Inactive Disk usage is 100% and I'm 200% frustrated

Status
Not open for further replies.
I

ionme

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
Ran by Ioakim (administrator) on IOAKIM-PC (29-04-2017 14:45:27)
Running from C:\Users\Ioakim\Downloads
Loaded Profiles: Ioakim (Available Profiles: Ioakim)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Cuptony\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(BitTorrent Inc.) C:\Users\Ioakim\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Users\Ioakim\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5292832 2017-04-05] (IObit)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Run: [uTorrent] => C:\Users\Ioakim\AppData\Roaming\uTorrent\uTorrent.exe [6103232 2016-08-30] (BitTorrent Inc.)
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3920672 2017-03-30] (IObit)
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\MountPoints2: {24826d50-ba1d-11e6-8dd1-90e6bad41ca2} - F:\setup.exe
ShellExecuteHooks: No Name - {C8FB3CD4-235C-11E7-B46E-64006A5CFC23} - -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{49A81AD4-5AD9-4698-AE5D-E537C105A70C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-104129644-4116897664-2065348068-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-03-28] (IObit)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 5sfdj974.default
FF ProfilePath: C:\Users\Ioakim\AppData\Roaming\Firefox\Firefox\Profiles\5sfdj974.default [2017-04-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-11-04] [not signed]
FF HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-07-01] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.ourluckysites.com/?type=hp&ts=1493290145&z=412aa413b3dd25cc9a71bceg5zat5c6o0t7edgaz9c&from=che0812&uid=WDCXWD7500AADS-00M2B0_WD-WCAV5529213392133
CHR Profile: C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-28] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-24]
CHR Extension: (Google Drive) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-24]
CHR Extension: (Turn Off the Lights) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-04-28]
CHR Extension: (YouTube) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-24]
CHR Extension: (Slinky Elegant) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-04-24]
CHR Extension: (Adblock Plus) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-24]
CHR Extension: (Google Sheets) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-24]
CHR Extension: (Google Docs Offline) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-24]
CHR Extension: (Evernote Web) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-24]
CHR Extension: (Gmail) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-28]
CHR Profile: C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-04-24] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-16]
CHR Extension: (Google Docs) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-30]
CHR Extension: (Google Drive) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-30]
CHR Extension: (YouTube) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-13]
CHR Extension: (Adblock Plus) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Dark Reader) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2016-12-06]
CHR Extension: (Google Sheets) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-30]
CHR Extension: (Evernote Web) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-09-30]
CHR Extension: (Morpheon Dark) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2017-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Gmail) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-30]
CHR Extension: (Chrome Media Router) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MicrosoftCRLSrv; C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig617.dll [117760 2017-04-28] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-18] ()
R2 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1764640 2017-03-17] (IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2017-03-28] (IObit)
R2 Kitty; C:\Users\Ioakim\AppData\Local\Kitty\Kitty.dll [257024 2017-04-28] (kitty) [File not signed] <==== ATTENTION
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
S3 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 SNARE; C:\Users\Ioakim\AppData\Local\SNARE\Snare.dll [833536 2017-04-27] (InterSect Alliance Pty Ltd) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Ioakim\AppData\Roaming\WinSAPSvc\WinSAP.dll [550912 2017-04-21] (win) [File not signed] <==== ATTENTION
S2 AppleCloudSvc; C:\ProgramData\Apple\Common\Cloud\WinHelper.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [193448 2017-03-03] ()
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2016-11-07] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2016-11-07] (Dev47Apps)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2016-12-04] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-24] (REALiX(tm))
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [34008 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [15704 2016-11-19] (IObit.com)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R0 MBAMChameleon; C:\Windows\System32\drivers\MBAMChameleon.sys [186304 2017-04-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-04-29] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 RegFilter; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-19] (CyberLink Corp.)
U0 aswVmm; no ImagePath
S3 cpuz138; \??\C:\Users\Ioakim\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160625.006\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160625.006\EX64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 14:45 - 2017-04-29 14:47 - 00019401 _____ C:\Users\Ioakim\Downloads\FRST.txt
2017-04-29 14:45 - 2017-04-29 14:45 - 02427392 _____ (Farbar) C:\Users\Ioakim\Downloads\FRST64.exe
2017-04-29 14:45 - 2017-04-29 14:45 - 00000000 ____D C:\FRST
2017-04-29 14:04 - 2017-04-29 14:35 - 00007609 _____ C:\Users\Ioakim\AppData\Local\Resmon.ResmonCfg
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Users\Public\Documents\Google
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Cuptony
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Program Files (x86)\Cuptony
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\WinSAPSvc
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 _____ C:\Windows\SysWOW64\33
2017-04-28 13:58 - 2017-04-28 13:58 - 00002826 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_Ioakim
2017-04-28 13:54 - 2017-04-29 14:39 - 00002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Ioakim)
2017-04-27 20:40 - 2017-04-27 21:23 - 00000000 ____D C:\Users\Ioakim\Downloads\Passengers 2016 1080p BluRay x264 DTS-JYK
2017-04-27 20:40 - 2017-04-27 20:40 - 00016711 _____ C:\Users\Ioakim\Downloads\passengers 2016 1080p bluray x264 dts-jyk.torrent
2017-04-27 17:49 - 2017-04-28 16:15 - 00003506 _____ C:\Windows\System32\Tasks\Windows-PG
2017-04-27 14:05 - 2017-04-29 14:36 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-27 14:05 - 2017-04-29 13:57 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-27 14:05 - 2017-04-27 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-27 14:05 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-27 14:04 - 2017-04-27 14:04 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-27 14:03 - 2017-04-27 14:04 - 60107896 _____ (Malwarebytes ) C:\Users\Ioakim\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-27 13:56 - 2017-04-27 13:56 - 00000007 _____ C:\Windows\SysWOW64\1A45.tmp
2017-04-27 13:56 - 2017-04-27 13:56 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Everness
2017-04-27 13:56 - 2017-04-27 13:56 - 00000000 ____D C:\ProgramData\Apple
2017-04-27 13:54 - 2017-04-27 13:54 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\Firefox
2017-04-27 13:54 - 2017-04-27 13:54 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Firefox
2017-04-27 13:52 - 2017-04-27 13:52 - 00000000 ____D C:\Program Files (x86)\Everness
2017-04-27 13:50 - 2017-04-29 14:36 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-04-27 13:50 - 2017-04-27 17:04 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-04-27 13:49 - 2017-04-28 16:15 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-27 13:49 - 2017-04-27 13:49 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-27 02:19 - 2017-04-27 02:19 - 00020865 _____ C:\Users\Ioakim\Downloads\the-witch_english-1326741.zip
2017-04-27 02:08 - 2017-04-27 02:08 - 00023457 _____ C:\Users\Ioakim\Downloads\the.vvitch.a.newengland.folktale.(2015).ara.1cd.(6614040).zip
2017-04-27 02:08 - 2017-04-27 01:07 - 00055205 _____ C:\Users\Ioakim\Downloads\The.Witch.2015.HDRip.XviD.AC3-EVO.srt
2017-04-27 02:08 - 2017-04-27 01:07 - 00006271 _____ C:\Users\Ioakim\Downloads\the.vvitch.a.new.england.(6614040).nfo
2017-04-27 02:07 - 2017-04-27 02:07 - 00010906 _____ C:\Users\Ioakim\Downloads\File203841.zip.htm
2017-04-27 01:23 - 2017-04-27 01:34 - 00000000 ____D C:\Users\Ioakim\Downloads\Zoppo Trump - Zoppo Trump 1971-76
2017-04-27 01:23 - 2017-04-27 01:23 - 00020520 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t3428880.torrent
2017-04-27 01:19 - 2017-04-27 01:35 - 00000000 ____D C:\Users\Ioakim\Downloads\Fleetwood Mac - Peter Green's Fleetwood Mac
2017-04-27 01:19 - 2017-04-27 01:20 - 00000000 ____D C:\Users\Ioakim\Downloads\Fleetwood Mac - The Very Best Of - 2002 [EAC-FLAC-CUE]
2017-04-27 01:19 - 2017-04-27 01:19 - 00015584 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1453911.torrent
2017-04-27 01:19 - 2017-04-27 01:19 - 00014145 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1282170.torrent
2017-04-25 22:04 - 2017-04-25 23:49 - 2376545437 ____R C:\Users\Ioakim\Downloads\The.Witch.2015.BluRay.1080p.10bit.5.1.x265.HEVC-Qman[UTR].mkv
2017-04-25 22:04 - 2017-04-25 22:04 - 00012858 _____ C:\Users\Ioakim\Downloads\C355C64957FB5D2042F5D83B4524AAD963A44111.torrent
2017-04-25 12:54 - 2017-04-25 12:56 - 00000000 ____D C:\Users\Ioakim\Downloads\Advanced SystemCare Pro 10.3.0.739 + Patch [CracksNow]
2017-04-25 12:54 - 2017-04-25 12:54 - 00014651 _____ C:\Users\Ioakim\Downloads\34CC9124F81DE6DF5B16B081E7E56DAB0E2C0C04.torrent
2017-04-25 12:51 - 2016-12-05 15:32 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2017-04-25 10:24 - 2017-04-28 16:15 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Kitty
2017-04-25 10:24 - 2017-04-25 10:24 - 00000000 ____D C:\Windows\psgo
2017-04-25 10:23 - 2017-04-27 17:49 - 00000000 ____D C:\Users\Ioakim\AppData\Local\SNARE
2017-04-24 22:59 - 2017-04-24 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-04-24 22:59 - 2017-03-17 16:39 - 00034008 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys
2017-04-24 22:51 - 2017-04-24 22:58 - 00000000 ____D C:\Users\Ioakim\Downloads\IObit Malware Fighter Pro 5.0.2.3788 + Keygen [CracksNow]
2017-04-24 22:50 - 2017-04-24 22:50 - 00014741 _____ C:\Users\Ioakim\Downloads\A948E2D30CA04240ABEB8EA28D7DEB13D8D4ADB6.torrent
2017-04-24 18:30 - 2017-04-24 18:31 - 11583584 _____ (SurfRight B.V.) C:\Users\Ioakim\Downloads\HitmanPro_x64.exe
2017-04-24 17:56 - 2017-04-24 17:56 - 00002908 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ioakim
2017-04-24 17:56 - 2017-04-24 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-04-24 17:55 - 2017-04-24 17:55 - 00000000 __SHD C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnw
2017-04-24 17:54 - 2017-04-24 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk
2017-04-24 17:54 - 2017-04-24 17:54 - 00000000 ____D C:\Users\Public\Documents\XMUpdate
2017-04-24 17:47 - 2017-04-24 17:47 - 02451912 _____ (IObit ) C:\Users\Ioakim\Downloads\unlocker-setup (1).exe
2017-04-24 17:47 - 2017-04-24 17:47 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-04-24 17:47 - 2017-04-24 17:47 - 00003258 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-04-24 17:47 - 2017-04-24 17:47 - 00000000 ____D C:\Windows\IObit
2017-04-24 17:47 - 2017-04-24 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-04-24 17:45 - 2017-04-24 17:46 - 00003174 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-04-24 17:45 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 863075.crdownload
2017-04-24 17:45 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\smart-defrag-setup (3).exe
2017-04-24 17:45 - 2017-04-24 17:45 - 00003022 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2017-04-24 17:45 - 2017-04-24 17:45 - 00003020 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-04-24 17:45 - 2017-04-24 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-04-24 17:45 - 2017-03-09 13:53 - 00045664 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2017-04-24 17:45 - 2017-03-09 13:53 - 00030744 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-04-24 17:45 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-04-24 17:44 - 2017-04-24 17:45 - 17866872 _____ (IObit ) C:\Users\Ioakim\Downloads\driver_booster_setup (1).exe
2017-04-24 17:44 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\smart-defrag-setup (1).exe
2017-04-24 17:44 - 2017-04-24 17:44 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 162221.crdownload
2017-04-24 17:43 - 2017-04-24 17:44 - 17866872 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 582588.crdownload
2017-04-24 17:43 - 2017-04-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2017-04-24 17:42 - 2017-04-24 17:42 - 02451912 _____ (IObit ) C:\Users\Ioakim\Downloads\unlocker-setup.exe
2017-04-24 14:57 - 2017-04-24 14:57 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-04-24 14:50 - 2017-04-24 17:28 - 00000000 ____D C:\Users\Ioakim\Downloads\Advanced SystemCare Pro 10.2.0.721 Multilingual + Keys [SadeemPC]
2017-04-24 14:47 - 2017-04-24 14:47 - 00015153 _____ C:\Users\Ioakim\Downloads\E4089619458C2FD904D95BE84CD48B8512ACC7AD.torrent
2017-04-24 14:24 - 2017-04-24 14:24 - 04089296 _____ C:\Users\Ioakim\Downloads\Unconfirmed 348300.crdownload
2017-04-24 14:19 - 2017-04-24 14:19 - 04089296 _____ C:\Users\Ioakim\Downloads\adwcleaner_6.045.exe
2017-04-18 15:03 - 2017-04-18 15:14 - 00000000 ____D C:\Users\Ioakim\Downloads\Synecdoche, NY
2017-04-18 15:03 - 2017-04-18 15:03 - 00013851 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1920321.torrent
2017-04-18 02:00 - 2017-04-18 02:00 - 00019219 _____ C:\Users\Ioakim\Downloads\melancholia-english-392564.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00027076 _____ C:\Users\Ioakim\Downloads\melancholia-english-725425.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00022210 _____ C:\Users\Ioakim\Downloads\melancholia-english-686401.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00020265 _____ C:\Users\Ioakim\Downloads\melancholia-english-435376.zip
2017-04-18 01:57 - 2017-04-18 01:57 - 00020139 _____ C:\Users\Ioakim\Downloads\melancholia-english-373799.zip
2017-04-18 01:54 - 2017-04-18 01:54 - 00020484 _____ C:\Users\Ioakim\Downloads\melancholia-english-414517.zip
2017-04-18 01:54 - 2017-04-18 01:54 - 00020233 _____ C:\Users\Ioakim\Downloads\melancholia-english-478409.zip
2017-04-18 00:14 - 2017-04-18 00:20 - 00000000 ____D C:\Users\Ioakim\Downloads\Solefald - World Metal. Kosmopolis Sud (2015)
2017-04-18 00:14 - 2017-04-18 00:14 - 00020876 _____ C:\Users\Ioakim\Downloads\[www.seedpeer.eu] Solefald World Metal Kosmopolis Sud 2015.SEEDPEER.torrent
2017-04-18 00:14 - 2017-04-18 00:14 - 00019770 _____ C:\Users\Ioakim\Downloads\D2DEA94DA6F631E54B2B2A4C47A907D6E53E6019.torrent
2017-04-17 21:11 - 2017-04-18 02:01 - 00000000 ____D C:\Users\Ioakim\Downloads\Melancholia.2011.1080p.BluRay.AAC.5.1.HEVC.x265.sharpysword
2017-04-17 21:10 - 2017-04-17 21:10 - 00026669 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C.torrent
2017-04-17 21:10 - 2017-04-17 21:10 - 00025866 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C (2).torrent
2017-04-17 21:10 - 2017-04-17 21:10 - 00025866 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C (1).torrent
2017-04-12 23:19 - 2017-04-12 23:28 - 00000000 ____D C:\Users\Ioakim\Downloads\Louis.C.K.2017.2017.WEBRip.x264-RARBG
2017-04-12 22:59 - 2017-04-12 23:08 - 00000000 ____D C:\Users\Ioakim\Downloads\Toehider - 2014 - What Kind Of Creature Am I [FLAC]
2017-04-09 19:30 - 2017-04-23 23:47 - 00000000 ____D C:\Users\Ioakim\Downloads\Marillion - **** Everyone And Run (2016) [FLAC]
2017-04-08 04:19 - 2017-04-08 04:21 - 00000000 ____D C:\Users\Ioakim\Downloads\Attalla-2017-Glacial Rule
2017-04-06 02:22 - 2017-02-11 16:33 - 00000000 ____D C:\Users\Ioakim\Downloads\Soen - Lykaia (2017) FLAC + scans
2017-04-06 01:55 - 2017-04-06 02:19 - 435624332 _____ C:\Users\Ioakim\Downloads\Soen---Lykaia-(2017)-FLAC-+-scans.rar
2017-04-04 18:05 - 2017-04-04 18:05 - 16207613 _____ C:\Users\Ioakim\Downloads\Paul-Draper---EP-Two-(EP-2016).rar
2017-04-04 03:03 - 2017-04-18 14:09 - 00000000 ____D C:\Users\Ioakim\Downloads\The Contortionist
2017-04-03 01:48 - 2017-04-17 15:45 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic-Wheel Of Life
2017-04-03 01:48 - 2017-04-17 15:45 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic - In A Perfect World (2011)
2017-04-03 01:48 - 2017-04-03 02:05 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic - Entering The Spectra (2002)
2017-04-03 01:32 - 2017-04-03 01:40 - 00000000 ____D C:\Users\Ioakim\Downloads\The Tea Club - Grappling (2015) [FLAC]
2017-04-01 14:58 - 2017-04-01 15:13 - 00000000 ____D C:\Users\Ioakim\Downloads\Mansun - Attack of the Grey Lantern [FLAC]
2017-04-01 14:41 - 2017-04-15 15:06 - 00000000 ____D C:\Users\Ioakim\Downloads\The Neal Morse Band - 2016 - The Similitude of a Dream [FLAC]
2017-03-30 11:51 - 2017-03-30 11:52 - 70938624 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00630784 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00032768 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00032768 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00000000 ____H C:\asc_rdflag
2017-03-30 02:41 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 14:46 - 2016-06-24 13:02 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\uTorrent
2017-04-29 14:44 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-29 14:44 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-29 14:35 - 2016-06-27 01:41 - 00000000 ____D C:\Users\Ioakim\AppData\Local\CrashDumps
2017-04-29 14:34 - 2016-06-22 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-29 14:33 - 2017-02-16 18:32 - 00002334 ____H C:\Windows\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}.job
2017-04-29 14:33 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-29 14:22 - 2016-10-20 14:25 - 00000967 _____ C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-04-29 14:22 - 2016-10-11 14:26 - 00002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-29 04:34 - 2016-06-24 13:17 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\foobar2000
2017-04-28 20:12 - 2016-06-24 14:45 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 20:12 - 2016-06-24 14:45 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 19:01 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2017-04-27 17:38 - 2016-09-30 16:21 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-04-27 17:38 - 2016-09-30 16:21 - 00001914 _____ C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2017-04-27 17:33 - 2017-02-16 20:26 - 00000000 ____D C:\Program Files\Layers of Fear
2017-04-27 14:47 - 2016-06-24 13:06 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\IObit
2017-04-27 14:38 - 2016-06-24 13:06 - 00000000 ____D C:\ProgramData\IObit
2017-04-27 14:04 - 2016-10-11 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-27 13:56 - 2016-12-06 17:01 - 00003788 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003838 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003838 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003776 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003600 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003540 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-06-24 18:58 - 00004456 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-27 13:55 - 2017-03-14 14:39 - 00000000 ____D C:\Users\Ioakim\AppData\LocalLow\Mozilla
2017-04-27 13:54 - 2009-07-14 08:13 - 00795674 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-27 04:00 - 2016-06-22 20:09 - 00000000 ____D C:\KMPlayer
2017-04-26 03:26 - 2016-09-22 12:26 - 00000000 ____D C:\Program Files (x86)\Total War Attila
2017-04-25 13:03 - 2016-06-25 17:10 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-25 12:56 - 2016-06-24 13:06 - 00000000 ____D C:\Users\Ioakim\AppData\LocalLow\IObit
2017-04-25 12:56 - 2016-06-24 13:06 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-25 12:52 - 2016-06-24 13:06 - 00000000 ____D C:\ProgramData\ProductData
2017-04-24 18:44 - 2002-01-01 00:02 - 00000000 ____D C:\Windows\Minidump
2017-04-24 18:14 - 2016-10-11 18:12 - 00000000 ____D C:\AdwCleaner
2017-04-24 18:12 - 2009-07-14 06:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-04-24 17:56 - 2016-06-24 13:36 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-04-24 04:56 - 2017-03-08 14:23 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Ubisoft Game Launcher
2017-04-23 14:37 - 2016-06-24 18:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-13 13:25 - 2009-07-14 08:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-12 00:38 - 2017-03-28 19:27 - 00000000 ____D C:\Users\Ioakim\Downloads\The Mute Gods 2016-2017 (Discography)
2017-04-03 01:28 - 2016-06-22 19:47 - 00000000 ____D C:\Users\Ioakim\AppData\Local\ElevatedDiagnostics
2017-04-03 01:27 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-01 02:36 - 2017-03-17 02:58 - 00000000 ____D C:\Users\Ioakim\Downloads\Sun Kil Moon - Benji (Limited Edition) - 2014 (320 kbps)
2017-03-31 01:10 - 2017-03-15 22:32 - 00000000 ____D C:\Users\Ioakim\Downloads\Blackfield - V (2017, Kscope)

==================== Files in the root of some directories =======

2017-04-29 14:04 - 2017-04-29 14:35 - 0007609 _____ () C:\Users\Ioakim\AppData\Local\Resmon.ResmonCfg
2016-11-09 18:58 - 2016-11-09 18:58 - 0000033 _____ () C:\ProgramData\droidcam-settings
2016-11-04 13:11 - 2016-11-07 20:39 - 0001168 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Windows\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}.job


Some files in TEMP:
====================
2017-04-24 17:54 - 2017-04-24 17:54 - 0321024 _____ () C:\Users\Ioakim\AppData\Local\Temp\AppHelperV10.exe
2017-04-24 18:11 - 2017-04-24 18:11 - 0340904 _____ (360.cn) C:\Users\Ioakim\AppData\Local\Temp\Inst13__3112295__3f7372633d6c6d266c733d6e37616163383063353938__68616f2e3336302e636e__0c9f.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-24 19:47

==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
Ran by Ioakim (administrator) on IOAKIM-PC (29-04-2017 14:45:27)
Running from C:\Users\Ioakim\Downloads
Loaded Profiles: Ioakim (Available Profiles: Ioakim)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Cuptony\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(BitTorrent Inc.) C:\Users\Ioakim\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Users\Ioakim\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Cuptony\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5292832 2017-04-05] (IObit)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Run: [uTorrent] => C:\Users\Ioakim\AppData\Roaming\uTorrent\uTorrent.exe [6103232 2016-08-30] (BitTorrent Inc.)
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3920672 2017-03-30] (IObit)
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\MountPoints2: {24826d50-ba1d-11e6-8dd1-90e6bad41ca2} - F:\setup.exe
ShellExecuteHooks: No Name - {C8FB3CD4-235C-11E7-B46E-64006A5CFC23} - -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{49A81AD4-5AD9-4698-AE5D-E537C105A70C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-104129644-4116897664-2065348068-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-03-28] (IObit)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 5sfdj974.default
FF ProfilePath: C:\Users\Ioakim\AppData\Roaming\Firefox\Firefox\Profiles\5sfdj974.default [2017-04-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-11-04] [not signed]
FF HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-07-01] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-07-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.ourluckysites.com/?type=hp&ts=1493290145&z=412aa413b3dd25cc9a71bceg5zat5c6o0t7edgaz9c&from=che0812&uid=WDCXWD7500AADS-00M2B0_WD-WCAV5529213392133
CHR Profile: C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-28] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-24]
CHR Extension: (Google Drive) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-24]
CHR Extension: (Turn Off the Lights) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-04-28]
CHR Extension: (YouTube) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-24]
CHR Extension: (Slinky Elegant) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-04-24]
CHR Extension: (Adblock Plus) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-24]
CHR Extension: (Google Sheets) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-24]
CHR Extension: (Google Docs Offline) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-24]
CHR Extension: (Evernote Web) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-06-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-24]
CHR Extension: (Gmail) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-28]
CHR Profile: C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-04-24] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-16]
CHR Extension: (Google Docs) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-30]
CHR Extension: (Google Drive) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-30]
CHR Extension: (YouTube) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-13]
CHR Extension: (Adblock Plus) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Dark Reader) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2016-12-06]
CHR Extension: (Google Sheets) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-30]
CHR Extension: (Evernote Web) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-09-30]
CHR Extension: (Morpheon Dark) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2017-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Gmail) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-30]
CHR Extension: (Chrome Media Router) - C:\Users\Ioakim\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MicrosoftCRLSrv; C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig617.dll [117760 2017-04-28] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-04-18] ()
R2 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1764640 2017-03-17] (IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2017-03-28] (IObit)
R2 Kitty; C:\Users\Ioakim\AppData\Local\Kitty\Kitty.dll [257024 2017-04-28] (kitty) [File not signed] <==== ATTENTION
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
S3 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-01] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 SNARE; C:\Users\Ioakim\AppData\Local\SNARE\Snare.dll [833536 2017-04-27] (InterSect Alliance Pty Ltd) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Ioakim\AppData\Roaming\WinSAPSvc\WinSAP.dll [550912 2017-04-21] (win) [File not signed] <==== ATTENTION
S2 AppleCloudSvc; C:\ProgramData\Apple\Common\Cloud\WinHelper.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cryptfd; C:\Windows\System32\drivers\cryptfd.sys [193448 2017-03-03] ()
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2016-11-07] (Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2016-11-07] (Dev47Apps)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2016-12-04] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-12-05] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-24] (REALiX(tm))
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [34008 2017-03-17] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [15704 2016-11-19] (IObit.com)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R0 MBAMChameleon; C:\Windows\System32\drivers\MBAMChameleon.sys [186304 2017-04-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-04-29] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 RegFilter; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-12-05] (BitDefender S.R.L.)
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-19] (CyberLink Corp.)
U0 aswVmm; no ImagePath
S3 cpuz138; \??\C:\Users\Ioakim\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160625.006\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.7.0.76\Definitions\SDSDefs\20160625.006\EX64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 14:45 - 2017-04-29 14:47 - 00019401 _____ C:\Users\Ioakim\Downloads\FRST.txt
2017-04-29 14:45 - 2017-04-29 14:45 - 02427392 _____ (Farbar) C:\Users\Ioakim\Downloads\FRST64.exe
2017-04-29 14:45 - 2017-04-29 14:45 - 00000000 ____D C:\FRST
2017-04-29 14:04 - 2017-04-29 14:35 - 00007609 _____ C:\Users\Ioakim\AppData\Local\Resmon.ResmonCfg
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Users\Public\Documents\Google
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Cuptony
2017-04-28 16:16 - 2017-04-28 16:16 - 00000000 ____D C:\Program Files (x86)\Cuptony
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\WinSAPSvc
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 ____D C:\Program Files (x86)\AlphaGo
2017-04-28 16:15 - 2017-04-28 16:15 - 00000000 _____ C:\Windows\SysWOW64\33
2017-04-28 13:58 - 2017-04-28 13:58 - 00002826 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_Ioakim
2017-04-28 13:54 - 2017-04-29 14:39 - 00002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Ioakim)
2017-04-27 20:40 - 2017-04-27 21:23 - 00000000 ____D C:\Users\Ioakim\Downloads\Passengers 2016 1080p BluRay x264 DTS-JYK
2017-04-27 20:40 - 2017-04-27 20:40 - 00016711 _____ C:\Users\Ioakim\Downloads\passengers 2016 1080p bluray x264 dts-jyk.torrent
2017-04-27 17:49 - 2017-04-28 16:15 - 00003506 _____ C:\Windows\System32\Tasks\Windows-PG
2017-04-27 14:05 - 2017-04-29 14:36 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-27 14:05 - 2017-04-29 14:35 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-27 14:05 - 2017-04-29 13:57 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-27 14:05 - 2017-04-27 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-27 14:05 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-27 14:04 - 2017-04-27 14:04 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-27 14:03 - 2017-04-27 14:04 - 60107896 _____ (Malwarebytes ) C:\Users\Ioakim\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-27 13:56 - 2017-04-27 13:56 - 00000007 _____ C:\Windows\SysWOW64\1A45.tmp
2017-04-27 13:56 - 2017-04-27 13:56 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Everness
2017-04-27 13:56 - 2017-04-27 13:56 - 00000000 ____D C:\ProgramData\Apple
2017-04-27 13:54 - 2017-04-27 13:54 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\Firefox
2017-04-27 13:54 - 2017-04-27 13:54 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Firefox
2017-04-27 13:52 - 2017-04-27 13:52 - 00000000 ____D C:\Program Files (x86)\Everness
2017-04-27 13:50 - 2017-04-29 14:36 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-04-27 13:50 - 2017-04-27 17:04 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-04-27 13:49 - 2017-04-28 16:15 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-27 13:49 - 2017-04-27 13:49 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-27 02:19 - 2017-04-27 02:19 - 00020865 _____ C:\Users\Ioakim\Downloads\the-witch_english-1326741.zip
2017-04-27 02:08 - 2017-04-27 02:08 - 00023457 _____ C:\Users\Ioakim\Downloads\the.vvitch.a.newengland.folktale.(2015).ara.1cd.(6614040).zip
2017-04-27 02:08 - 2017-04-27 01:07 - 00055205 _____ C:\Users\Ioakim\Downloads\The.Witch.2015.HDRip.XviD.AC3-EVO.srt
2017-04-27 02:08 - 2017-04-27 01:07 - 00006271 _____ C:\Users\Ioakim\Downloads\the.vvitch.a.new.england.(6614040).nfo
2017-04-27 02:07 - 2017-04-27 02:07 - 00010906 _____ C:\Users\Ioakim\Downloads\File203841.zip.htm
2017-04-27 01:23 - 2017-04-27 01:34 - 00000000 ____D C:\Users\Ioakim\Downloads\Zoppo Trump - Zoppo Trump 1971-76
2017-04-27 01:23 - 2017-04-27 01:23 - 00020520 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t3428880.torrent
2017-04-27 01:19 - 2017-04-27 01:35 - 00000000 ____D C:\Users\Ioakim\Downloads\Fleetwood Mac - Peter Green's Fleetwood Mac
2017-04-27 01:19 - 2017-04-27 01:20 - 00000000 ____D C:\Users\Ioakim\Downloads\Fleetwood Mac - The Very Best Of - 2002 [EAC-FLAC-CUE]
2017-04-27 01:19 - 2017-04-27 01:19 - 00015584 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1453911.torrent
2017-04-27 01:19 - 2017-04-27 01:19 - 00014145 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1282170.torrent
2017-04-25 22:04 - 2017-04-25 23:49 - 2376545437 ____R C:\Users\Ioakim\Downloads\The.Witch.2015.BluRay.1080p.10bit.5.1.x265.HEVC-Qman[UTR].mkv
2017-04-25 22:04 - 2017-04-25 22:04 - 00012858 _____ C:\Users\Ioakim\Downloads\C355C64957FB5D2042F5D83B4524AAD963A44111.torrent
2017-04-25 12:54 - 2017-04-25 12:56 - 00000000 ____D C:\Users\Ioakim\Downloads\Advanced SystemCare Pro 10.3.0.739 + Patch [CracksNow]
2017-04-25 12:54 - 2017-04-25 12:54 - 00014651 _____ C:\Users\Ioakim\Downloads\34CC9124F81DE6DF5B16B081E7E56DAB0E2C0C04.torrent
2017-04-25 12:51 - 2016-12-05 15:32 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2017-04-25 10:24 - 2017-04-28 16:15 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Kitty
2017-04-25 10:24 - 2017-04-25 10:24 - 00000000 ____D C:\Windows\psgo
2017-04-25 10:23 - 2017-04-27 17:49 - 00000000 ____D C:\Users\Ioakim\AppData\Local\SNARE
2017-04-24 22:59 - 2017-04-24 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-04-24 22:59 - 2017-03-17 16:39 - 00034008 _____ (IObit.com) C:\Windows\system32\Drivers\IMFCameraProtect.sys
2017-04-24 22:51 - 2017-04-24 22:58 - 00000000 ____D C:\Users\Ioakim\Downloads\IObit Malware Fighter Pro 5.0.2.3788 + Keygen [CracksNow]
2017-04-24 22:50 - 2017-04-24 22:50 - 00014741 _____ C:\Users\Ioakim\Downloads\A948E2D30CA04240ABEB8EA28D7DEB13D8D4ADB6.torrent
2017-04-24 18:30 - 2017-04-24 18:31 - 11583584 _____ (SurfRight B.V.) C:\Users\Ioakim\Downloads\HitmanPro_x64.exe
2017-04-24 17:56 - 2017-04-24 17:56 - 00002908 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ioakim
2017-04-24 17:56 - 2017-04-24 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2017-04-24 17:55 - 2017-04-24 17:55 - 00000000 __SHD C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnw
2017-04-24 17:54 - 2017-04-24 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mgdisk
2017-04-24 17:54 - 2017-04-24 17:54 - 00000000 ____D C:\Users\Public\Documents\XMUpdate
2017-04-24 17:47 - 2017-04-24 17:47 - 02451912 _____ (IObit ) C:\Users\Ioakim\Downloads\unlocker-setup (1).exe
2017-04-24 17:47 - 2017-04-24 17:47 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-04-24 17:47 - 2017-04-24 17:47 - 00003258 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-04-24 17:47 - 2017-04-24 17:47 - 00000000 ____D C:\Windows\IObit
2017-04-24 17:47 - 2017-04-24 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-04-24 17:45 - 2017-04-24 17:46 - 00003174 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-04-24 17:45 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 863075.crdownload
2017-04-24 17:45 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\smart-defrag-setup (3).exe
2017-04-24 17:45 - 2017-04-24 17:45 - 00003022 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2017-04-24 17:45 - 2017-04-24 17:45 - 00003020 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2017-04-24 17:45 - 2017-04-24 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-04-24 17:45 - 2017-03-09 13:53 - 00045664 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2017-04-24 17:45 - 2017-03-09 13:53 - 00030744 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-04-24 17:45 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-04-24 17:44 - 2017-04-24 17:45 - 17866872 _____ (IObit ) C:\Users\Ioakim\Downloads\driver_booster_setup (1).exe
2017-04-24 17:44 - 2017-04-24 17:45 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\smart-defrag-setup (1).exe
2017-04-24 17:44 - 2017-04-24 17:44 - 10895424 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 162221.crdownload
2017-04-24 17:43 - 2017-04-24 17:44 - 17866872 _____ (IObit ) C:\Users\Ioakim\Downloads\Unconfirmed 582588.crdownload
2017-04-24 17:43 - 2017-04-24 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2017-04-24 17:42 - 2017-04-24 17:42 - 02451912 _____ (IObit ) C:\Users\Ioakim\Downloads\unlocker-setup.exe
2017-04-24 14:57 - 2017-04-24 14:57 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-04-24 14:50 - 2017-04-24 17:28 - 00000000 ____D C:\Users\Ioakim\Downloads\Advanced SystemCare Pro 10.2.0.721 Multilingual + Keys [SadeemPC]
2017-04-24 14:47 - 2017-04-24 14:47 - 00015153 _____ C:\Users\Ioakim\Downloads\E4089619458C2FD904D95BE84CD48B8512ACC7AD.torrent
2017-04-24 14:24 - 2017-04-24 14:24 - 04089296 _____ C:\Users\Ioakim\Downloads\Unconfirmed 348300.crdownload
2017-04-24 14:19 - 2017-04-24 14:19 - 04089296 _____ C:\Users\Ioakim\Downloads\adwcleaner_6.045.exe
2017-04-18 15:03 - 2017-04-18 15:14 - 00000000 ____D C:\Users\Ioakim\Downloads\Synecdoche, NY
2017-04-18 15:03 - 2017-04-18 15:03 - 00013851 _____ C:\Users\Ioakim\Downloads\[rutracker.org].t1920321.torrent
2017-04-18 02:00 - 2017-04-18 02:00 - 00019219 _____ C:\Users\Ioakim\Downloads\melancholia-english-392564.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00027076 _____ C:\Users\Ioakim\Downloads\melancholia-english-725425.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00022210 _____ C:\Users\Ioakim\Downloads\melancholia-english-686401.zip
2017-04-18 01:59 - 2017-04-18 01:59 - 00020265 _____ C:\Users\Ioakim\Downloads\melancholia-english-435376.zip
2017-04-18 01:57 - 2017-04-18 01:57 - 00020139 _____ C:\Users\Ioakim\Downloads\melancholia-english-373799.zip
2017-04-18 01:54 - 2017-04-18 01:54 - 00020484 _____ C:\Users\Ioakim\Downloads\melancholia-english-414517.zip
2017-04-18 01:54 - 2017-04-18 01:54 - 00020233 _____ C:\Users\Ioakim\Downloads\melancholia-english-478409.zip
2017-04-18 00:14 - 2017-04-18 00:20 - 00000000 ____D C:\Users\Ioakim\Downloads\Solefald - World Metal. Kosmopolis Sud (2015)
2017-04-18 00:14 - 2017-04-18 00:14 - 00020876 _____ C:\Users\Ioakim\Downloads\[www.seedpeer.eu] Solefald World Metal Kosmopolis Sud 2015.SEEDPEER.torrent
2017-04-18 00:14 - 2017-04-18 00:14 - 00019770 _____ C:\Users\Ioakim\Downloads\D2DEA94DA6F631E54B2B2A4C47A907D6E53E6019.torrent
2017-04-17 21:11 - 2017-04-18 02:01 - 00000000 ____D C:\Users\Ioakim\Downloads\Melancholia.2011.1080p.BluRay.AAC.5.1.HEVC.x265.sharpysword
2017-04-17 21:10 - 2017-04-17 21:10 - 00026669 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C.torrent
2017-04-17 21:10 - 2017-04-17 21:10 - 00025866 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C (2).torrent
2017-04-17 21:10 - 2017-04-17 21:10 - 00025866 _____ C:\Users\Ioakim\Downloads\7D74D96AC9C25FE82B6C9D4FF00F0C926F9A9D5C (1).torrent
2017-04-12 23:19 - 2017-04-12 23:28 - 00000000 ____D C:\Users\Ioakim\Downloads\Louis.C.K.2017.2017.WEBRip.x264-RARBG
2017-04-12 22:59 - 2017-04-12 23:08 - 00000000 ____D C:\Users\Ioakim\Downloads\Toehider - 2014 - What Kind Of Creature Am I [FLAC]
2017-04-09 19:30 - 2017-04-23 23:47 - 00000000 ____D C:\Users\Ioakim\Downloads\Marillion - **** Everyone And Run (2016) [FLAC]
2017-04-08 04:19 - 2017-04-08 04:21 - 00000000 ____D C:\Users\Ioakim\Downloads\Attalla-2017-Glacial Rule
2017-04-06 02:22 - 2017-02-11 16:33 - 00000000 ____D C:\Users\Ioakim\Downloads\Soen - Lykaia (2017) FLAC + scans
2017-04-06 01:55 - 2017-04-06 02:19 - 435624332 _____ C:\Users\Ioakim\Downloads\Soen---Lykaia-(2017)-FLAC-+-scans.rar
2017-04-04 18:05 - 2017-04-04 18:05 - 16207613 _____ C:\Users\Ioakim\Downloads\Paul-Draper---EP-Two-(EP-2016).rar
2017-04-04 03:03 - 2017-04-18 14:09 - 00000000 ____D C:\Users\Ioakim\Downloads\The Contortionist
2017-04-03 01:48 - 2017-04-17 15:45 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic-Wheel Of Life
2017-04-03 01:48 - 2017-04-17 15:45 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic - In A Perfect World (2011)
2017-04-03 01:48 - 2017-04-03 02:05 - 00000000 ____D C:\Users\Ioakim\Downloads\Karmakanic - Entering The Spectra (2002)
2017-04-03 01:32 - 2017-04-03 01:40 - 00000000 ____D C:\Users\Ioakim\Downloads\The Tea Club - Grappling (2015) [FLAC]
2017-04-01 14:58 - 2017-04-01 15:13 - 00000000 ____D C:\Users\Ioakim\Downloads\Mansun - Attack of the Grey Lantern [FLAC]
2017-04-01 14:41 - 2017-04-15 15:06 - 00000000 ____D C:\Users\Ioakim\Downloads\The Neal Morse Band - 2016 - The Similitude of a Dream [FLAC]
2017-03-30 11:51 - 2017-03-30 11:52 - 70938624 _____ C:\Windows\system32\config\software.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00630784 _____ C:\Windows\system32\config\default.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00032768 _____ C:\Windows\system32\config\security.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00032768 _____ C:\Windows\system32\config\sam.iodefrag.bak
2017-03-30 11:51 - 2017-03-30 11:51 - 00000000 ____H C:\asc_rdflag
2017-03-30 02:41 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-29 14:46 - 2016-06-24 13:02 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\uTorrent
2017-04-29 14:44 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-29 14:44 - 2009-07-14 07:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-29 14:35 - 2016-06-27 01:41 - 00000000 ____D C:\Users\Ioakim\AppData\Local\CrashDumps
2017-04-29 14:34 - 2016-06-22 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-29 14:33 - 2017-02-16 18:32 - 00002334 ____H C:\Windows\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}.job
2017-04-29 14:33 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-29 14:22 - 2016-10-20 14:25 - 00000967 _____ C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-04-29 14:22 - 2016-10-11 14:26 - 00002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-29 04:34 - 2016-06-24 13:17 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\foobar2000
2017-04-28 20:12 - 2016-06-24 14:45 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 20:12 - 2016-06-24 14:45 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 19:01 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2017-04-27 17:38 - 2016-09-30 16:21 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2017-04-27 17:38 - 2016-09-30 16:21 - 00001914 _____ C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2017-04-27 17:33 - 2017-02-16 20:26 - 00000000 ____D C:\Program Files\Layers of Fear
2017-04-27 14:47 - 2016-06-24 13:06 - 00000000 ____D C:\Users\Ioakim\AppData\Roaming\IObit
2017-04-27 14:38 - 2016-06-24 13:06 - 00000000 ____D C:\ProgramData\IObit
2017-04-27 14:04 - 2016-10-11 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-27 13:56 - 2016-12-06 17:01 - 00003788 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003838 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003838 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003776 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003600 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-12-06 17:00 - 00003540 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-27 13:56 - 2016-06-24 18:58 - 00004456 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-27 13:55 - 2017-03-14 14:39 - 00000000 ____D C:\Users\Ioakim\AppData\LocalLow\Mozilla
2017-04-27 13:54 - 2009-07-14 08:13 - 00795674 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-27 04:00 - 2016-06-22 20:09 - 00000000 ____D C:\KMPlayer
2017-04-26 03:26 - 2016-09-22 12:26 - 00000000 ____D C:\Program Files (x86)\Total War Attila
2017-04-25 13:03 - 2016-06-25 17:10 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-25 12:56 - 2016-06-24 13:06 - 00000000 ____D C:\Users\Ioakim\AppData\LocalLow\IObit
2017-04-25 12:56 - 2016-06-24 13:06 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-25 12:52 - 2016-06-24 13:06 - 00000000 ____D C:\ProgramData\ProductData
2017-04-24 18:44 - 2002-01-01 00:02 - 00000000 ____D C:\Windows\Minidump
2017-04-24 18:14 - 2016-10-11 18:12 - 00000000 ____D C:\AdwCleaner
2017-04-24 18:12 - 2009-07-14 06:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-04-24 17:56 - 2016-06-24 13:36 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2017-04-24 04:56 - 2017-03-08 14:23 - 00000000 ____D C:\Users\Ioakim\AppData\Local\Ubisoft Game Launcher
2017-04-23 14:37 - 2016-06-24 18:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-13 13:25 - 2009-07-14 08:08 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-12 00:38 - 2017-03-28 19:27 - 00000000 ____D C:\Users\Ioakim\Downloads\The Mute Gods 2016-2017 (Discography)
2017-04-03 01:28 - 2016-06-22 19:47 - 00000000 ____D C:\Users\Ioakim\AppData\Local\ElevatedDiagnostics
2017-04-03 01:27 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-01 02:36 - 2017-03-17 02:58 - 00000000 ____D C:\Users\Ioakim\Downloads\Sun Kil Moon - Benji (Limited Edition) - 2014 (320 kbps)
2017-03-31 01:10 - 2017-03-15 22:32 - 00000000 ____D C:\Users\Ioakim\Downloads\Blackfield - V (2017, Kscope)

==================== Files in the root of some directories =======

2017-04-29 14:04 - 2017-04-29 14:35 - 0007609 _____ () C:\Users\Ioakim\AppData\Local\Resmon.ResmonCfg
2016-11-09 18:58 - 2016-11-09 18:58 - 0000033 _____ () C:\ProgramData\droidcam-settings
2016-11-04 13:11 - 2016-11-07 20:39 - 0001168 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Windows\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}.job


Some files in TEMP:
====================
2017-04-24 17:54 - 2017-04-24 17:54 - 0321024 _____ () C:\Users\Ioakim\AppData\Local\Temp\AppHelperV10.exe
2017-04-24 18:11 - 2017-04-24 18:11 - 0340904 _____ (360.cn) C:\Users\Ioakim\AppData\Local\Temp\Inst13__3112295__3f7372633d6c6d266c733d6e37616163383063353938__68616f2e3336302e636e__0c9f.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-24 19:47

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2017
Ran by Ioakim (29-04-2017 14:50:20)
Running from C:\Users\Ioakim\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-06-22 14:42:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-104129644-4116897664-2065348068-500 - Administrator - Disabled)
Guest (S-1-5-21-104129644-4116897664-2065348068-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-104129644-4116897664-2065348068-1002 - Limited - Enabled)
Ioakim (S-1-5-21-104129644-4116897664-2065348068-1001 - Administrator - Enabled) => C:\Users\Ioakim

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: IObit Malware Fighter (Disabled - Up to date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\uTorrent) (Version: 3.4.8.42548 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.72 - Hulubulu Software)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
AudioShell 2.3.6 (HKLM\...\AudioShell_is1) (Version: 2.3.6 - Softpointer Inc)
B109a-m (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Brain Explorer 2 (HKLM-x32\...\{7AAF1C8C-F521-48F8-B739-F5FDB5988EE6}) (Version: 2.3.5.2393 - Allen Institute)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM\...\Steam App 42710) (Version: - Treyarch)
CD Wave Editor version 1.97 (HKLM-x32\...\CD Wave_is1) (Version: 1.97 - MiLo Software)
Corel PaintShop Pro X8 (HKLM-x32\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.0.0.124 - Corel Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.1510.58 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.37.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.37.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{A253A57F-4319-49B5-B405-64587FFBCFE2}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.6.14.19 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 18.0.0.124 - Corel Corporation) Hidden
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.3.0.18 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
IPM_PSP_COM64 (Version: 18.0.0.124 - Corel Corporation) Hidden
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.0.3 - PandoraTV)
Layers of Fear (HKLM\...\bGF5ZXJzb2ZmZWFy_is1) (Version: 1 - )
Mafia III v.1.010 (HKLM-x32\...\Mafia III_is1) (Version: - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version: - KONAMI)
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PSPPContent (x32 Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 18.0.0.124 - Corel Corporation) Hidden
PSPPro64 (Version: 18.0.0.124 - Corel Corporation) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scoreboards (HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\Scoreboards) (Version: - )
Seagate Drive Settings Installer (HKLM-x32\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC) Hidden
Setup (x32 Version: 18.0.0.124 - Corel Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skypeâ„¢ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.5.1 - IObit)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SMoKE Patch 9.2.0 (HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\SMoKE Patch 9.2.0) (Version: - )
SMoKE Update 8.3 (HKLM-x32\...\SMoKE Update 8.3) (Version: - )
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.0.2 - Splashtop Inc.)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total.War.ATTILA.[Update.7+ALL.DLCs].[RUS.ENG].(2015).PC.Repacked-ALI213 version 1.6.0.0 (HKLM-x32\...\{C14B85A6-0B09-45BF-88E0-8773D8DB9C21}}_is1) (Version: 1.6.0.0 - Ali213.net)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wave Splitter 2.10 (HKLM-x32\...\WAVSPLIT210_is1) (Version: 2.10 - Claudiosoft)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
X7 Oscar Keyboard Editor (HKLM-x32\...\InstallShield_{AB363F8A-FE88-4188-9D4F-B9014989A7E7}) (Version: 10.12.0003 - A4TECH)
X7 Oscar Keyboard Editor (x32 Version: 10.12.0003 - A4TECH) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\ChromeHTML: -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01980547-5607-4E02-B201-29600B242672} - \ASC10_PerformanceMonitor -> No File <==== ATTENTION
Task: {01BBADDF-CE34-4380-B05A-CA08FA0BAFC0} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2017-03-22] (IObit)
Task: {0E35958F-2A4D-489D-A681-AC8610639FF4} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2016-08-15] ()
Task: {14487FEB-0F50-490B-A362-70C1AA0695A7} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {1D305DA5-30AA-4A99-A547-204B8686AC38} - System32\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51} => C:\Users\Ioakim\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe
Task: {2359196A-F4FF-4310-8EC1-606A705957E7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-17] (Adobe Systems Incorporated)
Task: {2F7D6E76-F6C8-47D4-8488-9D06765CE88B} - System32\Tasks\Windows-PG => powershell.exe C:\windows\psgo\psgo.ps1
Task: {5CB9707E-101E-4497-BCCA-0E3CC3A1B339} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {6111E53E-1D59-4119-BD53-A54468D61ADD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-17] (Adobe Systems Incorporated)
Task: {63744DCA-43C5-4C52-8420-F15B5C6BFEFB} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\Scheduler.exe [2017-03-10] (IObit)
Task: {68BDC52B-97BB-4A3B-8D05-598F87F84E65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {767C8064-4A1C-48C9-9F62-1A9F7E45955B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {781EDDD0-EAFD-4C77-9456-FBA36B9C8BC1} - System32\Tasks\ASC9_SkipUac_Ioakim => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-03-30] (IObit)
Task: {8159B57F-77CB-4617-9985-44A9B5A83282} - System32\Tasks\ASC10_SkipUac_Ioakim => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-03-30] (IObit)
Task: {8750280B-0CA7-495A-B087-CA571F59E799} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {8D2AD7C7-B854-42B4-AE1D-38DF9E4CD778} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-04-19] (IObit)
Task: {A7D11980-79F1-4C85-90A6-4E7B5871124E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {BE5F752F-D425-45D1-B740-8A90450A619C} - System32\Tasks\Uninstaller_SkipUac_Ioakim => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-03-29] (IObit)
Task: {C72B1BD1-6099-4637-A01E-2B175F8AEFB0} - System32\Tasks\OInstall => %WINDIR%\OInstall.exe
Task: {C98BE229-8CBB-4D0F-88A9-C99733CA6914} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-04-10] (IObit)
Task: {DA03A06D-0002-4F38-AB27-60EA63E2DF68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-24] (Google Inc.)
Task: {DBA51788-722E-440C-AF8E-F925B03BC6AA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {DC31F8D4-1CF2-4239-AB80-4DAF346E057B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {DF1086BD-0BD0-42AC-A6C1-F83A1A2388FA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {EA5B4E6E-1B74-430E-B0B4-A780350232A2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {F9AD4D84-BE91-4A1D-99C3-ED74CFD0754D} - System32\Tasks\Driver Booster SkipUAC (Ioakim) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\{8CE67B9E-3AC8-4ED2-A8EE-28E6FE3D0B51}.job => C:\Users\Ioakim\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe Ϲ/I C:\Users\Ioakim\AppData\Roaming\Riot Games\League of Legends 4.2.1\install\LoL.EUNE.msi AI_RESUME=1 ADDLOCAL=D2BCE474_49DC_4169_8EFD_7CAB0921B614,BAEAC99E_37AC_4DB1_8AA2_D0B4B5C09ED_1,F477261_82C3_4613_8028_BC4B6AA8AD37,LoLStartMenuShortcut,LeagueofLegends_GameClient,LeagueofLegends,LoLDesktopShortcut PRIMARYFOLDER=APPDIR ROOTDRIVE=D:\ AI_PREREQDIRS=C:\Users\Ioakim\AppData\Roaming\Riot Games\League of Legends\prerequisites AI_MISSING_PREREQS=DirectX 9 SDK Setup|Visual C++ 2005 SP1 Redistributable (x86) AI_FOUND_PREREQS=Visual C++ 2005 SP1 Redistributable (x64) AI_SETUPEXEPATH=C:\Users\Ioakim\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe SETUPEXEDIR=C:\Users\Ioakim\Downloads\ TARGETDIR=D:\ AI_VC_2005_SP1_X64_PREREQSEARCH_1_PROP=1 AI_DIRECTX_9_PREREQSEARCH_PROP=4.09.00.0904 AI_VC_2005_SP1_X64_PREREQSEARCH_2_PROP=1 APPDIR=C:\Riot Games\League of Legends\ AI_SETUPEXEPATH_ORIGINAL=C:\Users\Ioakim\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION

Shortcut: C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
Shortcut: C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
Shortcut: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
Shortcut: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Ioakim - Chrome.lnk -> C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <===== Cyrillic

ShortcutWithArgument: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.exe.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Ioakim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Cuptony\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Ioakim\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktop.com/

==================== Loaded Modules (Whitelisted) ==============

2016-12-06 17:00 - 2016-11-17 16:42 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-06 17:00 - 2016-11-17 16:42 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-06 17:01 - 2016-11-17 16:42 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-06-24 13:12 - 2016-06-24 13:10 - 00128512 _____ () C:\Users\Ioakim\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
2017-04-27 14:04 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-27 14:05 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-25 12:56 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2017-04-25 12:56 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2017-04-25 12:56 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2017-04-25 12:56 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
2017-04-24 17:45 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-04-24 17:45 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2017-04-25 12:56 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2017-04-25 12:56 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2016-12-06 17:00 - 2016-11-17 16:42 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-06 17:00 - 2016-11-17 16:42 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-06 17:00 - 2016-11-17 16:42 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-04-24 22:59 - 2016-08-10 17:13 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2017-04-24 22:59 - 2016-08-10 17:13 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2017-04-24 22:59 - 2016-08-10 17:13 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2017-04-24 22:59 - 2016-12-12 16:52 - 00631584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2017-04-24 22:59 - 2016-12-12 16:52 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2017-04-24 22:59 - 2016-12-12 16:52 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2017-04-24 22:59 - 2016-12-12 16:52 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2015-05-08 08:08 - 2015-05-08 08:08 - 00151552 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2015-05-08 08:08 - 2015-05-08 08:08 - 00081920 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2015-05-08 08:14 - 2015-05-08 08:14 - 00086016 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2017-04-28 16:16 - 2017-04-28 09:56 - 00117760 _____ () c:\programdata\microsoft\identitycrl\production\ppcrlconfig617.dll
2017-04-28 16:16 - 2017-04-28 09:56 - 00117760 _____ () C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig617.dll
2017-04-28 16:16 - 2017-03-09 08:31 - 02187096 _____ () C:\Program Files (x86)\Cuptony\Application\libglesv2.dll
2017-04-28 16:16 - 2017-03-09 08:31 - 00086360 _____ () C:\Program Files (x86)\Cuptony\Application\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\Temp:$DATA [16]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-104129644-4116897664-2065348068-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2017-04-28 14:23 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-104129644-4116897664-2065348068-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ioakim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService9 => 2
MSCONFIG\Services: GfExperienceService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: NvNetworkService => 3
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
 
==================== Restore Points =========================

24-04-2017 18:41:06 Checkpoint by HitmanPro
24-04-2017 18:41:28 Checkpoint by HitmanPro

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: RegFilter
Description: RegFilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RegFilter
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/29/2017 02:35:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x874
Faulting application start time: 0x01d2c0dc75d42288
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: fdbb3693-2ccf-11e7-a9d5-90e6bad41ca2

Error: (04/29/2017 02:33:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/29/2017 01:59:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x118c
Faulting application start time: 0x01d2c0d79bca5baa
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: e9a72247-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:58:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x1160
Faulting application start time: 0x01d2c0d78454abd6
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: d4339baf-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:58:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x334
Faulting application start time: 0x01d2c0d77d70d02b
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: bf560bc8-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:58:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x914
Faulting application start time: 0x01d2c0d776bef166
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: b831eaf5-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:57:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.0.0.912, time stamp: 0x58811d74
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a177
Exception code: 0xc0000005
Fault offset: 0x001948c7
Faulting process id: 0x468
Faulting application start time: 0x01d2c0d76f001722
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: b12a5aa6-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:57:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.912, time stamp: 0x58811df5
Faulting module name: mbam.exe, version: 3.0.0.912, time stamp: 0x58811df5
Exception code: 0xc0000005
Fault offset: 0x00239721
Faulting process id: 0x9a0
Faulting application start time: 0x01d2c0d6e98f7986
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Report Id: aa1e0797-2cca-11e7-bd21-90e6bad41ca2

Error: (04/29/2017 01:52:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/28/2017 02:16:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (04/29/2017 02:38:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RegFilter service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/29/2017 02:36:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Apple Cloud Service service terminated with the following error:
Apple Cloud Service is not a valid Win32 application.

Error: (04/29/2017 02:35:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/29/2017 02:33:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:31:13 PM on ‎4/‎29/‎2017 was unexpected.

Error: (04/29/2017 01:59:14 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Malwarebytes Service service, but this action failed with the following error:
An instance of the service is already running.

Error: (04/29/2017 01:59:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/29/2017 01:58:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/29/2017 01:58:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/29/2017 01:58:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (04/29/2017 01:58:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 44%
Total physical RAM: 8183.05 MB
Available physical RAM: 4566.46 MB
Total Virtual: 16364.29 MB
Available Virtual: 12040.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:69.9 GB) NTFS
Drive d: (???? s?????? ??a ?a ?eµ?se?) (Fixed) (Total:1863.01 GB) (Free:202.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1D1FA30C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 698F23E7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=======================================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Status
Not open for further replies.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
794
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back