:10 - 2017-08-04 00:38 - 006463424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 002479224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 001762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 000082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-08-21 19:10 - 2017-08-04 00:38 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-08-21 18:54 - 2017-08-04 00:38 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-08-20 15:15 - 2017-03-07 20:16 - 000000000 ___HD C:\Program Files (x86)\Temp 2017-08-19 03:10 - 2017-08-04 00:38 - 008142301 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-08-18 17:27 - 2017-03-07 20:16 - 000000000 ____D C:\Program Files (x86)\Realtek 2017-08-18 17:13 - 2016-12-24 21:12 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-18 17:12 - 2017-08-04 21:05 - 000000000 ____D C:\Users\CniiperAc3\AppData\Roaming\DriverTalent 2017-08-18 00:37 - 2016-12-24 21:50 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-08-18 00:37 - 2016-12-24 21:50 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-08-18 00:37 - 2016-12-24 21:50 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-08-18 00:37 - 2016-12-24 21:50 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-08-18 00:37 - 2016-12-24 21:50 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-08-18 00:36 - 2017-06-29 20:19 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-08-18 00:36 - 2017-06-29 20:19 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-08-17 12:26 - 2017-04-13 22:32 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-08-14 19:18 - 2017-08-03 23:55 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-08-12 21:24 - 2017-03-02 20:00 - 000000000 ____D C:\Program Files\Adobe 2017-08-12 20:52 - 2017-08-11 21:30 - 000000000 ____D C:\Program Files\Red Giant 2017-08-12 20:52 - 2017-08-11 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant 2017-08-12 20:52 - 2017-08-11 19:54 - 000000000 ____D C:\Program Files (x86)\Red Giant 2017-08-12 18:43 - 2017-08-11 19:54 - 000000000 ____D C:\ProgramData\Red Giant 2017-08-12 14:33 - 2016-07-16 07:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports ==================== Files in the root of some directories ======= 2017-08-20 13:56 - 2017-08-20 13:56 - 000001167 _____ () C:\Users\CniiperAc3\AppData\Roaming\trace_FilterInstaller.txt 2017-08-20 13:56 - 2017-08-20 13:56 - 000000000 _____ () C:\Users\CniiperAc3\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2016-12-27 11:12 - 2017-01-06 18:44 - 000000320 _____ () C:\Users\CniiperAc3\AppData\Roaming\WB.CFG 2017-03-08 17:13 - 2017-03-08 17:13 - 016961221 _____ () C:\Users\CniiperAc3\AppData\Roaming\Win7-KB3134760-x86.msu 2017-08-10 14:06 - 2017-08-10 14:06 - 000000000 _____ () C:\Users\CniiperAc3\AppData\Local\Driver_LOM_8171Present.flag 2017-08-12 20:55 - 2017-08-12 21:18 - 000000081 _____ () C:\Users\CniiperAc3\AppData\Local\FILM_AE_LogFile.txt 2017-03-08 14:23 - 2017-03-08 14:23 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2016-12-25 13:28 - 2017-01-16 19:15 - 000010108 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-25 13:28 - 2017-01-14 22:10 - 000011774 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Some files in TEMP: ==================== 2017-09-11 19:25 - 2017-07-12 02:14 - 001886896 _____ (Microsoft Corporation) C:\Users\CniiperAc3\AppData\Local\Temp\dllnt_dump.dll 2017-09-05 19:58 - 2017-09-05 19:58 - 000473984 _____ (Sysinternals - www.sysinternals.com) C:\Users\CniiperAc3\AppData\Local\Temp\GKZPY.exe 2017-09-05 19:59 - 2017-09-05 19:59 - 000469888 _____ (Sysinternals - www.sysinternals.com) C:\Users\CniiperAc3\AppData\Local\Temp\PQJB.exe 2017-08-23 18:56 - 2017-08-23 18:56 - 003926944 _____ () C:\Users\CniiperAc3\AppData\Local\Temp\setup.dll 2017-09-05 19:59 - 2017-09-05 19:59 - 000334720 _____ (Sysinternals - www.sysinternals.com) C:\Users\CniiperAc3\AppData\Local\Temp\ZSPBU.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-08 14:21 ==================== End of FRST.txt ============================
  3. RogueKiller V12.11.14.0 (x64) [Sep 11 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.14393) 64 bits version Started in : Normal mode User : CniiperAc3 [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Delete -- Date : 09/11/2017 19:25:58 (Duration : 00:35:37) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 6 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-241418353-3479239940-2468962699-1001\Software\eSupport.com -> Deleted [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-241418353-3479239940-2468962699-1001\Software\IM -> Deleted [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-241418353-3479239940-2468962699-1001\Software\eSupport.com -> Deleted [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-241418353-3479239940-2468962699-1001\Software\IM -> Deleted [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A1AB9F84-9C34-4153-8249-AA9625975FB2}C:\users\cniiperac3\appdata\local\temp\commongamedownloader\268_1484729011_27211\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cniiperac3\appdata\local\temp\commongamedownloader\268_1484729011_27211\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Deleted [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{6D7AF7F2-DC72-479C-924F-EE9D7D4E28E2}C:\users\cniiperac3\appdata\local\temp\commongamedownloader\268_1484729011_27211\teniodl.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cniiperac3\appdata\local\temp\commongamedownloader\268_1484729011_27211\teniodl.exe|Name=teniodl.exe|Desc=teniodl.exe|Defer=User| [x] -> Deleted ¤¤¤ Tasks : 1 ¤¤¤ [Suspicious.Path] \SystemMaintanceService -- C:\Users\CniiperAc3\AppData\Roaming\PLANET.COASTER.v1.2.3.Proper.Repack\bteoi.exe (/upgradeid=f561932c-0bef-41b9-9289-b7d5c099b86b) -> Deleted ¤¤¤ Files : 19 ¤¤¤ [PUP.Gen1][Folder] C:\ProgramData\SecTaskMan -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_AnonymizerLauncher5032560D.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_chrome45C9CC0F.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_discomfited1F973400.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_discomfited23A43400.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_Discord34511D5 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_Discord34511D5.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_Origin1A70836E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_Origin1A70836E.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_uninstallclean33AC37C.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_utorrentie638FEC6.memory -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_xdm5395140B -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\c_xdm5395140B.file -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_008BB29E5CCB52C41820CAC2B3C7C7E1 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_008BB29E5CCB52C41820CAC2B3C7C7E1.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_040BBDD1BEB3750409BB3BB8E580D1B1 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_040BBDD1BEB3750409BB3BB8E580D1B1.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0487B66DB9A64E11F8DE0FD42AA3C585 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0487B66DB9A64E11F8DE0FD42AA3C585.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0556D7BF06296E24388CFBA3E74544F2 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0556D7BF06296E24388CFBA3E74544F2.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0AA7CFB2C445A3E47869763FEB56B59E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_0AA7CFB2C445A3E47869763FEB56B59E.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_11DB462DB9A64E114A7F0FD42AA3C585 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_11DB462DB9A64E114A7F0FD42AA3C585.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_12342rg -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_12346db -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_12350vi4 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_141695A05D79AF54291889FDFA845D97 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_141695A05D79AF54291889FDFA845D97.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_153AA053AF120723B8A73845437E66DA -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_153AA053AF120723B8A73845437E66DA.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1926E8D15D0BCE53481466615F760A7F -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1926E8D15D0BCE53481466615F760A7F.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_19C830CB6C3D34E448936B9567EF9773 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_19C830CB6C3D34E448936B9567EF9773.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1af2a8da7e60d0b429d7e6453b3d0182 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1af2a8da7e60d0b429d7e6453b3d0182.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1C86793C7E2866445862D2A84CB467F8 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1C86793C7E2866445862D2A84CB467F8.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1D5E3C0FEDA1E123187686FED06E995A -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1D5E3C0FEDA1E123187686FED06E995A.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1E33B4DFEA425354AAB761B203BF75DC -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1E33B4DFEA425354AAB761B203BF75DC.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1F764691F11C67F458B88521DA8CB349 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1F764691F11C67F458B88521DA8CB349.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1FF70B21BC92CA544B39D18BB87E71DB -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_1FF70B21BC92CA544B39D18BB87E71DB.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_21EE4A31AE32173319EEFE3BD6FDFFE3 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_21EE4A31AE32173319EEFE3BD6FDFFE3.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_22BEFC8F7E2A1793E9ADB411DEFE1C58 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_22BEFC8F7E2A1793E9ADB411DEFE1C58.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_23F78D254E07843418840C9B3FB53141 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_23F78D254E07843418840C9B3FB53141.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_24C995FA5E2A15247BEE94522C7691EF -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_24C995FA5E2A15247BEE94522C7691EF.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_33CB2A05DC9C1FB38AFF351CA0B081C3 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_33CB2A05DC9C1FB38AFF351CA0B081C3.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_349C514E5E73F374B8EA40C365371442 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_349C514E5E73F374B8EA40C365371442.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_360C99E9697B5954ABD49F756FECE538 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_360C99E9697B5954ABD49F756FECE538.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_376C2B0CAACED273495E8E49040D78DA -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_376C2B0CAACED273495E8E49040D78DA.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_393C6317272425B44877A6C8846C8B81 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_393C6317272425B44877A6C8846C8B81.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_3ACB61C11CBE6F946832F8FB9BCC8C27 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_3ACB61C11CBE6F946832F8FB9BCC8C27.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_47CA2FBBC0273BC32819E543302923AF -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_47CA2FBBC0273BC32819E543302923AF.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_4A1E6A1C733B5B145B0803BEF17FD665 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_4A1E6A1C733B5B145B0803BEF17FD665.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_4EA42A62D9304AC4784BF2468110440F -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_4EA42A62D9304AC4784BF2468110440F.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_5141FFD492C48A44FB4DB2EC42C99419 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_5141FFD492C48A44FB4DB2EC42C99419.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_52DE9344DE9D87E44AE1C6C6D5ECED26 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_52DE9344DE9D87E44AE1C6C6D5ECED26.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_5CF0251881539E04893007ECA808D170 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_5CF0251881539E04893007ECA808D170.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_62DBF9290209B993A9A757D1160F9B24 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_62DBF9290209B993A9A757D1160F9B24.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_63ECB07F2F5257449A8126903B8DB53F -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_63ECB07F2F5257449A8126903B8DB53F.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_67D6ECF5CD5FBA732B8B22BAC8DE1B4D -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_67D6ECF5CD5FBA732B8B22BAC8DE1B4D.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_68B56259E88126F3C9BD06CF5EE97C12 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_68B56259E88126F3C9BD06CF5EE97C12.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_68FBE17F37A90C446A4755AFE3A44882 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_68FBE17F37A90C446A4755AFE3A44882.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6B57110C575662545AB5B22C1FB00A38 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6B57110C575662545AB5B22C1FB00A38.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6C9593C6E3493B44ABDA75B0401B435E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6C9593C6E3493B44ABDA75B0401B435E.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6E8D947A316B3EB3F8F540C548BE2AB9 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6E8D947A316B3EB3F8F540C548BE2AB9.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6F9E66FF7E38E3A3FA41D89E8A906A4A -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_6F9E66FF7E38E3A3FA41D89E8A906A4A.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7385A00EC284ECD44BCC1DB64333471E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7385A00EC284ECD44BCC1DB64333471E.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_75D2CD268BA7181499B46CD255CF6E4F -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_75D2CD268BA7181499B46CD255CF6E4F.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_79E688B4B5FA0F64F984B60E13949D27 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_79E688B4B5FA0F64F984B60E13949D27.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7C9F8B73BF303523781852719CD9C700 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7C9F8B73BF303523781852719CD9C700.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7CE21EBEFD062C14AA8CB052681FC569 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7CE21EBEFD062C14AA8CB052681FC569.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7F730C2107A8EF5499B85827F23F6F90 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7F730C2107A8EF5499B85827F23F6F90.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7F74F06532BE1B44AACF66F7C18DEFC5 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_7F74F06532BE1B44AACF66F7C18DEFC5.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_80740331511E440428AD886A5F243495 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_80740331511E440428AD886A5F243495.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_812CEC76052BC4B42BF35A79CED81B35 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_812CEC76052BC4B42BF35A79CED81B35.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_818DCFD4A63092246AD7FC71CD64D129 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_818DCFD4A63092246AD7FC71CD64D129.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_84b9c17023c712640acaf308593282f8 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_84b9c17023c712640acaf308593282f8.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_8BFDDD6597F70844985D521E5FA22BF8 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_8BFDDD6597F70844985D521E5FA22BF8.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_95670B54553BD294187721DA137E3E6E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_95670B54553BD294187721DA137E3E6E.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_95949F58890755B4F993728D08EFB51A -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_95949F58890755B4F993728D08EFB51A.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9629F375220AF6C479DBFC31617A3696 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9629F375220AF6C479DBFC31617A3696.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9A5A19FCD01FD3346A7759508BE4FAB1 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9A5A19FCD01FD3346A7759508BE4FAB1.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9A6CE1FEED719AD30B0486A6E1A8B840 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9A6CE1FEED719AD30B0486A6E1A8B840.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9AC8D4457624E3F42AD5F1027A769755 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9AC8D4457624E3F42AD5F1027A769755.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9CF8D198D6272F64DA0C0E066ABED13C -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_9CF8D198D6272F64DA0C0E066ABED13C.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A089CE062ADB6BC44A720BA745894BAC -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A089CE062ADB6BC44A720BA745894BAC.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A419E7B35D3992A429BBFAC8F3664C13 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A419E7B35D3992A429BBFAC8F3664C13.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A5837C0F02D93F541810503D38881508 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_A5837C0F02D93F541810503D38881508.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_AD95A1B5CE1DA3C49A69FD10A1A06986 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_AD95A1B5CE1DA3C49A69FD10A1A06986.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_b25099274a207264182f8181add555d0 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_b25099274a207264182f8181add555d0.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_BFD05B55F13C09D4B9F75732B36ECD6C -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_BFD05B55F13C09D4B9F75732B36ECD6C.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_C025571B2A687A53689168CD7369889B -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_C025571B2A687A53689168CD7369889B.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_c1c4f01781cc94c4c8fb1542c0981a2a -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_c1c4f01781cc94c4c8fb1542c0981a2a.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_C3AEB2FCAE628F23AAB933F1E743AB79 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_C3AEB2FCAE628F23AAB933F1E743AB79.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_CA4ECB96275917232ABF4932DB3AA634 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_CA4ECB96275917232ABF4932DB3AA634.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D116C61DF6ACB204E9AD8926FCA407B1 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D116C61DF6ACB204E9AD8926FCA407B1.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D20352A90C039D93DBF6126ECE614057 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D20352A90C039D93DBF6126ECE614057.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D5ADFB912EF152F4799FA197DD40EE02 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D5ADFB912EF152F4799FA197DD40EE02.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D7314F9862C648A4DB8BE2A5B47BE100 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_D7314F9862C648A4DB8BE2A5B47BE100.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_DC8A59DBF9D1DA5389A1E3975220E6BB -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_DC8A59DBF9D1DA5389A1E3975220E6BB.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_E0E23CC201A9CCB4490F16F45873F595 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_E0E23CC201A9CCB4490F16F45873F595.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_E1B219C9DD60FE34BBB254BCC288ABEA -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_E1B219C9DD60FE34BBB254BCC288ABEA.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_EFEE0228DC83E77358593193D847A0EC -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_EFEE0228DC83E77358593193D847A0EC.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F1E3C4F5CF78DB142B914E51B6DBA85E -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F1E3C4F5CF78DB142B914E51B6DBA85E.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F4C4C319E3E96A146A41B1CD31252A52 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F4C4C319E3E96A146A41B1CD31252A52.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F60730A4A66673047777F5728467D401 -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_F60730A4A66673047777F5728467D401.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_FBE1F8087ED525440B2E55BEEBC4544F -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\icm_FBE1F8087ED525440B2E55BEEBC4544F.dll -> Deleted [PUP.Gen1][File] C:\ProgramData\SecTaskMan\ItemsState.ini -> Deleted [PUP.Gen1][File] C:\Users\Public\Desktop\Driver Easy.lnk [LNK@] C:\PROGRA~1\Easeware\DRIVER~1\DRIVER~1.EXE -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Roaming\Easeware -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\akyx4g4g.zuq -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\ccurachh.myn\point64.cat -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\ccurachh.myn\point64.inf -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\ccurachh.myn\point64.sys -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\ccurachh.myn\wdfcoinstaller01011.dll -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\ccurachh.myn -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers\Drivers.data -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\drivers -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\license.dat -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Roaming\Easeware\DriverEasy -> Deleted [PUP.Gen1][File] C:\Users\CniiperAc3\AppData\Roaming\Microsoft\Windows\Recent\Easeware.Driver.Core.lnk [LNK@] C:\PROGRA~1\Easeware\DRIVER~1\EASEWA~2.DLL -> Deleted [Tr.Gen0][File] C:\Users\CniiperAc3\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Deleted [Tr.Gen0][File] C:\Users\CniiperAc3\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Deleted [Tr.Gen0][File] C:\Users\CniiperAc3\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Deleted [Tr.Gen0][File] C:\Users\CniiperAc3\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Deleted [Tr.Gen0][File] C:\Users\CniiperAc3\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Local\eSupport.com -> Deleted [PUP.Gen1][Folder] C:\Users\CniiperAc3\AppData\Local\PackageAware -> Deleted [PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy\Driver Easy.lnk [LNK@] C:\PROGRA~1\Easeware\DRIVER~1\DRIVER~1.EXE -> Deleted [PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy\Uninstall Driver Easy.lnk [LNK@] C:\PROGRA~1\Easeware\DRIVER~1\unins000.exe -> Deleted [PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com -> Deleted [PUP.Gen1][Folder] C:\ProgramData\SecTaskMan -> ERROR [3] [PUP.Gen1][Folder] C:\Program Files\Easeware -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\7z\7z.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\7z\7z86.dll -> Deleted [PUP.Gen1][Folder] C:\Program Files\Easeware\DriverEasy\7z -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\7zip_license.txt -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\DriverEasy.exe -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\DriverEasy.exe.config -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.CheckScheduledScan.exe -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.CheckScheduledScan.exe.config -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exe -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.ConfigLanguageFromSetup.exe.config -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.Driver.Backup.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Easeware.Driver.Core.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\HardwareInfo\HardwareInfo.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\HardwareInfo\HardwareInfo64.dll -> Deleted [PUP.Gen1][Folder] C:\Program Files\Easeware\DriverEasy\HardwareInfo -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Interop.WUApiLib.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\Map.xml -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\SevenZipSharp.dll -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\unins000.dat -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\unins000.exe -> Deleted [PUP.Gen1][File] C:\Program Files\Easeware\DriverEasy\unins000.msg -> Deleted [PUP.Gen1][Folder] C:\Program Files\Easeware\DriverEasy -> Deleted [BitMiner.Gen0][Folder] C:\Program Files\MinerGate -> Deleted [BitMiner.Gen0][File] C:\Program Files\MinerGate\msvcp120.dll -> Deleted [BitMiner.Gen0][File] C:\Program Files\MinerGate\msvcr120.dll -> Deleted [BitMiner.Gen0][File] C:\Program Files\MinerGate\vccorlib120.dll -> Deleted [PUP.Gen1][Folder] C:\Program Files (x86)\eSupport.com -> Deleted [PUP.Gen1][File] C:\Users\Public\Desktop\Driver Easy.lnk [LNK@] C:\PROGRA~1\Easeware\DRIVER~1\DRIVER~1.EXE -> Removed at reboot [2] ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EZEX-08WN4A0 +++++ --- User --- [MBR] 6efef3ed0617cdaa5064f41b2284fbf4 [BSP] e46ae20ba30d3f8f68c79b27af326a4d : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 953367 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  4. # AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 11 21:36:42 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 09-08-2017.1 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy, C:\Users\CniiperAc3\Documents\vShare PUP.Optional.Legacy, C:\Users\All Users\Documents\Downloaded Installers PUP.Optional.Legacy, C:\Users\Public\Documents\Downloaded Installers PUP.Optional.SlimCleanerPlus, C:\Users\CniiperAc3\AppData\Local\slimware utilities inc PUP.Optional.SlimCleanerPlus, C:\Users\CniiperAc3\AppData\Local\SlimWare Utilities Inc ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\new.nicehash.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nicehash.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d19tqk5t6qcjac.cloudfront.net PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\new.nicehash.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nicehash.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.reimageplus.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1} PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | AnonymizerGadget PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-241418353-3479239940-2468962699-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | WinResSync PUP.Optional.WinRepairPro, [Key] - HKU\S-1-5-21-241418353-3479239940-2468962699-1001\Software\win PUP.Optional.WinRepairPro, [Key] - HKCU\Software\win PUP.Optional.DiskPower, [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb} PUP.Optional.FileFinder, [Key] - HKLM\SOFTWARE\FFinder LTD PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-241418353-3479239940-2468962699-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc PUP.Optional.SlimCleanerPlus, [Key] - HKU\S-1-5-21-241418353-3479239940-2468962699-1001\Software\SlimWare Utilities Inc PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\SlimWare Utilities Inc PUP.Optional.SlimCleanerPlus, [Key] - HKLM\SOFTWARE\SLIMWARE UTILITIES, INC. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
  5. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/11/17 Scan Time: 5:14 PM Log File: Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2778 License: Free -System Information- OS: Windows 10 (Build 14393.1593) CPU: x64 File System: NTFS User: DESKTOP-5OFL8IF\CniiperAc3 -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 407917 Threats Detected: 98 Threats Quarantined: 98 Time Elapsed: 11 min, 50 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 22 RiskWare.BitCoinMiner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MinerGate, Delete-on-Reboot, [94], [410020],1.0.2778 Adware.DotDo.DotPrx, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Delete-on-Reboot, [8270], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [22], [260247],1.0.2778 RiskWare.Extension.NFCS, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iinglghmhcgdgjjlafobajghjamdchik, Delete-on-Reboot, [8728], [419391],1.0.2778 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [22], [260247],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\51659801, Delete-on-Reboot, [8270], [397745],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\64064710, Delete-on-Reboot, [8270], [397745],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\69856778, Delete-on-Reboot, [8270], [397745],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ga5165980151659801, Delete-on-Reboot, [8270], [409656],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ga6406471064064710, Delete-on-Reboot, [8270], [409656],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ga6985677869856778, Delete-on-Reboot, [8270], [409656],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\gak69856778k69856778, Delete-on-Reboot, [8270], [397782],1.0.2778 Adware.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\k69856778, Delete-on-Reboot, [1418], [402167],1.0.2778 Backdoor.DarkComet.Trace, HKU\S-1-5-21-241418353-3479239940-2468962699-1001\SOFTWARE\DC3_FEXEC, Delete-on-Reboot, [14456], [246706],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FEB9262-21F7-4C9A-A7E1-304E45430CC4}, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D5BF7AD-911E-44B2-9DC7-66B021CAAE1C}, Delete-on-Reboot, [1418], [402166],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{32FF6B9A-6BDD-444E-967E-BFDCCC6DDA55}, Delete-on-Reboot, [8270], [409657],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{472B4139-AF28-47AE-BCF6-508356556045}, Delete-on-Reboot, [8270], [397783],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{61C08E63-AEBD-4744-94BA-CD29B157C6CA}, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65CF9D02-11F6-43F9-BC0A-4320E4EFB050}, Delete-on-Reboot, [8270], [409657],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F5291A42-B854-4109-A1B0-A73E5F855040}, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FC212AD3-76EB-418B-8DF2-0C1ABD39FA1E}, Delete-on-Reboot, [8270], [409657],1.0.2778 Registry Value: 11 Adware.DotDo.DotPrx, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [8270], [-1],0.0.0 Adware.DotDo.DotPrx, HKU\S-1-5-21-241418353-3479239940-2468962699-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [8270], [-1],0.0.0 Adware.DotDo.DotPrx, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [8270], [-1],0.0.0 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FEB9262-21F7-4C9A-A7E1-304E45430CC4}|PATH, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.Agent.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2D5BF7AD-911E-44B2-9DC7-66B021CAAE1C}|PATH, Delete-on-Reboot, [1418], [402166],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{32FF6B9A-6BDD-444E-967E-BFDCCC6DDA55}|PATH, Delete-on-Reboot, [8270], [409657],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{472B4139-AF28-47AE-BCF6-508356556045}|PATH, Delete-on-Reboot, [8270], [397783],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{61C08E63-AEBD-4744-94BA-CD29B157C6CA}|PATH, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{65CF9D02-11F6-43F9-BC0A-4320E4EFB050}|PATH, Delete-on-Reboot, [8270], [409657],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F5291A42-B854-4109-A1B0-A73E5F855040}|PATH, Delete-on-Reboot, [8270], [407483],1.0.2778 Adware.DotDo.DotPrx, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FC212AD3-76EB-418B-8DF2-0C1ABD39FA1E}|PATH, Delete-on-Reboot, [8270], [409657],1.0.2778 Registry Data: 8 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{19b5480a-8a32-42a1-9fa8-7e38e709c3f7}|NameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{19b5480a-8a32-42a1-9fa8-7e38e709c3f7}|DhcpNameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7b542c95-21fe-49df-bea4-4bdf7f40c0ea}|NameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{90a338c1-5824-4186-bfd2-22716c1b919b}|NameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{90a338c1-5824-4186-bfd2-22716c1b919b}|DhcpNameServer, Replace-on-Reboot, [22], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{95da4add-063e-4549-bb84-5c1faeeb6f10}|NameServer, Replace-on-Reboot, [22], [-1],0.0.0 Data Stream: 0 (No malicious items detected) Folder: 7 PUP.Optional.BlockAdsPro, C:\USERS\CNIIPERAC3\APPDATA\ROAMING\Microsoft\BlockAdsPro, Delete-on-Reboot, [8745], [421128],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\.ethash-minergate, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\log, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\minergate, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MINERGATE, Delete-on-Reboot, [94], [411852],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\imageformats, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\platforms, Delete-on-Reboot, [94], [410020],1.0.2778 File: 50 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\.ethash-minergate\full-R23-0986c6a216293f20, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\.ethash-minergate\full-R23-89ec0600d6137ca0, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\.ethash-minergate\full-R23-c50f0eb9498c019d, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\log\eth.log, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\log\minergate.log, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\miners.ini, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\pools.config, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\tacnker@gmail.com.achievements, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\Users\CniiperAc3\AppData\Local\minergate\tacnker@gmail.com.achievements.bak, Delete-on-Reboot, [94], [411853],1.0.2778 RiskWare.BitCoinMiner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\MinerGate.lnk, Delete-on-Reboot, [94], [411852],1.0.2778 RiskWare.BitCoinMiner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MinerGate\Uninstall.lnk, Delete-on-Reboot, [94], [411852],1.0.2778 RiskWare.BitCoinMiner, C:\USERS\CNIIPERAC3\APPDATA\ROAMING\NHM2\BIN\XMR-STAK-CPU\XMR-STAK-CPU.EXE, Delete-on-Reboot, [94], [395669],1.0.2778 RiskWare.BitCoinMiner, C:\PROGRAM FILES\MINERGATE\MINERGATE.EXE, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\imageformats\qico.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\platforms\qwindows.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\cudart64_80.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\libeay32.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\OpenCL.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Qt5Core.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Qt5Gui.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Qt5Network.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Qt5WebSockets.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Qt5Widgets.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\ssleay32.dll, Delete-on-Reboot, [94], [410020],1.0.2778 RiskWare.BitCoinMiner, C:\Program Files\MinerGate\Uninstall.exe, Delete-on-Reboot, [94], [410020],1.0.2778 PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Delete-on-Reboot, [685], [393793],1.0.2778 Trojan.Clicker, C:\WINDOWS\SYSTEM32\RAVCPDKZ.EXE, Delete-on-Reboot, [21], [429720],1.0.2778 PUP.Optional.HijackHosts, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [2811], [352008],1.0.2778 PUP.Optional.HijackHosts, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [2811], [352008],1.0.2778 Hijack.HostFile, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [323], [365171],1.0.2778 Hijack.HostFile, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [323], [365171],1.0.2778 Hijack.HostFile, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [323], [365175],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_bringmesports.dl.tb.ask.com_0.localstorage, Delete-on-Reboot, [259], [240306],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_bringmesports.dl.tb.ask.com_0.localstorage-journal, Delete-on-Reboot, [259], [240306],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_downloadinboxnow.dl.tb.ask.com_0.localstorage, Delete-on-Reboot, [259], [240306],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_downloadinboxnow.dl.tb.ask.com_0.localstorage-journal, Delete-on-Reboot, [259], [240306],1.0.2778 PUP.Optional.CrossRider, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, Delete-on-Reboot, [219], [256629],1.0.2778 PUP.Optional.CrossRider, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, Delete-on-Reboot, [219], [256629],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\gak69856778k69856778, Delete-on-Reboot, [8270], [397781],1.0.2778 Adware.Agent.Generic, C:\WINDOWS\SYSTEM32\TASKS\k69856778, Delete-on-Reboot, [1418], [402165],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\ga5165980151659801, Delete-on-Reboot, [8270], [409999],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\ga6406471064064710, Delete-on-Reboot, [8270], [409999],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\ga6985677869856778, Delete-on-Reboot, [8270], [409999],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\51659801, Delete-on-Reboot, [8270], [410000],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\64064710, Delete-on-Reboot, [8270], [410000],1.0.2778 Adware.DotDo.DotPrx, C:\WINDOWS\SYSTEM32\TASKS\69856778, Delete-on-Reboot, [8270], [410000],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_bringmesports.dl.myway.com_0.localstorage, Delete-on-Reboot, [259], [240305],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_bringmesports.dl.myway.com_0.localstorage-journal, Delete-on-Reboot, [259], [240305],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_downloadinboxnow.dl.myway.com_0.localstorage, Delete-on-Reboot, [259], [240305],1.0.2778 PUP.Optional.MindSpark, C:\USERS\CNIIPERAC3\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_downloadinboxnow.dl.myway.com_0.localstorage-journal, Delete-on-Reboot, [259], [240305],1.0.2778 Physical Sector: 0 (No malicious items detected) (end)
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.