TechSpot

I cannot get rid of "Win32/SupTab!blnk" virus

By goddangit
Nov 9, 2016
  1. Just recently I aquired a nasty adware virus that seems to slow down my computers performance quite a lot. Im not not getting any ads that pop up or anything else. the only thing I know is that the second that windows defender detects this virus or adware my pc starts to slow down a lot and I cant do much. ive tried every malware removeal under the sun and different kinds of virus protectors. malwarebytes adw, malwarebytes. cc cleaner, avg, bit defender, spyware hunter, hitman pro, god ive tried everything. im avoiding doing a system restore because its a custom pc and I dont want to reinstall everything. so it would be very great if someone knows how get rid of this virus for good. ps im also not able to find it in uninstall section anywhere. PLEASE HELP!
     
  2. Cycloid Torus

    Cycloid Torus TS Evangelist Posts: 1,657   +309

  3. goddangit

    goddangit TS Rookie Topic Starter

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
    Ran by Cameron (administrator) on CAMERON-PC (09-11-2016 13:32:10)
    Running from C:\Users\Cameron\Downloads
    Loaded Profiles: Cameron (Available Profiles: Cameron)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Curse, Inc) C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Curse.exe
    (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
    (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
    (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
    () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (Curse, Inc.) C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Curse, Inc.) C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
    (Curse, Inc.) C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
    (Curse, Inc.) C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
    HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
    HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
    HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (the data entry has 36 more characters).
    HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
    HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
    HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)
    HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-12-30] ()
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2016-01-04] (Google Inc.)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-03] (Bogdan Sharkov)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29544576 2016-08-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\MountPoints2: D - D:\setup.exe
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\MountPoints2: {2eb4f207-6751-11e6-8b66-aa24dfbd245e} - H:\Autorun.exe
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\MountPoints2: {62eb8e1e-bc09-11e5-8070-a035ffc54240} - D:\setup.exe
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\MountPoints2: {acf62c8a-42ac-11e6-beef-d3641d7b7b59} - D:\VerizonSWUpgradeAssistantLauncher.exe
    Startup: C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-02-02]
    ShortcutTarget: Curse.lnk -> C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{4AF1F55F-D965-4618-85D5-20BCE54980F4}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    HKU\S-1-5-21-129599638-1263965058-21906161-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-07] (Google Inc.)
    BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-12-30] (Wondershare)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-07] (Google Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-07] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-07] (Google Inc.)
    Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-02-28] ()
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
    FF Plugin HKU\S-1-5-21-129599638-1263965058-21906161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cameron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
    FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-10-24]
    FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
    FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-01-09]

    Chrome:
    =======
    CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={375FF168-D506-418A-99EF-20D4E3344231}&mid=191733ab625947d2b57dc131942f272c-14e39f401e99748f2c1b30b05e882db9c8b189d5&lang=en&ds=oc011&coid=avgtbdisoc&cmpid=&pr=sa&d=2014-08-25 04:28:27&v=18.1.9.786&pid=safeguard&sg=&sap=hp
    CHR StartupUrls: Default -> "hxxps://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8","hxxp://mail.ru/cnt/10445?gp=811009"
    CHR Profile: C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Heartbeat) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2016-11-09]
    CHR Extension: (Google Slides) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-04]
    CHR Extension: (BetterTTV) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-01-18]
    CHR Extension: (Google Docs) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-04]
    CHR Extension: (Google Drive) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-04]
    CHR Extension: (MEGA) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-11]
    CHR Extension: (Poper Blocker) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2016-01-04]
    CHR Extension: (YouTube) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-04]
    CHR Extension: (Adblock Plus) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-04]
    CHR Extension: (Google Search) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-04]
    CHR Extension: (Galaxy-View) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-01-04]
    CHR Extension: (Google Sheets) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-04]
    CHR Extension: (Google Docs Offline) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-04]
    CHR Extension: (AudioSauna) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-01-04]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-04]
    CHR Extension: (Gmail) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-04]
    CHR Extension: (Chrome Media Router) - C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-03]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
    S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-26] (BitRaider, LLC)
    R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-01-22] (EasyAntiCheat Ltd)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
    R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2621448 2016-09-13] (LogMeIn Inc.)
    U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-02-02] (Hi-Rez Studios) [File not signed]
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
    S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
    R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-31] (Electronic Arts)
    S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-31] (Electronic Arts)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-01-08] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-02-02] ()
    R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
    R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-12-11] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
    R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
    S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-01-26] (BitRaider)
    R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-16] (Disc Soft Ltd)
    R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-16] (Disc Soft Ltd)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-09] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
    S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
    R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
    R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
    R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-12-11] (VIA Technologies, Inc.)
    R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.)
    S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
    S3 MSICDSetup; \??\D:\CDriver64.sys [X]
    S3 NPF; system32\DRIVERS\npf.sys [X]
    S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  4. goddangit

    goddangit TS Rookie Topic Starter

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-11-09 13:32 - 2016-11-09 13:32 - 00024799 _____ C:\Users\Cameron\Downloads\FRST.txt
    2016-11-09 13:31 - 2016-11-09 13:32 - 00000000 ____D C:\FRST
    2016-11-09 13:31 - 2016-11-09 13:31 - 02193920 _____ (Farbar) C:\Users\Cameron\Downloads\FRST64.exe
    2016-11-09 13:30 - 2016-11-09 13:30 - 01730048 _____ (Farbar) C:\Users\Cameron\Downloads\FRST.exe
    2016-11-09 11:17 - 2016-11-09 11:18 - 03910208 _____ C:\Users\Cameron\Downloads\adwcleaner_6.030.exe
    2016-11-09 10:29 - 2016-11-09 13:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-11-09 10:29 - 2016-11-09 10:29 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-11-09 10:29 - 2016-11-09 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-11-09 10:29 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2016-11-09 10:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
    2016-11-09 10:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2016-11-09 10:28 - 2016-11-09 10:28 - 22851472 _____ (Malwarebytes ) C:\Users\Cameron\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
    2016-11-09 10:23 - 2016-11-09 10:23 - 00942843 _____ C:\Users\Cameron\Downloads\Spyhunter-4.5.7.3531-Serial-Key.zip
    2016-11-09 08:43 - 2016-11-09 10:42 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Enigma Software Group
    2016-11-09 08:43 - 2016-11-09 08:43 - 00000000 ____D C:\sh4ldr
    2016-11-09 08:43 - 2016-11-09 08:43 - 00000000 _____ C:\autoexec.bat
    2016-11-09 08:42 - 2016-11-09 10:44 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-11-09 07:41 - 2016-11-09 07:41 - 00000757 _____ C:\Windows\DtcInstall.log
    2016-11-09 07:39 - 2016-11-09 07:39 - 00001568 _____ C:\Windows\comsetup.log
    2016-11-09 07:15 - 2016-11-09 07:42 - 00002829 _____ C:\Windows\diagerr.xml
    2016-11-09 07:15 - 2016-11-09 07:42 - 00001908 _____ C:\Windows\diagwrn.xml
    2016-11-09 07:15 - 2016-11-09 07:42 - 00000000 ___HD C:\$WINDOWS.~BT
    2016-11-09 07:13 - 2016-11-09 07:15 - 00000036 _____ C:\Windows\progress.ini
    2016-11-09 06:55 - 2016-11-09 07:57 - 00000000 ____D C:\Windows10Upgrade
    2016-11-09 06:55 - 2016-11-09 07:42 - 00000000 ___HD C:\$GetCurrent
    2016-11-09 06:55 - 2016-11-09 06:55 - 05741448 _____ (Microsoft Corporation) C:\Users\Cameron\Downloads\Windows10Upgrade24074.exe
    2016-11-09 06:55 - 2016-11-09 06:55 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
    2016-11-08 20:52 - 2016-11-08 20:52 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\AVG
    2016-11-08 20:51 - 2016-11-08 20:51 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\TuneUp Software
    2016-11-08 20:51 - 2016-11-08 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-11-08 20:50 - 2016-11-08 20:50 - 00000000 ___HD C:\$AVG
    2016-11-08 20:48 - 2016-11-09 11:22 - 00000000 ____D C:\ProgramData\MFAData
    2016-11-08 20:48 - 2016-11-08 20:48 - 00000000 ____D C:\Users\Cameron\AppData\Local\MFAData
    2016-11-08 20:46 - 2016-11-08 20:46 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
    2016-11-08 20:46 - 2016-11-08 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
    2016-11-08 20:45 - 2016-11-08 20:49 - 00000000 ____D C:\Program Files (x86)\AVG
    2016-11-08 20:45 - 2016-11-08 20:45 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
    2016-11-08 20:35 - 2016-11-09 11:21 - 00466166 _____ C:\Windows\PFRO.log
    2016-11-08 20:34 - 2016-11-08 20:34 - 00241514 _____ C:\ProgramData\1478665991.bdinstall.bin
    2016-11-08 20:26 - 2016-11-08 20:50 - 00000000 ____D C:\ProgramData\Avg
    2016-11-08 20:25 - 2016-11-08 20:52 - 00000000 ____D C:\Users\Cameron\AppData\Local\Avg
    2016-11-08 20:25 - 2016-11-08 20:48 - 00000000 ____D C:\Users\Cameron\AppData\Local\AvgSetupLog
    2016-11-08 20:24 - 2016-11-08 20:25 - 02895464 _____ (AVG Technologies) C:\Users\Cameron\Downloads\AVG_Protection_Free_1115.exe
    2016-11-08 19:51 - 2016-11-08 19:51 - 00000000 ____D C:\Program Files\Epic Games
    2016-11-08 19:47 - 2016-11-08 19:47 - 00000000 ____D C:\Users\Cameron\AppData\Local\UnrealEngineLauncher
    2016-11-08 19:47 - 2016-11-08 19:47 - 00000000 ____D C:\Users\Cameron\AppData\Local\EpicGamesLauncher
    2016-11-08 19:46 - 2016-11-08 19:49 - 00000000 ____D C:\ProgramData\Epic
    2016-11-08 19:46 - 2016-11-08 19:46 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
    2016-11-08 19:46 - 2016-11-08 19:46 - 00001230 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
    2016-11-08 19:46 - 2016-11-08 19:46 - 00000000 ____D C:\Program Files (x86)\Epic Games
    2016-11-08 19:45 - 2016-11-08 19:45 - 40574976 _____ C:\Users\Cameron\Downloads\ParagonEpicGamesLauncherInstaller-2.12.14-3176191.msi
    2016-11-08 17:07 - 2016-11-08 17:25 - 00000000 ____D C:\ProgramData\HitmanPro
    2016-11-08 16:41 - 2016-11-02 07:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2016-11-08 16:41 - 2016-11-02 07:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2016-11-08 16:41 - 2016-11-02 07:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2016-11-08 16:41 - 2016-11-02 07:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2016-11-08 16:41 - 2016-11-02 07:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2016-11-08 16:41 - 2016-11-02 07:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2016-11-08 16:41 - 2016-11-02 07:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2016-11-08 16:41 - 2016-11-02 07:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2016-11-08 16:41 - 2016-11-02 07:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2016-11-08 16:41 - 2016-11-02 06:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2016-11-08 16:41 - 2016-10-27 19:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-11-08 16:41 - 2016-10-27 19:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-11-08 16:41 - 2016-10-27 11:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-11-08 16:41 - 2016-10-27 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2016-11-08 16:41 - 2016-10-27 10:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-11-08 16:41 - 2016-10-27 10:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-11-08 16:41 - 2016-10-27 10:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2016-11-08 16:41 - 2016-10-27 10:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-11-08 16:41 - 2016-10-27 10:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2016-11-08 16:41 - 2016-10-27 10:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-11-08 16:41 - 2016-10-27 10:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-11-08 16:41 - 2016-10-27 10:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-11-08 16:41 - 2016-10-27 10:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-11-08 16:41 - 2016-10-27 10:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-11-08 16:41 - 2016-10-27 10:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2016-11-08 16:41 - 2016-10-27 10:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-11-08 16:41 - 2016-10-27 10:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2016-11-08 16:41 - 2016-10-27 10:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-11-08 16:41 - 2016-10-27 10:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2016-11-08 16:41 - 2016-10-27 10:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-11-08 16:41 - 2016-10-27 10:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-11-08 16:41 - 2016-10-27 10:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2016-11-08 16:41 - 2016-10-27 10:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2016-11-08 16:41 - 2016-10-27 10:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-11-08 16:41 - 2016-10-27 10:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-11-08 16:41 - 2016-10-27 10:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-11-08 16:41 - 2016-10-27 10:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2016-11-08 16:41 - 2016-10-27 09:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-11-08 16:41 - 2016-10-27 09:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-11-08 16:41 - 2016-10-27 09:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-11-08 16:41 - 2016-10-27 09:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-11-08 16:41 - 2016-10-27 09:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2016-11-08 16:41 - 2016-10-27 09:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-11-08 16:41 - 2016-10-27 09:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-11-08 16:41 - 2016-10-27 09:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-11-08 16:41 - 2016-10-27 08:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-11-08 16:41 - 2016-10-27 07:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-11-08 16:41 - 2016-10-25 07:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-11-08 16:41 - 2016-10-22 09:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-11-08 16:41 - 2016-10-22 09:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-11-08 16:41 - 2016-10-22 09:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2016-11-08 16:41 - 2016-10-22 09:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-11-08 16:41 - 2016-10-22 09:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-11-08 16:41 - 2016-10-22 09:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2016-11-08 16:41 - 2016-10-22 09:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-11-08 16:41 - 2016-10-22 09:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-11-08 16:41 - 2016-10-22 09:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-11-08 16:41 - 2016-10-22 09:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2016-11-08 16:41 - 2016-10-22 09:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-11-08 16:41 - 2016-10-22 09:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2016-11-08 16:41 - 2016-10-22 09:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2016-11-08 16:41 - 2016-10-22 09:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-11-08 16:41 - 2016-10-22 09:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2016-11-08 16:41 - 2016-10-22 09:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2016-11-08 16:41 - 2016-10-22 08:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-11-08 16:41 - 2016-10-22 08:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-11-08 16:41 - 2016-10-22 08:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-11-08 16:41 - 2016-10-22 08:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2016-11-08 16:41 - 2016-10-22 08:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2016-11-08 16:41 - 2016-10-22 08:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-11-08 16:41 - 2016-10-22 08:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-11-08 16:41 - 2016-10-22 08:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-11-08 16:41 - 2016-10-22 08:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2016-11-08 16:41 - 2016-10-22 08:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-11-08 16:41 - 2016-10-22 08:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-11-08 16:41 - 2016-10-22 08:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-11-08 16:41 - 2016-10-22 08:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2016-11-08 16:41 - 2016-10-15 07:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2016-11-08 16:41 - 2016-10-15 07:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2016-11-08 16:41 - 2016-10-15 07:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2016-11-08 16:41 - 2016-10-15 07:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2016-11-08 16:41 - 2016-10-11 07:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
    2016-11-08 16:41 - 2016-10-11 07:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
    2016-11-08 16:41 - 2016-10-11 07:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2016-11-08 16:41 - 2016-10-11 07:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2016-11-08 16:41 - 2016-10-11 07:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
    2016-11-08 16:41 - 2016-10-11 07:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
    2016-11-08 16:41 - 2016-10-11 07:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
    2016-11-08 16:41 - 2016-10-11 07:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2016-11-08 16:41 - 2016-10-11 07:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
    2016-11-08 16:41 - 2016-10-11 07:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
    2016-11-08 16:41 - 2016-10-11 07:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
    2016-11-08 16:41 - 2016-10-11 07:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
    2016-11-08 16:41 - 2016-10-11 05:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2016-11-08 16:41 - 2016-10-11 05:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2016-11-08 16:41 - 2016-10-10 07:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-11-08 16:41 - 2016-10-10 07:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-11-08 16:41 - 2016-10-10 07:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-11-08 16:41 - 2016-10-10 07:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-11-08 16:41 - 2016-10-10 07:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-11-08 16:41 - 2016-10-10 07:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-11-08 16:41 - 2016-10-10 07:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2016-11-08 16:41 - 2016-10-10 07:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-11-08 16:41 - 2016-10-10 07:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-11-08 16:41 - 2016-10-10 06:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-11-08 16:41 - 2016-10-10 06:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-11-08 16:41 - 2016-10-10 06:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-11-08 16:41 - 2016-10-10 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-11-08 16:41 - 2016-10-10 06:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2016-11-08 16:41 - 2016-10-10 06:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2016-11-08 16:41 - 2016-10-07 07:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2016-11-08 16:41 - 2016-10-07 07:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2016-11-08 16:41 - 2016-10-07 07:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2016-11-08 16:41 - 2016-10-07 07:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2016-11-08 16:41 - 2016-10-07 07:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2016-11-08 16:41 - 2016-10-07 07:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ap
     
  5. goddangit

    goddangit TS Rookie Topic Starter

    I-ms-win-core-sysinfo-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 07:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2016-11-08 16:41 - 2016-10-07 07:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2016-11-08 16:41 - 2016-10-07 07:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2016-11-08 16:41 - 2016-10-07 07:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2016-11-08 16:41 - 2016-10-07 07:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2016-11-08 16:41 - 2016-10-07 06:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2016-11-08 16:41 - 2016-10-07 06:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2016-11-08 16:41 - 2016-10-07 06:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2016-11-08 16:41 - 2016-10-07 06:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2016-11-08 16:41 - 2016-10-07 06:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2016-11-08 16:41 - 2016-10-07 06:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 06:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 06:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-07 06:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2016-11-08 16:41 - 2016-10-05 06:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2016-11-08 16:41 - 2016-09-15 06:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2016-11-08 16:41 - 2016-09-13 07:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2016-11-08 16:41 - 2016-09-13 07:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2016-11-08 16:41 - 2016-09-09 10:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2016-11-08 16:41 - 2016-09-09 10:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2016-11-08 16:41 - 2016-08-22 08:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2016-11-03 19:19 - 2016-11-03 19:19 - 00001090 _____ C:\Users\Public\Desktop\Overwatch.lnk
    2016-11-03 19:19 - 2016-11-03 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
    2016-11-03 18:48 - 2016-11-03 19:57 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2016-11-01 19:56 - 2016-11-01 19:56 - 00000000 ____D C:\Users\Cameron\Downloads\Pirate Perfection PD2
    2016-11-01 19:48 - 2016-11-01 19:48 - 01090726 _____ C:\Users\Cameron\Downloads\PPR_v1.1.2f-BLT (1).zip
    2016-11-01 19:17 - 2016-11-01 19:18 - 01090726 _____ C:\Users\Cameron\Downloads\PPR_v1.1.2f-BLT.zip
    2016-11-01 13:39 - 2016-11-03 11:10 - 00153387 _____ C:\Users\Cameron\Desktop\nice so far.flp
    2016-11-01 07:19 - 2016-11-01 07:20 - 00076417 _____ C:\Users\Cameron\Desktop\light.flp
    2016-10-31 12:37 - 2016-10-31 12:37 - 00079948 _____ C:\Users\Cameron\Desktop\jeans.flp
    2016-10-31 05:35 - 2016-10-31 05:35 - 00000000 ____D C:\Users\Cameron\.QtWebEngineProcess
    2016-10-31 05:35 - 2016-10-31 05:35 - 00000000 ____D C:\Users\Cameron\.Origin
    2016-10-29 15:52 - 2016-11-09 11:21 - 00002927 _____ C:\Windows\setupact.log
    2016-10-29 15:52 - 2016-11-09 07:37 - 00000495 _____ C:\Windows\setuperr.log
    2016-10-26 23:45 - 2016-10-26 23:46 - 00000000 ____D C:\Users\Cameron\Documents\ArmA 2
    2016-10-26 23:45 - 2016-10-26 23:45 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
    2016-10-26 23:45 - 2016-10-26 23:45 - 00000000 ____D C:\Users\Cameron\AppData\Local\ArmA 2
    2016-10-26 23:45 - 2016-10-26 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
    2016-10-26 23:44 - 2016-11-08 19:48 - 00018914 _____ C:\Windows\DirectX.log
    2016-10-24 21:13 - 2016-10-24 22:19 - 00000000 ____D C:\Users\Cameron\AppData\Local\node-webkit
    2016-10-24 21:06 - 2016-11-09 10:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-10-24 21:06 - 2016-10-24 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
    2016-10-24 20:47 - 2016-11-09 10:43 - 00000000 ____D C:\Users\Cameron\AppData\LocalLow\Company
    2016-10-24 20:47 - 2016-10-24 20:47 - 00000000 ____D C:\Users\Cameron\AppData\Local\Tempfolder
    2016-10-24 20:46 - 2016-10-24 20:46 - 00000000 ____D C:\Users\Cameron\AppData\Local\CrashRpt
    2016-10-24 20:45 - 2016-10-24 20:45 - 00000000 _____ C:\TOSTACK
    2016-10-24 20:44 - 2016-10-24 20:44 - 00000001 _____ C:\Users\Cameron\AppData\Local\setupsuccessful.txt
    2016-10-24 20:44 - 2016-10-24 20:44 - 00000000 _____ C:\Users\Cameron\AppData\Local\stxtname.txt
    2016-10-24 20:44 - 2016-10-24 20:44 - 00000000 _____ C:\Users\Cameron\AppData\Local\run.txt
    2016-10-24 08:30 - 2016-10-24 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-10-24 08:30 - 2016-10-24 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-10-24 08:30 - 2016-10-24 08:31 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Mozilla
    2016-10-24 08:30 - 2016-10-24 08:30 - 00000000 ____D C:\Users\Cameron\AppData\Local\Mozilla
    2016-10-21 01:06 - 2016-11-07 14:21 - 00000107 _____ C:\Users\Cameron\Desktop\asdfadf.txt
    2016-10-19 14:13 - 2016-10-19 14:13 - 00267520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
    2016-10-17 17:19 - 2016-10-17 17:19 - 00312576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
    2016-10-16 20:20 - 2016-10-16 20:20 - 00000000 ____D C:\Users\Cameron\AppData\Local\Creative
    2016-10-13 22:40 - 2016-10-14 17:47 - 00154445 _____ C:\Users\Cameron\Desktop\one.flp
    2016-10-12 19:18 - 2016-10-12 19:18 - 00000000 ____D C:\ProgramData\Twitch
    2016-10-12 19:17 - 2016-10-12 19:20 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Twitch
    2016-10-12 19:17 - 2016-10-12 19:18 - 00000000 ____D C:\Program Files (x86)\Twitch Launcher
    2016-10-12 19:17 - 2016-10-12 19:17 - 00001070 _____ C:\Users\Public\Desktop\Twitch Launcher.lnk
    2016-10-12 19:17 - 2016-10-12 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Launcher
    2016-10-12 19:15 - 2016-10-12 19:16 - 111076536 _____ (Twitch) C:\Users\Cameron\Downloads\TwitchLauncherInstaller.exe
    2016-10-11 21:49 - 2016-09-12 13:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
    2016-10-11 21:49 - 2016-09-12 12:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
    2016-10-11 21:49 - 2016-09-12 11:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2016-10-11 21:49 - 2016-09-12 10:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2016-10-11 21:49 - 2016-09-12 10:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2016-10-11 21:49 - 2016-09-08 12:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2016-10-11 21:49 - 2016-09-08 12:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2016-10-11 21:49 - 2016-09-08 12:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2016-10-11 21:49 - 2016-09-08 12:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2016-10-11 21:49 - 2016-09-08 06:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2016-10-11 21:49 - 2016-09-08 06:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2016-10-11 21:49 - 2016-08-12 09:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2016-10-11 21:49 - 2016-08-12 09:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2016-10-11 21:49 - 2016-08-12 09:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2016-10-11 21:49 - 2016-08-12 09:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2016-10-11 21:49 - 2016-08-12 09:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2016-10-11 21:49 - 2016-08-12 08:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2016-10-11 21:49 - 2016-08-12 08:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2016-10-11 21:49 - 2016-08-12 08:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2016-10-11 21:49 - 2016-08-12 08:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2016-10-11 21:49 - 2016-08-12 08:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2016-10-11 21:49 - 2016-08-12 08:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
    2016-10-11 21:49 - 2016-08-06 07:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
    2016-10-11 21:49 - 2016-08-06 07:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2016-10-11 21:49 - 2016-08-06 07:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2016-10-11 21:49 - 2016-08-06 07:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2016-10-11 21:49 - 2016-08-06 07:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2016-10-11 21:49 - 2016-08-06 07:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
    2016-10-11 21:49 - 2016-08-06 07:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2016-10-11 21:49 - 2016-08-06 07:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
    2016-10-11 21:49 - 2016-08-06 06:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2016-10-11 21:49 - 2016-08-06 06:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
    2016-10-11 21:49 - 2016-08-06 06:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
    2016-10-11 21:49 - 2016-06-14 09:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2016-10-11 21:49 - 2016-06-14 09:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2016-10-11 21:49 - 2016-06-14 09:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2016-10-11 21:49 - 2016-06-14 09:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2016-10-11 21:49 - 2016-06-14 07:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
    2016-10-11 21:49 - 2016-06-14 07:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2016-10-11 21:49 - 2016-06-14 07:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2016-10-11 21:49 - 2016-06-14 07:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2016-10-11 21:49 - 2016-06-14 07:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2016-10-11 21:49 - 2016-06-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2016-10-11 21:49 - 2016-06-14 07:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2016-10-11 21:49 - 2016-06-14 07:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
    2016-10-11 21:49 - 2016-06-14 07:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2016-10-11 21:48 - 2016-09-12 13:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2016-10-11 21:48 - 2016-09-12 13:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2016-10-11 21:48 - 2016-09-09 07:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2016-10-11 21:48 - 2016-08-29 07:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2016-10-11 21:48 - 2016-08-29 07:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2016-10-11 21:48 - 2016-08-29 07:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2016-10-11 21:48 - 2016-08-29 07:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2016-10-11 21:48 - 2016-08-29 07:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2016-10-11 21:48 - 2016-08-29 07:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2016-10-11 21:48 - 2016-08-29 07:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2016-10-11 21:48 - 2016-08-29 06:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2016-10-11 21:48 - 2016-08-16 12:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2016-10-11 21:48 - 2016-08-16 12:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2016-10-11 21:48 - 2016-07-22 06:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2016-10-11 21:48 - 2016-07-22 06:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2016-10-10 11:51 - 2016-10-10 11:51 - 00000000 ____D C:\Users\Cameron\AppData\Local\2K Games
    2016-10-10 11:49 - 2016-10-10 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-11-09 13:32 - 2016-01-04 14:01 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Skype
    2016-11-09 13:22 - 2016-01-12 22:01 - 00000000 ____D C:\Program Files\Bitdefender Agent
    2016-11-09 12:41 - 2016-01-04 01:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-11-09 12:28 - 2016-01-04 00:37 - 01177319 _____ C:\Windows\WindowsUpdate.log
    2016-11-09 12:25 - 2016-05-06 16:29 - 00000000 ____D C:\Users\Cameron\AppData\Local\Battle.net
    2016-11-09 12:24 - 2016-02-02 21:38 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Curse Client
    2016-11-09 11:41 - 2016-01-04 01:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-11-09 11:31 - 2009-07-13 20:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-11-09 11:31 - 2009-07-13 20:45 - 00021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-11-09 11:25 - 2016-05-06 16:28 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-11-09 11:23 - 2016-07-01 02:31 - 00000000 ____D C:\Users\Cameron\AppData\Local\LogMeIn Hamachi
    2016-11-09 11:21 - 2016-01-04 01:39 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-11-09 11:21 - 2016-01-04 01:18 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-11-09 11:21 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-11-09 11:19 - 2016-09-16 02:16 - 00000000 ____D C:\AdwCleaner
    2016-11-09 07:42 - 2016-01-04 00:33 - 00000000 ____D C:\Windows\Panther
    2016-11-09 07:39 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
    2016-11-09 03:26 - 2009-07-13 21:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-11-09 03:18 - 2009-07-13 20:45 - 04892680 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-11-08 21:32 - 2016-01-09 04:11 - 00000000 ___RD C:\Users\Cameron\Desktop\Cinema 4D R17 (TECHCROSS)
    2016-11-08 20:51 - 2016-01-06 13:11 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-11-08 20:43 - 2016-01-04 02:03 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-11-08 20:35 - 2016-01-12 22:18 - 00000000 ____D C:\ProgramData\Bitdefender
    2016-11-08 20:34 - 2016-01-12 22:18 - 00000000 ____D C:\Program Files\Bitdefender
    2016-11-08 20:08 - 2016-02-04 14:14 - 00000000 ____D C:\Program Files (x86)\R.G. Games
    2016-11-08 19:48 - 2016-01-04 01:34 - 00000000 ____D C:\ProgramData\Package Cache
    2016-11-08 19:47 - 2016-03-05 13:28 - 00000000 ____D C:\Users\Cameron\AppData\Local\UnrealEngine
    2016-11-08 17:25 - 2016-05-06 17:06 - 00000000 ____D C:\Users\Cameron\Documents\Overwatch
    2016-11-08 17:25 - 2016-01-12 21:23 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\uTorrent
    2016-11-08 17:25 - 2016-01-04 00:49 - 00000000 ____D C:\Users\Cameron
    2016-11-08 17:25 - 2015-12-31 20:23 - 00000000 ___HD C:\SuperChargerProfile
    2016-11-08 16:57 - 2016-05-06 16:29 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Battle.net
    2016-11-08 16:50 - 2016-01-09 04:35 - 00000000 ____D C:\Users\Cameron\AppData\Local\CrashDumps
    2016-11-01 21:16 - 2016-01-04 02:00 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Origin
    2016-11-01 19:56 - 2016-08-27 20:06 - 00000000 ____D C:\Users\Cameron\AppData\LocalLow\uTorrent
    2016-10-31 05:42 - 2016-03-10 23:19 - 00000000 ____D C:\Users\Cameron\AppData\Local\Frontier_Developments
    2016-10-31 05:35 - 2016-01-04 01:55 - 00000000 ____D C:\ProgramData\Origin
    2016-10-31 05:35 - 2016-01-04 01:53 - 00000000 ____D C:\Program Files (x86)\Origin
    2016-10-28 16:39 - 2016-01-04 01:16 - 00000000 ____D C:\Users\Cameron\AppData\Local\Google
    2016-10-26 19:47 - 2016-03-10 21:15 - 00000000 ____D C:\Users\Cameron\AppData\Local\game-debate
    2016-10-26 16:29 - 2010-11-20 19:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2016-10-25 23:02 - 2016-01-12 18:00 - 00000000 ____D C:\Windows\Minidump
    2016-10-24 22:25 - 2016-01-04 14:00 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-10-24 22:23 - 2016-02-11 22:48 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
    2016-10-24 22:22 - 2016-09-14 13:44 - 00000000 ____D C:\Users\Cameron\AppData\LocalLow\Unity
    2016-10-24 22:22 - 2016-09-14 13:44 - 00000000 ____D C:\Users\Cameron\AppData\Local\Unity
    2016-10-24 22:22 - 2016-02-11 22:48 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
    2016-10-24 22:22 - 2016-01-20 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
    2016-10-24 22:22 - 2016-01-20 13:15 - 00000000 ____D C:\Program Files (x86)\NCWest
    2016-10-24 22:22 - 2016-01-04 01:25 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
    2016-10-24 22:22 - 2015-12-31 18:42 - 00000000 ____D C:\a
    2016-10-24 21:59 - 2016-01-16 01:12 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\DAEMON Tools Lite
    2016-10-24 20:48 - 2016-09-07 01:03 - 00000000 ____D C:\Windows\system32\appmgmt
    2016-10-21 07:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\NDF
    2016-10-20 02:38 - 2016-02-23 15:39 - 00000000 ____D C:\Users\Cameron\AppData\Roaming\TS3Client
    2016-10-20 00:50 - 2016-01-04 01:23 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
    2016-10-16 18:26 - 2016-01-04 01:15 - 00060528 _____ C:\Users\Cameron\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-10-12 11:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
    2016-10-12 10:33 - 2016-01-04 04:13 - 00000000 ___SD C:\Windows\system32\CompatTel
    2016-10-12 10:33 - 2016-01-04 04:13 - 00000000 ____D C:\Windows\system32\appraiser
    2016-10-12 10:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
    2016-10-12 10:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\Dism

    ==================== Files in the root of some directories =======

    2016-09-17 23:35 - 2016-09-17 23:35 - 0000000 _____ () C:\Users\Cameron\AppData\Local\Driver_LOM_8161Present.flag
    2016-10-24 20:44 - 2016-10-24 20:44 - 0000000 _____ () C:\Users\Cameron\AppData\Local\run.txt
    2016-10-24 20:44 - 2016-10-24 20:44 - 0000001 _____ () C:\Users\Cameron\AppData\Local\setupsuccessful.txt
    2016-10-24 20:44 - 2016-10-24 20:44 - 0000000 _____ () C:\Users\Cameron\AppData\Local\stxtname.txt
    2016-02-12 17:57 - 2016-02-12 17:57 - 0000000 _____ () C:\Users\Cameron\AppData\Local\{D71DB1DE-14F5-4236-A820-4829510E96FE}
    2016-11-08 20:34 - 2016-11-08 20:34 - 0241514 _____ () C:\ProgramData\1478665991.bdinstall.bin

    Some files in TEMP:
    ====================
    C:\Users\Cameron\AppData\Local\Temp\libeay32.dll
    C:\Users\Cameron\AppData\Local\Temp\msvcr120.dll
    C:\Users\Cameron\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-11-05 14:31

    ==================== End of FRST.txt ============================
     
  6. goddangit

    goddangit TS Rookie Topic Starter

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
    Ran by Cameron (2016-11-09 13:33:00)
    Running from C:\Users\Cameron\Downloads
    Windows 7 Ultimate Service Pack 1 (X64) (2016-01-04 08:49:05)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-129599638-1263965058-21906161-500 - Administrator - Disabled)
    Cameron (S-1-5-21-129599638-1263965058-21906161-1000 - Administrator - Enabled) => C:\Users\Cameron
    Guest (S-1-5-21-129599638-1263965058-21906161-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-129599638-1263965058-21906161-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)
    Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
    Age of Conquest IV (HKLM\...\Steam App 314970) (Version: - Noble Master LLC)
    Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
    Any Video Converter 5.9.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
    Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    Arma 2 (HKLM\...\Steam App 33900) (Version: - Bohemia Interactive)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
    AVG (HKLM\...\AvgZen) (Version: 1.111.2.45832 - AVG Technologies)
    AVG (Version: 16.131.7924 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
    AVG Zen (Version: 1.111.9 - AVG Technologies) Hidden
    Awesomenauts (HKLM\...\Steam App 204300) (Version: - Ronimo Games)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.17.1000 - Bitdefender)
    BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
    Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
    Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Camtasia Studio 8 (HKLM-x32\...\{80AE23DF-71A4-4E3F-B931-F93AB5DF0BDD}) (Version: 8.4.2.1768 - TechSmith Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
    CEVO CS:GO Client Beta version 2.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 2.0 - )
    Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
    Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
    Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
    Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
    Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd)
    Elite Dangerous (HKLM\...\Steam App 359320) (Version: - Frontier Developments)
    Epic Games Launcher (HKLM-x32\...\{2DE76AAC-8061-4D9B-B7BA-A7CFBE0F8048}) (Version: 1.1.86.0 - Epic Games, Inc.)
    Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: v.1.1.30.0 - Decepticon)
    FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
    FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
    FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
    FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
    Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
    GD Hardware Scan (HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HitFilm 3 Express (HKLM\...\{779F4B16-E618-418B-9F74-D9278121D318}) (Version: 3.1.5110.13555 - FXhome)
    IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
    Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
    iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
    Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
    League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
    Mafia III (HKLM-x32\...\Mafia III_is1) (Version: - )
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    MorphVOX Pro (HKLM-x32\...\{3ac2ad7f-6aee-42ed-a008-6f9cbd1de922}) (Version: 4.4.63.1606 - Screaming Bee)
    MorphVOX Pro (x32 Version: 4.4.63.1606 - Screaming Bee) Hidden
    MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
    MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
    NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
    No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games)
    No More Room in Hell (HKLM\...\Steam App 224260) (Version: - No More Room in Hell Team)
    NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.81 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
    NVIDIA Graphics Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.10.2.4863 - Electronic Arts, Inc.)
    Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.4.6.10930 - Razer Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
    reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
    RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
    Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.0.6.2 - Splashtop Inc.)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    TeamSpeak 3 Client (HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
    This Is the Police (HKLM-x32\...\This Is the Police_is1) (Version: - )
    Tom Clancys Rainbow Six Siege (HKLM-x32\...\Tom Clancys Rainbow Six Siege_is1) (Version: - )
    Total War ATTILA Age of Charlemagne (HKLM-x32\...\Total War ATTILA Age of Charlemagne_is1) (Version: 1.0 - PLAZA)
    Tribal Trouble (HKLM-x32\...\Tribal Trouble) (Version: - Oddlabs ApS)
    Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
    Unity Web Player (HKU\S-1-5-21-129599638-1263965058-21906161-1000\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
    Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
    Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
    VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
    Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
    Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
    WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
    Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)
    Wondershare Video Converter Ultimate(Build 8.5.6.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.5.6.0 - Wondershare Software)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    08-11-2016 16:32:38 Windows Update
    08-11-2016 16:36:42 Windows Defender Checkpoint
    08-11-2016 17:12:33 Checkpoint by HitmanPro
    08-11-2016 17:13:28 Checkpoint by HitmanPro
    08-11-2016 19:46:49 Installed DirectX
    08-11-2016 19:48:19 Installed DirectX
    08-11-2016 20:07:54 Windows Defender Checkpoint
    08-11-2016 20:48:43 Installed AVG 2016
    08-11-2016 20:49:34 Installed AVG
    09-11-2016 03:00:12 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2016-09-06 23:26 - 00000075 ____N C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 oscount.techsmith.com
    127.0.0.1 activation.cloud.techsmith.com


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {048122C3-77F9-4B27-B3C6-C5E6BDC3BFC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)
    Task: {1670D129-84A7-4F4E-B721-DCA9AD5ADC0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
    Task: {4C7A510B-62BD-461F-A060-23627F7AC95E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
    Task: {7B90E297-A066-4079-ABC9-B6E3956AEE91} - System32\Tasks\{B78582ED-6A88-4CFB-A376-EC98676C1AF6} => Chrome.exe http://ui.skype.com/ui/0/7.28.0.101/en/abandoninstall?page=tsProgressBar
    Task: {97191919-B47F-450E-ABDB-B5983A21F5FB} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
    Task: {B34328E5-6777-4A29-9DB1-1076E6FFA902} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-10-21] (Bitdefender)
    Task: {C6E222B7-8179-4E26-8AA6-850CF8470464} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
    Task: {CA7D38F4-6259-4CF7-82C3-E892CB7A387D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)
    Task: {D21EDB44-6ABC-474C-ACA5-725433348D82} - System32\Tasks\{FE1F6ED3-9B6C-4752-AD77-740879360F15} => pcalua.exe -a D:\Driver\Setup_Afterburner.exe -d D:\Driver
    Task: {E132130F-A625-412E-8943-D9F188120019} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2016-01-04 01:39 - 2016-07-10 15:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2016-01-04 02:34 - 2012-11-01 11:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
    2016-01-04 02:34 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
    2016-02-27 02:26 - 2016-06-14 12:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
    2016-03-29 07:16 - 2016-06-14 12:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
    2016-02-27 02:26 - 2016-06-14 12:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
    2016-01-04 01:34 - 2016-06-14 12:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
    2016-01-04 14:04 - 2016-02-02 10:12 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2015-09-23 13:41 - 2015-09-23 13:41 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    2016-03-29 07:16 - 2016-06-14 12:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
    2016-03-29 07:16 - 2016-06-14 12:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
    2016-03-29 07:16 - 2016-06-14 12:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
    2016-01-29 09:23 - 2016-06-14 12:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
    2016-03-29 07:16 - 2016-06-14 12:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
    2016-03-29 07:16 - 2016-06-14 12:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
    2016-01-04 01:34 - 2016-06-14 12:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2016-01-04 01:20 - 2016-09-07 19:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2016-01-04 01:20 - 2016-08-31 17:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
    2016-01-04 01:20 - 2016-08-31 17:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
    2016-01-04 01:20 - 2016-08-31 17:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
    2016-01-04 01:20 - 2016-10-12 17:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
    2016-01-04 01:20 - 2016-01-26 23:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2016-01-04 01:20 - 2016-01-26 23:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2016-01-04 01:20 - 2016-01-26 23:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2016-01-04 01:20 - 2016-01-26 23:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2016-01-04 01:20 - 2016-01-26 23:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2016-01-04 01:20 - 2016-10-12 17:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2016-03-08 19:24 - 2016-07-04 14:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
    2016-01-22 16:44 - 2016-01-22 16:44 - 00393608 _____ () C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\opus.dll
    2016-01-25 17:54 - 2016-11-02 09:35 - 00534408 _____ () C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
    2016-01-09 06:24 - 2016-06-20 13:48 - 01506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
    2016-01-09 06:24 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
    2016-11-08 20:45 - 2016-11-08 20:44 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
    2016-10-13 19:14 - 2016-08-04 12:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
    2016-03-24 08:00 - 2016-04-29 20:13 - 01690504 _____ () C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll
    2016-03-24 08:00 - 2016-04-29 20:13 - 00018312 _____ () C:\Users\Cameron\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll
    2016-10-25 08:42 - 2016-10-20 00:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
    2016-10-25 08:42 - 2016-10-20 00:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========
     
  7. goddangit

    goddangit TS Rookie Topic Starter

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Cameron:Heroes & Generals

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-129599638-1263965058-21906161-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{873F7BCF-A2A5-4EA6-AC72-788E7C049ECA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{41AF8A55-3FDE-4DCE-839E-21BF4E6CF655}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{66AF1C7A-596B-46D8-9E5D-0FE7DE91FF1B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{FCFDD409-F250-44BD-960B-973B292B649B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{E2A8DD81-90B3-4532-98F1-B23210289DB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{05FA7616-3159-4285-BB29-AE058D5502EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{73F33952-7C03-4BB3-9C9D-C8D20297BC55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{D74D843E-E0A9-4C64-BFDA-C68D37000022}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{E7C21165-A5A9-4992-AD19-AA19AAD1B6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{FCC5E112-D670-4C0E-9F94-B71CBD8DCB9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{077185D6-7127-4B25-BCDC-336F6674427A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{984AF7EB-5F6B-4113-B2A7-CF1E034BE51A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{2135839D-001A-4A6F-A461-862F7516646B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
    FirewallRules: [{F2F37918-80D7-4056-88FE-4094A4713784}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{24AC798C-7DE0-47DB-BAF1-E94C63A7F653}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
    FirewallRules: [{209C13E5-218A-49E6-B616-E2A6F03FEBF1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
    FirewallRules: [{1E9425B4-3C59-465D-855A-828191043DFC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
    FirewallRules: [{2A6E5C12-CEBC-4CBE-BEC2-08ACCD6B1A86}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
    FirewallRules: [{3C19604B-9602-4610-969E-5235721D5AC9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
    FirewallRules: [{5EB7CDAD-3990-4C98-98CA-55AEEA4F4437}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
    FirewallRules: [TCP Query User{CD515A4F-7715-48E6-9C83-2516CDA6EA22}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [UDP Query User{429312D2-814B-4DCA-9366-FBA7183543F8}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
    FirewallRules: [{22B6E971-568E-4955-A053-B7F3E1DB6520}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
    FirewallRules: [{94E442AA-5E90-43B0-B6AA-A89338BC4C0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
    FirewallRules: [{7C89B3F9-1DEC-41FA-93A6-8A5EE461D1F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
    FirewallRules: [{C4FDA53C-550A-4421-A1CD-489C7A5EEE10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
    FirewallRules: [{647D9FF4-1233-41E1-8D9E-4027C88EDE99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
    FirewallRules: [{82938E70-27DB-47BB-BF69-A78BEEE26ECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
    FirewallRules: [{B1E4A3BF-F2E8-414A-9719-3D3643C7FDD2}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{34D7D503-489C-42C4-A50C-8A3C243976D9}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{5607F828-AC3F-4312-A890-94C6D0E3175E}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4857143A-9144-4C8B-AB52-1E5EE961AF49}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{3C643CEB-4BEC-4688-BA69-9E59C34F679D}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{3846A1D8-2571-40DC-AD17-E79E61E15B97}] => (Allow) C:\Users\Cameron\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{857F30CB-4F2A-4181-97C1-3907D05E4C23}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{8C43969B-9B00-4211-BD61-B866C228DC68}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{B89AB754-3F0F-445B-8C26-F334C233509E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{106CB36C-E47B-40C2-B195-26ECD50BC3EA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
    FirewallRules: [{8043527E-C533-4BC6-BCDA-0917AFC12194}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{05D96B5B-C059-4B95-8C8E-C68E90B988A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{B933E45F-EB87-4582-A75F-FE36145BFE51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{B572EB42-3D48-4B7F-8218-E3118884572A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{A22041DE-57C6-49A9-B8AB-B195039681E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{C44EE133-2EB4-425C-8F1D-162D0B8F8E2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{A20E90F9-48D9-448C-9E15-2E3F430DEF64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
    FirewallRules: [{D22BDFF4-0111-4B66-A40B-B5C03F46920F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
    FirewallRules: [{A4BCC4B9-5710-4AEA-BC4A-DA7B906905BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{B6D31AB2-B251-4FF5-91BD-89AA1C99002A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
    FirewallRules: [{80174D1B-FDB6-4D39-8843-AA8823D76544}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{FE6F7DBA-B504-4FC0-B6B9-378158550C6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{BEC462D7-8150-4687-8BC7-E5EF990E9C97}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{4375336A-15B3-463F-91E4-9381DE926C8A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{438CAA50-584B-4F83-B5AD-E76CF9CD2B14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{8ED2F3A3-50A2-41FA-AC49-FCBB41050901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\sdk\hl2.exe
    FirewallRules: [{79E2D3A5-798E-44A6-8449-E4E51DC1F41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{FB494E44-04D6-4D0D-A0AE-C6DCC9154B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{384F79C1-07DE-464D-8855-E423D5F71CD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Conquest IV\app_main.exe
    FirewallRules: [{ABFB20E1-7CD2-4F8D-B4A3-67FB3D9274F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Conquest IV\app_main.exe
    FirewallRules: [{1D0404D7-5A0D-4528-A490-0A6B6AE1BF9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
    FirewallRules: [{323B4F9A-6ED2-4CCF-AE0B-AACA5EAA8B3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
    FirewallRules: [{2EEAE180-842E-42B6-8285-1AEBE4343E12}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
    FirewallRules: [{1E74E633-6BBF-46B0-A6AC-6F3F854650C6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
    FirewallRules: [{ECD3CA6D-9001-4A4D-85CD-7AD88D84BF53}] => (Allow) C:\Users\Cameron\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{816035D1-0ED9-4B89-BCD2-031B70AFBE15}] => (Allow) LPort=8317
    FirewallRules: [{F8B0C59B-4FBF-4DF0-B510-CC1D3865C8C1}] => (Allow) C:\Users\Cameron\AppData\Local\Amigo\Application\amigo.exe
    FirewallRules: [{50FFE66E-BF02-43E4-AE06-DA18A6987192}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [TCP Query User{29D19506-9081-4A68-B4B4-321474662C72}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
    FirewallRules: [UDP Query User{19430167-A762-40F4-BC4A-40F968B4B1EA}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
    FirewallRules: [{F15758FD-EFE6-4672-9397-4C4A90F67452}] => (Block) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
    FirewallRules: [{C9038F8B-6089-415F-B891-C7DB7B152DE7}] => (Block) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\forc-fdev-d-1010\elitedangerous32.exe
    FirewallRules: [{3390BB04-7950-4891-88A9-E4E36E7AE109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{09C77917-7FDC-4FDA-90A4-DA0BE86855E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{0B2C032A-C910-4D59-86E9-D11AD9EC20E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
    FirewallRules: [{845302FA-3EB5-4351-9D21-BE0EC1888ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
    FirewallRules: [TCP Query User{1B612543-58FF-4DB9-A5BE-D086CE2B88EB}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
    FirewallRules: [UDP Query User{CDE50211-24CF-4516-9470-E91FA79C58C3}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
    FirewallRules: [{BE679ECF-4E82-4AD6-9613-03BC70F75EEA}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
    FirewallRules: [{90AEAB90-0FA5-4080-91D7-1485FE843028}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
    FirewallRules: [{5F555C4C-73E9-436B-8B27-E57B3B349CA8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{ED7EA135-ED48-4CDB-AEC7-F4C0A80B74FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
    FirewallRules: [{8AE2B046-8FBD-43F2-BD58-602D9DC090FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
    FirewallRules: [{2EDC5F98-0731-42C6-9803-CDDF386BCEC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [{D53CC034-A73E-4B0E-9EAB-8FA478A59C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
    FirewallRules: [TCP Query User{1DA0B611-5A7A-4730-908C-871A769D437B}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{5FCF07AF-5A4E-45C0-9EAC-0D147DDAD6CA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [{D480E489-186D-4007-BE38-D17994F8FF28}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [{35AA62BE-B9B8-4DC2-8282-4D799F779E9A}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{EAC8C0A9-77E1-48FA-B0E8-8BE660A2B1C5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [UDP Query User{A261DCE1-127B-4015-A68B-18532174BD5A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [{602BCFAD-3C74-49B6-92F1-2093B3D693FB}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [{25AEA83E-41C6-4898-878B-85BB1F4D9AF9}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
    FirewallRules: [TCP Query User{B666F449-B81E-4920-AFAB-DF54CF0B03A5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [UDP Query User{FAEC98D8-D82D-4A97-A320-B6F8B7ED2A69}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [{C2AFBF85-CCBF-4BE8-8A13-D20331A8209C}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [{DD198E7C-FE99-427A-BE09-CBDCFB2BE40C}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
    FirewallRules: [{9C7DD80E-0368-4EC1-ACF1-6528BDDE17AE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{3F050C48-2EB6-49AB-8D32-6CC3AE636E1B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{47FBBF66-3011-494E-902E-437F50CE24B7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{9121EB22-DE5B-4D49-9D6B-546CFCDE9A76}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
    FirewallRules: [{A968F1BA-0F71-4601-88FD-67EF76E5BCEB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{89C07625-9BD4-4A99-A72B-DC177BF067F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{81EC7D82-C739-4309-8254-8BD2725B993F}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe

    ==================== Faulty Device Manager Devices =============

    Name: Ethernet Controller
    Description: Ethernet Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/09/2016 11:22:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/09/2016 10:46:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/09/2016 03:19:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/08/2016 08:37:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/08/2016 04:27:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/08/2016 05:13:41 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002ec,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002ABEC50.72). hr = 0x80070005, Access is denied.
    .

    Error: (11/08/2016 05:13:41 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a50,(null),0,REG_BINARY,00000000074BDFD0.72). hr = 0x80070005, Access is denied.
    .


    Operation:
    BackupShutdown Event

    Context:
    Execution Context: Writer
    Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
    Writer Name: MSSearch Service Writer
    Writer Instance ID: {1be0c749-b8d3-45d8-b14d-9c58144111a0}

    Error: (11/08/2016 05:13:41 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a50,(null),0,REG_BINARY,00000000074BDFD0.72). hr = 0x80070005, Access is denied.
    .


    Operation:
    BackupShutdown Event

    Context:
    Execution Context: Writer
    Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
    Writer Name: MSSearch Service Writer
    Writer Instance ID: {1be0c749-b8d3-45d8-b14d-9c58144111a0}

    Error: (11/08/2016 05:13:41 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000774,(null),0,REG_BINARY,000000000353E0E0.72). hr = 0x80070005, Access is denied.
    .


    Operation:
    BackupShutdown Event

    Context:
    Execution Context: Writer
    Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
    Writer Name: WMI Writer
    Writer Instance ID: {d8b8d6bb-2f76-4fe1-bcce-9f397ef2e052}

    Error: (11/08/2016 05:13:41 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002f0,(null),0,REG_BINARY,0000000001CFDEB0.72). hr = 0x80070005, Access is denied.
    .


    Operation:
    BackupShutdown Event

    Context:
    Execution Context: Writer
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {6dd35430-2a4a-427b-b256-0bed50493da8}


    System errors:
    =============
    Error: (11/09/2016 12:51:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (11/09/2016 12:51:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (11/09/2016 12:51:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (11/09/2016 12:51:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (11/09/2016 12:51:12 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (11/09/2016 12:51:12 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (11/09/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (11/09/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (11/09/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (11/09/2016 12:03:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) X4 860K Quad Core Processor
    Percentage of memory in use: 64%
    Total physical RAM: 8131.23 MB
    Available physical RAM: 2848.89 MB
    Total Virtual: 16260.65 MB
    Available Virtual: 9866.38 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:930.97 GB) (Free:335.39 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9631622C)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    ==================== End of Addition.txt ============================
     
  8. Broni

    Broni Malware Annihilator Posts: 52,897   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==================================

    Please do NOT create multiple topics.
    From now on reply in this topic only.
    Do NOT bump.
    We don't provide 24/7 service.


    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.

    [​IMG] Please download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    Already installed:
    2.0 Threat Scan
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.

    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...