Solved Youtube and other movie clips are lagging a little

M

MalwareMagnet

Posts: 44   +0
I did a virus scan and said I am clean, but I do not remember it being this laggy, so I believe it is a virus can you please help me verify if this is a virus or not? thanks
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Owner (administrator) on DESKTOP-VMOPO8L (14-02-2016 17:02:00)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Nexon America) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_runtime.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Lenovo) C:\Users\Owner\AppData\Local\Apps\2.0\ATXHZA1T.709\0YBY38RA.6BW\lsb...tion_91a10ba61c75c82d_0001.0006_0f15e39c22fde514\LSB.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5062384 2015-11-16] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-11-16] (Synaptics Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-16] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-22] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\RunOnce: [Uninstall C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2016-02-04]
ShortcutTarget: Nexon Launcher.lnk -> C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{edfbb390-0da5-42ed-afde-6889329d0c89}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-07]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-07]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-22] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-13] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-11-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-22] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-22] (NVIDIA Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268040 2015-11-16] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195336 2015-11-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-11-16] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-11-16] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-11-16] (Realtek Semiconductor Corp.)
S3 SDGame; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-16] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-14] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 17:02 - 2016-02-14 17:02 - 00014069 _____ C:\Users\Owner\Downloads\FRST.txt
2016-02-14 17:01 - 2016-02-14 17:02 - 00000000 ____D C:\FRST
2016-02-14 17:01 - 2016-02-14 17:01 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-02-14 17:01 - 2016-02-14 17:01 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2016-02-14 13:41 - 2016-02-14 13:41 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (3).exe
2016-02-14 13:29 - 2016-02-14 13:30 - 00255928 _____ C:\TDSSKiller.3.1.0.9_14.02.2016_13.29.15_log.txt
2016-02-14 13:28 - 2016-02-14 13:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe
2016-02-14 13:27 - 2016-02-14 13:27 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (2).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (1).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT (1).exe
2016-02-14 13:23 - 2016-02-14 13:23 - 00000683 _____ C:\Users\Owner\Desktop\JRT.txt
2016-02-14 13:22 - 2016-02-14 13:35 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2016-02-14 13:22 - 2016-02-14 13:22 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe
2016-02-14 13:09 - 2016-02-14 13:09 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-14 13:08 - 2016-02-14 13:08 - 20943432 _____ C:\Users\Owner\Downloads\RogueKiller.exe
2016-02-14 13:08 - 2016-02-14 13:08 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-14 13:06 - 2016-02-14 13:32 - 01508352 _____ C:\Users\Owner\Downloads\AdwCleaner.exe
2016-02-14 12:48 - 2016-02-14 12:48 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Owner\Downloads\rkill.com
2016-02-14 12:48 - 2016-02-14 12:48 - 00002930 _____ C:\Users\Owner\Desktop\Rkill.txt
2016-02-14 12:44 - 2016-02-14 13:32 - 00000000 ____D C:\AdwCleaner
2016-02-14 12:43 - 2016-02-14 12:43 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST (1).exe
2016-02-14 12:42 - 2016-02-14 12:49 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2016-02-14 12:38 - 2016-02-14 12:49 - 01508352 _____ C:\Users\Owner\Downloads\adwcleaner_5.033.exe
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-09 14:29 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 14:29 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 14:29 - 2016-01-27 01:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 14:29 - 2016-01-27 01:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 14:29 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 14:29 - 2016-01-27 00:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 14:29 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 14:29 - 2016-01-27 00:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 14:29 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 14:29 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 14:29 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 14:29 - 2016-01-26 23:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 14:29 - 2016-01-26 23:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 14:29 - 2016-01-26 23:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 14:29 - 2016-01-26 23:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 14:29 - 2016-01-26 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 14:29 - 2016-01-26 23:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 14:29 - 2016-01-26 23:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 14:29 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 15:31 - 2016-02-08 19:29 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit AgentInformation
2016-02-08 15:30 - 2016-02-08 15:30 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-02-08 15:28 - 2016-02-08 15:29 - 43048592 _____ (Foxit Software Inc. ) C:\Users\Owner\Downloads\FoxitReader73_enu_Setup_Prom.exe
2016-02-08 15:19 - 2016-02-08 15:21 - 295249739 _____ C:\Users\Owner\Downloads\CB10h-Edition.pdf
2016-02-08 15:14 - 2016-02-08 15:14 - 01992496 _____ C:\Users\Owner\Downloads\winrar-x64-531.exe
2016-02-08 15:08 - 2016-02-08 15:08 - 00000197 _____ C:\Users\Owner\Downloads\aazea.com_0321775651.rar
2016-02-05 00:23 - 2016-02-05 00:23 - 00003336 _____ C:\WINDOWS\System32\Tasks\{09059723-20CA-40B3-9C08-D8667C90FB5A}
2016-02-02 15:02 - 2016-02-02 15:09 - 00001834 _____ C:\Users\Public\Desktop\ÁúÖ®¹È.lnk
2016-02-02 14:24 - 2016-02-02 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÓÎÏ·
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\盛大游戏
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÓÎÏ·
2016-02-02 12:11 - 2016-02-02 14:58 - 00000000 ____D C:\lzg251
2016-02-02 12:11 - 2016-02-02 12:11 - 00000000 ____D C:\ProgramData\SNDA
2016-02-02 12:10 - 2016-02-02 12:11 - 03450376 _____ (盛大游戏) C:\Users\Owner\Downloads\dragonnest.251_download.exe
2016-02-02 12:07 - 2016-02-02 12:07 - 00000000 ____D C:\Users\Owner\Documents\DragonNest
2016-02-01 22:56 - 2016-02-01 22:56 - 00000000 ____D C:\Users\Owner\AppData\Roaming\WinRAR
2016-02-01 21:51 - 2016-02-01 22:39 - 00104634 _____ C:\ZipSetupLog.txt
2016-02-01 21:51 - 2016-02-01 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÍøÂç
2016-02-01 21:51 - 2016-02-01 21:51 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÍøÂç
2016-02-01 17:02 - 2016-02-01 19:44 - 00000027 _____ C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:38 - 00000000 ____D C:\Gamedownloader
2016-02-01 16:32 - 2016-02-02 14:08 - 00000059 _____ C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-01 16:32 - 2016-02-01 16:32 - 00000000 ____D C:\Users\Owner\AppData\Roaming\lzg1024_setup
2016-02-01 16:23 - 2016-02-02 14:38 - 03733896 _____ (ShenZhen Xunlei Networking Technologies,LTD) C:\Users\Owner\Downloads\lzg1024_setup.exe
2016-01-29 23:56 - 2016-01-29 23:56 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-01-29 21:48 - 2016-02-14 13:23 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2016-01-29 21:43 - 2016-01-29 21:43 - 00003336 _____ C:\WINDOWS\System32\Tasks\{735EF87E-9250-4026-953E-D5F27030B7F1}
2016-01-29 19:13 - 2016-01-29 19:13 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-29 19:13 - 2016-01-29 19:13 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-29 19:12 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-01-29 19:12 - 2016-01-29 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-22 21:54 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-29 19:12 - 2016-01-22 21:54 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01859936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-29 19:12 - 2016-01-22 19:47 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-29 19:11 - 2016-02-14 13:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-29 19:11 - 2016-01-29 19:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-29 19:11 - 2016-01-22 20:01 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-29 19:11 - 2016-01-22 20:01 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00123448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-29 19:11 - 2016-01-21 21:06 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-29 19:10 - 2016-01-25 12:34 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-29 19:10 - 2016-01-22 22:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-29 19:10 - 2015-12-18 01:11 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-01-29 19:10 - 2015-12-18 01:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-29 19:10 - 2015-12-18 01:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-29 19:08 - 2016-01-29 19:08 - 00000000 ____D C:\NVIDIA
2016-01-29 19:07 - 2016-01-29 19:08 - 122461596 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql (1).exe.hj3lkj7.partial
2016-01-28 15:46 - 2016-01-28 15:46 - 00000000 ____D C:\Users\Owner\Documents\League of Legends
2016-01-28 12:00 - 2016-01-16 01:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 12:00 - 2016-01-16 01:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64
 
\Windows.Media.Protection.PlayReady.dll
2016-01-28 11:59 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 11:59 - 2016-01-16 01:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 11:59 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 11:59 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 11:59 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 11:59 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 11:59 - 2016-01-16 00:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 11:59 - 2016-01-16 00:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 11:59 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 11:59 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 11:59 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 11:59 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 11:59 - 2016-01-16 00:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 00:38 - 2016-01-29 19:08 - 389921688 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql.exe
2016-01-22 21:44 - 2016-01-22 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-01-22 21:36 - 2016-01-22 21:42 - 27864920 _____ (Riot Games) C:\Users\Owner\Downloads\LeagueofLegends_NA_Installer_9_15_2014 (1).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 13:37 - 2015-11-16 23:47 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-14 13:37 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-14 13:32 - 2015-11-16 22:31 - 00000000 ____D C:\Users\Owner\AppData\Local\Deployment
2016-02-14 13:31 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Local\NexonLauncher
2016-02-14 13:31 - 2015-12-16 14:21 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-14 13:31 - 2015-12-07 10:17 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 13:31 - 2015-11-16 21:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-14 13:31 - 2015-11-16 21:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-14 13:31 - 2015-11-16 20:59 - 00000000 __SHD C:\Users\Owner\IntelGraphicsProfiles
2016-02-14 13:30 - 2015-10-30 01:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-14 11:31 - 2015-12-23 11:16 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E9C8FB6-6FFC-4CC2-94CB-F2E4A93C6C03}
2016-02-13 12:45 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 14:14 - 2015-11-16 22:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-02-12 12:08 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 11:37 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 22:54 - 2016-01-02 21:13 - 00000000 ____D C:\Users\Owner\Downloads\PopcornTime
2016-02-10 16:29 - 2015-12-07 10:18 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 16:29 - 2015-12-07 10:18 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 02:09 - 2015-11-16 21:54 - 00000000 ____D C:\Users\Owner
2016-02-09 22:46 - 2016-01-10 11:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-09 21:11 - 2015-09-10 00:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-09 21:10 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 15:09 - 2015-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 15:07 - 2015-11-16 21:00 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 15:07 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Program Files\WinRAR
2016-02-05 13:57 - 2015-11-16 20:52 - 00002363 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 13:57 - 2015-11-16 20:52 - 00000000 ___RD C:\Users\Owner\OneDrive
2016-02-05 00:26 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-04 16:32 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NexonLauncher
2016-02-03 14:01 - 2015-10-30 02:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 14:01 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 14:07 - 2015-12-16 14:24 - 00000000 ____D C:\Users\Owner\AppData\Local\Steam
2016-02-01 18:23 - 2015-12-07 10:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 18:23 - 2015-12-07 10:17 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 18:23 - 2015-12-07 10:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-29 23:30 - 2015-12-16 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-29 19:13 - 2015-11-16 21:56 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA
2016-01-29 19:12 - 2015-11-16 21:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 19:12 - 2015-11-16 20:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-29 19:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Help
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-22 21:49 - 2015-12-07 10:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Riot Games
2016-01-17 19:13 - 2016-01-06 14:24 - 00000000 ____D C:\Users\Owner\Documents\My Games
2016-01-17 19:13 - 2015-11-16 22:55 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-02-01 17:02 - 2016-02-01 19:44 - 0000027 _____ () C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:08 - 0000059 _____ () C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2015-11-16 21:53 - 2015-11-16 21:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Owner\AppData\Local\Temp\netease-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\ntes-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-06 22:13


==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Owner (2016-02-14 17:02:46)
Running from C:\Users\Owner\Downloads
Windows 10 Pro (X64) (2015-11-17 02:56:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3197005435-3639198766-659270671-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3197005435-3639198766-659270671-503 - Limited - Disabled)
Guest (S-1-5-21-3197005435-3639198766-659270671-501 - Limited - Disabled)
Owner (S-1-5-21-3197005435-3639198766-659270671-1001 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ÁúÖ®¹È (HKLM-x32\...\DragonNest) (Version: 2.0.8.251 - SHANDAGAMES)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.2.0.13 - Lenovo)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.256 - SurfRight B.V.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
ÍøÒ×-ÌìÚÍ (HKLM-x32\...\tianyu) (Version: 1.0.130 - ÍøÒ×£¨º¼ÖÝ£©ÍøÂçÓÐÏÞ¹«Ë¾)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.017.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\cbe8636f7dd0cf1d) (Version: 1.6.0.0 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes 2016 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NVIDIA 3D Vision Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3197005435-3639198766-659270671-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2F25D1D9-0448-428B-B454-17CF4E1FD628} - System32\Tasks\{09B16D9D-082B-4636-A5E2-BF03E6FD480B} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {60E97DA1-2642-4D19-A7D8-1656A77C3B0F} - System32\Tasks\{09059723-20CA-40B3-9C08-D8667C90FB5A} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {7BE9D574-5497-4FDF-9AD5-5A9F29F5875F} - System32\Tasks\{735EF87E-9250-4026-953E-D5F27030B7F1} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {837E182B-4407-4868-909A-4FD5389BF324} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {8FBB7972-4AE1-4E8F-A608-0034F897C555} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {A44838B7-2B2A-48E0-BBCC-A1484FADC0A2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3197005435-3639198766-659270671-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {A5E7CA59-FC52-4616-989A-2F86FDAC0908} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.)
Task: {BB2903F6-EDDD-42B1-B9EC-84694C40AC28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.)
Task: {D94003A4-8E50-4F32-9B42-7942C76D8A02} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-29 19:12 - 2016-01-22 21:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-07 10:25 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-07 10:25 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 23:48 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 23:48 - 2015-12-06 23:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 23:48 - 2015-12-06 23:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-11-16 20:59 - 2015-11-16 20:59 - 00405416 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-11-16 22:52 - 2015-11-16 22:52 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-16 22:52 - 2015-11-16 22:52 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-11-16 20:55 - 2015-11-16 20:55 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-01-13 00:29 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 00:29 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 11:59 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 11:59 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-29 19:12 - 2016-01-22 21:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-16 14:23 - 2015-12-15 00:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-16 14:23 - 2016-02-04 16:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-16 14:23 - 2016-02-04 16:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-12-16 14:23 - 2015-12-29 20:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-16 16:54 - 2015-12-12 19:02 - 00044544 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_socket.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00899584 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_ssl.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00087552 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_ctypes.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00358400 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_hashlib.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00100352 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32api.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00110080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\pywintypes27.dll
2015-12-16 16:54 - 2015-12-12 19:02 - 00010240 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\select.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00036864 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32process.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00485888 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\libsodium.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00516096 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\libzmq.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00038400 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\constants.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00014336 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\error.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00046080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\message.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00032256 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\context.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00073216 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\socket.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00023552 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\utils.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00029696 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_poll.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00012800 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_version.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00025088 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_device.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00027136 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_multiprocessing.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00031232 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\devices\monitoredqueue.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00036352 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_psutil_mswindows.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00167936 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32gui.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00009728 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Random\OSRNG\winrandom.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00010240 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Util\_counter.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00029184 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Cipher\_AES.pyd
2015-12-16 16:54 - 2015-11-19 15:03 - 00160768 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\modules\tray\mxwin.pyd
2015-12-16 16:53 - 2015-11-19 15:03 - 00031232 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\modules\tray\Nexon.Mantis.Client.Resources.dll
2015-12-16 16:53 - 2015-12-12 19:02 - 00686080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\unicodedata.pyd
2015-12-16 14:23 - 2016-01-05 20:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-11-16 22:56 - 2015-02-12 16:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-30 17:42 - 2015-07-30 17:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3197005435-3639198766-659270671-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\Downloads\cherry_blossom_tunnel.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{9EEDA7EA-FB82-463B-9ABF-F480F9DEE9ED}C:\users\owner\downloads\tianyu_dl_0730.exe] => (Allow) C:\users\owner\downloads\tianyu_dl_0730.exe
FirewallRules: [UDP Query User{5ACFB03D-B664-429F-A831-9BBFB56B75A9}C:\users\owner\downloads\tianyu_dl_0730.exe] => (Allow) C:\users\owner\downloads\tianyu_dl_0730.exe
FirewallRules: [TCP Query User{37AAE1B4-79B5-4290-AFBE-F878C83F7C0D}C:\users\owner\appdata\local\temp\netease-tianyu.exe] => (Allow) C:\users\owner\appdata\local\temp\netease-tianyu.exe
FirewallRules: [UDP Query User{A1B1765D-B21C-4D2B-9BDB-292807D10504}C:\users\owner\appdata\local\temp\netease-tianyu.exe] => (Allow) C:\users\owner\appdata\local\temp\netease-tianyu.exe
FirewallRules: [TCP Query User{A53C1BDC-47C8-42F7-B368-A1CA6CA28F4B}C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe
FirewallRules: [UDP Query User{EA7A4CFE-45A7-434B-AD6D-1E60CBB86430}C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe
FirewallRules: [TCP Query User{F95E48A8-C2A8-4612-BCC8-28C4E214F543}C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe
FirewallRules: [UDP Query User{07C15253-EE24-4E14-A1AB-6484FF9B90B0}C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe
FirewallRules: [TCP Query User{69DC82E0-0D37-46FF-BC73-D8EFD959BD11}C:\program files (x86)\netease\ty\game\tianyu.exe] => (Allow) C:\program files (x86)\netease\ty\game\tianyu.exe
FirewallRules: [UDP Query User{B741CC80-62DC-42AC-80B6-849E6D0598E2}C:\program files (x86)\netease\ty\game\tianyu.exe] => (Allow) C:\program files (x86)\netease\ty\game\tianyu.exe
FirewallRules: [{8D3069F9-E5E5-42FE-9912-5080374280FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3D127AE5-DB40-4F3C-B8FD-72F41B152B49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17E98202-4072-4D11-A68A-65CC24C94AA6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1FB7C382-110D-4A1F-9031-BFB14D62128E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C34E3C2C-FB8F-4E19-9319-3D6A730F0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{FE2E09D4-6E18-4221-88A5-E57848868996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{D0225C20-E3C6-469A-8069-A3322FAD312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{7E3E8AD8-066E-4AA6-9348-DD339D8AD291}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{5B0DF0BE-E379-4234-A9EE-DDE260C27BFF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5A276C42-5110-4373-8B0A-B53338083020}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{29038CB8-4361-4E1A-A5D5-9A8BEE316427}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{BD922299-EA3C-4E11-97AB-D3DD9CFE2F73}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C54371B0-A77B-4977-82AE-F86C3C833BE6}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{4301086A-0880-4783-B4A0-8D74D1F1ED32}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{C670E80B-C297-4217-BC31-FD4B83D42855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{9310A6DB-4E7B-4230-ACD0-8984CC26466B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{F3DE407D-E6C7-47D0-9F02-2DE64D0DC504}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2AF0B00D-C9A1-4C26-90BB-6F9573279FC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5AEB6F71-F773-4FFD-BBE1-8651A9B9289D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{41FF28EC-7F02-420C-8385-927452B44D8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5A7E3C1-EDA0-4C27-B3F3-2BC8FD6A419A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2EDDB6A6-AC67-4967-9E80-B44BA42758BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{281AB3DF-B434-40EB-8A7E-41B34A5422AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A91394E6-BF53-4436-9973-A566ED83E162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{66F91DB2-0693-4144-A44D-470C6848EAD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{29EF3BF2-B55F-45E6-B0DF-E3B5DB76B26C}] => (Allow) C:\Users\Owner\Downloads\lzg1024_setup.exe
FirewallRules: [{8D4534D1-C702-431D-B2F5-B39B1703CA8A}] => (Allow) C:\Users\Owner\Downloads\lzg1024_setup.exe
FirewallRules: [TCP Query User{94341CC4-F3D9-4830-93A3-BCFD2990511B}C:\users\owner\downloads\dragonnest.251_download.exe] => (Allow) C:\users\owner\downloads\dragonnest.251_download.exe
FirewallRules: [UDP Query User{8D036A37-0F6C-4E28-889A-92FE15AC9DF1}C:\users\owner\downloads\dragonnest.251_download.exe] => (Allow) C:\users\owner\downloads\dragonnest.251_download.exe
FirewallRules: [{7946DA7C-E153-442A-AD68-EDA3CF4B2A24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{221CCADE-293B-46F8-8776-1E49DBAB9FB6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{303C9904-D45A-4C2C-A941-02F6CCDFE589}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe

==================== Restore Points =========================

28-01-2016 20:26:32 Windows Update
06-02-2016 12:24:51 Scheduled Checkpoint
09-02-2016 15:06:21 Windows Update
14-02-2016 13:22:45 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2016 01:22:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.103, time stamp: 0x56a84dc4
Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4
Exception code: 0xc0000005
Fault offset: 0x00000000000780cd
Faulting process id: 0x1144
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/14/2016 01:22:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/14/2016 12:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.103, time stamp: 0x56a84dc4
Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4
Exception code: 0xc0000005
Fault offset: 0x00000000000780cd
Faulting process id: 0x17cc
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/13/2016 11:33:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/13/2016 10:17:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x23d0
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/13/2016 06:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x1a2c
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/13/2016 12:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0xcc8
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/12/2016 05:27:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x22e8
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/10/2016 03:43:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x748
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/10/2016 01:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x2530
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5


System errors:
=============
Error: (02/14/2016 04:05:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 01:30:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VMOPO8L)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (02/14/2016 01:30:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_39c74 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/14/2016 01:30:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 01:22:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2016 01:09:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys

Error: (02/14/2016 12:45:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3a154 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/14/2016 12:45:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 12:45:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HitmanPro Scheduler service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2016 12:45:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2016-02-13 23:33:31.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-12 12:04:00.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-10 02:11:38.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-09 22:13:14.071
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-09 21:11:17.296
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-06 11:07:16.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-05 12:15:35.003
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-03 22:48:02.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-30 10:41:39.774
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-29 16:40:03.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8104.27 MB
Available physical RAM: 3588.88 MB
Total Virtual: 10152.27 MB
Available Virtual: 4932.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.92 GB) (Free:124.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D7916CC8)

Partition: GPT.

==================== End of Addition.txt ============================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
If you already have MBAM 2.0 installed:
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Rkill 2.8.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/14/2016 12:48:23 PM in x64 mode.
Windows Version: Windows 10 Pro

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* fcvsc [Missing Service]
* HdAudAddService [Missing Service]
* HyperVideo [Missing Service]
* netvsc [Missing Service]
* wfpcapture [Missing Service]

* CompositeBus => \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys [Incorrect ImagePath]
* NgcSvc => %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted [Incorrect ImagePath]
* swenum => \SystemRoot\System32\drivers\swenum.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/14/2016 12:48:38 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Pro x64
Ran by Owner (Administrator) on Sun 02/14/2016 at 13:22:44.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\thunder network (Folder)
Successfully deleted: C:\Users\Public\thunder network (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/14/2016 at 13:23:35.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v5.033 - Logfile created 14/02/2016 at 12:45:27
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Owner - DESKTOP-VMOPO8L
# Running from : C:\Users\Owner\Downloads\adwcleaner_5.033.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
[-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
[-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com

***** [ Web browsers ] *****

[-] [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1648 bytes] ##########
 
# AdwCleaner v5.033 - Logfile created 14/02/2016 at 12:44:38
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Owner - DESKTOP-VMOPO8L
# Running from : C:\Users\Owner\Downloads\adwcleaner_5.033.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Key Found : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
Key Found : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Key Found : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com

***** [ Web browsers ] *****

[C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1526 bytes] ##########
 
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/14/2016
Scan Time: 8:09 PM
Logfile: m.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.14.05
Rootkit Database: v2016.02.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341207
Time Elapsed: 5 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Owner (administrator) on DESKTOP-VMOPO8L (14-02-2016 21:23:33)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Nexon America) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_runtime.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Lenovo) C:\Users\Owner\AppData\Local\Apps\2.0\ATXHZA1T.709\0YBY38RA.6BW\lsb...tion_91a10ba61c75c82d_0001.0006_0f15e39c22fde514\LSB.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5062384 2015-11-16] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-11-16] (Synaptics Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-16] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-22] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\RunOnce: [Uninstall C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2016-02-04]
ShortcutTarget: Nexon Launcher.lnk -> C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{edfbb390-0da5-42ed-afde-6889329d0c89}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-02-02] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-07]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-07]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-22] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-13] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-11-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-22] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-22] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [135176 2016-01-21] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1695720 2016-02-01] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268040 2015-11-16] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195336 2015-11-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-11-16] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-11-16] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-11-16] (Realtek Semiconductor Corp.)
S3 SDGame; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-16] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-14] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:17 - 2016-02-14 20:17 - 00001034 _____ C:\m.txt
2016-02-14 20:12 - 2016-02-14 20:12 - 01508352 _____ C:\Users\Owner\Downloads\adwcleaner_5.033 (1).exe
2016-02-14 19:00 - 2016-02-14 19:00 - 00000000 ____D C:\Users\Owner\AppData\Local\Foxit Reader
2016-02-14 18:45 - 2016-02-14 18:45 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-02-14 18:40 - 2016-02-14 18:40 - 00000385 _____ C:\Users\Owner\AppData\Roaminguser_gensett.xml
2016-02-14 18:39 - 2016-02-14 18:39 - 00431656 _____ C:\ProgramData\1455492953.bdinstall.bin
2016-02-14 18:39 - 2016-02-14 18:39 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-02-14 18:39 - 2016-02-14 18:39 - 00002270 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-02-14 18:39 - 2016-02-14 18:39 - 00000785 _____ C:\bdlog.txt
2016-02-14 18:39 - 2016-02-14 18:39 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-02-14 18:39 - 2016-02-14 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-02-14 18:39 - 2016-02-14 18:39 - 00000000 ____D C:\ProgramData\BDLogging
2016-02-14 18:39 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-02-14 18:39 - 2009-07-14 12:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-02-14 18:39 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-02-14 18:38 - 2016-02-14 18:39 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Bitdefender
2016-02-14 18:38 - 2016-01-22 08:12 - 00806344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-02-14 18:38 - 2016-01-22 08:11 - 01622512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-02-14 18:38 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-02-14 18:37 - 2016-02-14 18:46 - 00000000 ____D C:\ProgramData\Bitdefender
2016-02-14 18:37 - 2016-02-14 18:37 - 00000000 ____D C:\Program Files\Bitdefender
2016-02-14 18:37 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-02-14 18:37 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-02-14 18:35 - 2016-02-14 18:37 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-02-14 18:35 - 2016-02-14 18:35 - 00000000 ____D C:\Users\Owner\AppData\Roaming\QuickScan
2016-02-14 18:32 - 2016-02-14 21:01 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-02-14 18:32 - 2016-02-14 18:32 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-02-14 18:32 - 2016-02-14 18:32 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-02-14 18:31 - 2016-02-14 18:32 - 09736920 _____ C:\Users\Owner\Downloads\bitdefender_windows_10e3f9de-f735-4a1c-b04a-82f170b8eee9.exe
2016-02-14 17:02 - 2016-02-14 21:23 - 00015243 _____ C:\Users\Owner\Downloads\FRST.txt
2016-02-14 17:02 - 2016-02-14 17:03 - 00037180 _____ C:\Users\Owner\Downloads\Addition.txt
2016-02-14 17:01 - 2016-02-14 21:23 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-02-14 17:01 - 2016-02-14 21:23 - 00000000 ____D C:\FRST
2016-02-14 17:01 - 2016-02-14 17:01 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2016-02-14 13:41 - 2016-02-14 13:41 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (3).exe
2016-02-14 13:29 - 2016-02-14 13:30 - 00255928 _____ C:\TDSSKiller.3.1.0.9_14.02.2016_13.29.15_log.txt
2016-02-14 13:28 - 2016-02-14 13:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe
2016-02-14 13:27 - 2016-02-14 13:27 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (2).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (1).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT (1).exe
2016-02-14 13:23 - 2016-02-14 13:23 - 00000683 _____ C:\Users\Owner\Desktop\JRT.txt
2016-02-14 13:22 - 2016-02-14 13:35 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2016-02-14 13:22 - 2016-02-14 13:22 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe
2016-02-14 13:09 - 2016-02-14 13:09 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-14 13:08 - 2016-02-14 13:08 - 20943432 _____ C:\Users\Owner\Downloads\RogueKiller.exe
2016-02-14 13:08 - 2016-02-14 13:08 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-14 13:06 - 2016-02-14 13:32 - 01508352 _____ C:\Users\Owner\Downloads\AdwCleaner.exe
2016-02-14 12:48 - 2016-02-14 12:48 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Owner\Downloads\rkill.com
2016-02-14 12:48 - 2016-02-14 12:48 - 00002930 _____ C:\Users\Owner\Desktop\Rkill.txt
2016-02-14 12:44 - 2016-02-14 13:32 - 00000000 ____D C:\AdwCleaner
2016-02-14 12:43 - 2016-02-14 12:43 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST (1).exe
2016-02-14 12:42 - 2016-02-14 12:49 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2016-02-14 12:38 - 2016-02-14 12:49 - 01508352 _____ C:\Users\Owner\Downloads\adwcleaner_5.033.exe
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
 
ThinkVantage Tools
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-09 14:29 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 14:29 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 14:29 - 2016-01-27 01:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 14:29 - 2016-01-27 01:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 14:29 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 14:29 - 2016-01-27 00:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 14:29 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 14:29 - 2016-01-27 00:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 14:29 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 14:29 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 14:29 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 14:29 - 2016-01-26 23:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 14:29 - 2016-01-26 23:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 14:29 - 2016-01-26 23:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 14:29 - 2016-01-26 23:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 14:29 - 2016-01-26 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 14:29 - 2016-01-26 23:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 14:29 - 2016-01-26 23:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 14:29 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 15:31 - 2016-02-08 19:29 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit AgentInformation
2016-02-08 15:30 - 2016-02-08 15:30 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-02-08 15:28 - 2016-02-08 15:29 - 43048592 _____ (Foxit Software Inc. ) C:\Users\Owner\Downloads\FoxitReader73_enu_Setup_Prom.exe
2016-02-08 15:19 - 2016-02-08 15:21 - 295249739 _____ C:\Users\Owner\Downloads\CB10h-Edition.pdf
2016-02-08 15:14 - 2016-02-08 15:14 - 01992496 _____ C:\Users\Owner\Downloads\winrar-x64-531.exe
2016-02-08 15:08 - 2016-02-08 15:08 - 00000197 _____ C:\Users\Owner\Downloads\aazea.com_0321775651.rar
2016-02-05 00:23 - 2016-02-05 00:23 - 00003336 _____ C:\WINDOWS\System32\Tasks\{09059723-20CA-40B3-9C08-D8667C90FB5A}
2016-02-02 15:02 - 2016-02-02 15:09 - 00001834 _____ C:\Users\Public\Desktop\ÁúÖ®¹È.lnk
2016-02-02 14:24 - 2016-02-02 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÓÎÏ·
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\盛大游戏
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÓÎÏ·
2016-02-02 12:11 - 2016-02-02 14:58 - 00000000 ____D C:\lzg251
2016-02-02 12:11 - 2016-02-02 12:11 - 00000000 ____D C:\ProgramData\SNDA
2016-02-02 12:10 - 2016-02-02 12:11 - 03450376 _____ (盛大游戏) C:\Users\Owner\Downloads\dragonnest.251_download.exe
2016-02-02 12:07 - 2016-02-02 12:07 - 00000000 ____D C:\Users\Owner\Documents\DragonNest
2016-02-01 22:56 - 2016-02-01 22:56 - 00000000 ____D C:\Users\Owner\AppData\Roaming\WinRAR
2016-02-01 21:51 - 2016-02-01 22:39 - 00104634 _____ C:\ZipSetupLog.txt
2016-02-01 21:51 - 2016-02-01 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÍøÂç
2016-02-01 21:51 - 2016-02-01 21:51 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÍøÂç
2016-02-01 17:02 - 2016-02-01 19:44 - 00000027 _____ C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:38 - 00000000 ____D C:\Gamedownloader
2016-02-01 16:32 - 2016-02-02 14:08 - 00000059 _____ C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-01 16:32 - 2016-02-01 16:32 - 00000000 ____D C:\Users\Owner\AppData\Roaming\lzg1024_setup
2016-02-01 16:23 - 2016-02-02 14:38 - 03733896 _____ (ShenZhen Xunlei Networking Technologies,LTD) C:\Users\Owner\Downloads\lzg1024_setup.exe
2016-01-29 23:56 - 2016-01-29 23:56 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-01-29 21:48 - 2016-02-14 19:21 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2016-01-29 21:43 - 2016-01-29 21:43 - 00003336 _____ C:\WINDOWS\System32\Tasks\{735EF87E-9250-4026-953E-D5F27030B7F1}
2016-01-29 19:13 - 2016-01-29 19:13 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-29 19:13 - 2016-01-29 19:13 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-29 19:12 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-01-29 19:12 - 2016-01-29 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-22 21:54 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-29 19:12 - 2016-01-22 21:54 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01859936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-29 19:12 - 2016-01-22 19:47 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-29 19:11 - 2016-02-14 19:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-29 19:11 - 2016-01-29 19:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-29 19:11 - 2016-01-22 20:01 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-29 19:11 - 2016-01-22 20:01 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00123448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-29 19:11 - 2016-01-21 21:06 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-29 19:10 - 2016-01-25 12:34 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-29 19:10 - 2016-01-22 22:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-29 19:10 - 2015-12-18 01:11 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-01-29 19:10 - 2015-12-18 01:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-29 19:10 - 2015-12-18 01:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-29 19:08 - 2016-01-29 19:08 - 00000000 ____D C:\NVIDIA
2016-01-29 19:07 - 2016-01-29 19:08 - 122461596 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql (1).exe.hj3lkj7.partial
2016-01-28 15:46 - 2016-01-28 15:46 - 00000000 ____D C:\Users\Owner\Documents\League of Legends
2016-01-28 12:00 - 2016-01-16 01:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 12:00 - 2016-01-16 01:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 11:59 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 11:59 - 2016-01-16 01:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 11:59 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 11:59 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 11:59 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 11:59 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 11:59 - 2016-01-16 00:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 11:59 - 2016-01-16 00:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 11:59 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 11:59 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 11:59 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 11:59 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 11:59 - 2016-01-16 00:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 00:38 - 2016-01-29 19:08 - 389921688 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql.exe
2016-01-22 21:44 - 2016-01-22 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-01-22 21:36 - 2016-01-22 21:42 - 27864920 _____ (Riot Games) C:\Users\Owner\Downloads\LeagueofLegends_NA_Installer_9_15_2014 (1).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:09 - 2016-01-10 11:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-14 19:06 - 2015-11-16 23:47 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-14 19:06 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-14 19:01 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Local\NexonLauncher
2016-02-14 19:01 - 2015-12-16 14:21 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-14 19:01 - 2015-11-16 22:31 - 00000000 ____D C:\Users\Owner\AppData\Local\Deployment
2016-02-14 19:00 - 2015-12-07 10:17 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 19:00 - 2015-11-16 21:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-14 19:00 - 2015-11-16 21:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-14 19:00 - 2015-11-16 20:59 - 00000000 __SHD C:\Users\Owner\IntelGraphicsProfiles
2016-02-14 19:00 - 2015-10-30 01:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-14 18:39 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-14 17:35 - 2015-12-23 11:16 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E9C8FB6-6FFC-4CC2-94CB-F2E4A93C6C03}
2016-02-13 12:45 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 14:14 - 2015-11-16 22:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-02-12 12:08 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 11:37 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 22:54 - 2016-01-02 21:13 - 00000000 ____D C:\Users\Owner\Downloads\PopcornTime
2016-02-10 16:29 - 2015-12-07 10:18 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 16:29 - 2015-12-07 10:18 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 02:09 - 2015-11-16 21:54 - 00000000 ____D C:\Users\Owner
2016-02-09 21:11 - 2015-09-10 00:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-09 21:10 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 15:09 - 2015-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 15:07 - 2015-11-16 21:00 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 15:07 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Program Files\WinRAR
2016-02-05 13:57 - 2015-11-16 20:52 - 00002363 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 13:57 - 2015-11-16 20:52 - 00000000 ___RD C:\Users\Owner\OneDrive
2016-02-05 00:26 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-04 16:32 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NexonLauncher
2016-02-03 14:01 - 2015-10-30 02:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 14:01 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 20:48 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-02-02 14:07 - 2015-12-16 14:24 - 00000000 ____D C:\Users\Owner\AppData\Local\Steam
2016-02-01 18:23 - 2015-12-07 10:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 18:23 - 2015-12-07 10:17 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 18:23 - 2015-12-07 10:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-29 23:30 - 2015-12-16 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-29 19:13 - 2015-11-16 21:56 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA
2016-01-29 19:12 - 2015-11-16 21:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 19:12 - 2015-11-16 20:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-29 19:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Help
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-22 21:49 - 2015-12-07 10:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Riot Games
2016-01-17 19:13 - 2016-01-06 14:24 - 00000000 ____D C:\Users\Owner\Documents\My Games
2016-01-17 19:13 - 2015-11-16 22:55 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-02-01 17:02 - 2016-02-01 19:44 - 0000027 _____ () C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:08 - 0000059 _____ () C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-14 18:39 - 2016-02-14 18:39 - 0431656 _____ () C:\ProgramData\1455492953.bdinstall.bin
2015-11-16 21:53 - 2015-11-16 21:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Owner\AppData\Local\Temp\netease-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\ntes-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-06 22:13

==================== End of FRST.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Owner (administrator) on DESKTOP-VMOPO8L (14-02-2016 21:33:56)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Nexon America) C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_runtime.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Lenovo) C:\Users\Owner\AppData\Local\Apps\2.0\ATXHZA1T.709\0YBY38RA.6BW\lsb...tion_91a10ba61c75c82d_0001.0006_0f15e39c22fde514\LSB.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-11-16] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5062384 2015-11-16] (Realtek semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-11-16] (Synaptics Incorporated)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-16] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-22] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\RunOnce: [Uninstall C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nexon Launcher.lnk [2016-02-04]
ShortcutTarget: Nexon Launcher.lnk -> C:\Program Files (x86)\Nexon\Nexon Launcher\nexon_launcher.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{edfbb390-0da5-42ed-afde-6889329d0c89}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-02-02] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome:
=======
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-07]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Adblock Plus) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-07]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-22] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-13] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-11-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-22] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-22] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [135176 2016-01-21] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1695720 2016-02-01] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1622512 2016-01-22] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [806344 2016-01-22] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [268040 2015-11-16] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195336 2015-11-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-11-16] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [759552 2015-11-16] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3069680 2015-11-16] (Realtek Semiconductor Corp.)
S3 SDGame; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-11-16] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-14] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:17 - 2016-02-14 20:17 - 00001034 _____ C:\m.txt
2016-02-14 20:12 - 2016-02-14 20:12 - 01508352 _____ C:\Users\Owner\Downloads\adwcleaner_5.033 (1).exe
2016-02-14 19:00 - 2016-02-14 19:00 - 00000000 ____D C:\Users\Owner\AppData\Local\Foxit Reader
2016-02-14 18:45 - 2016-02-14 18:45 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-02-14 18:40 - 2016-02-14 18:40 - 00000385 _____ C:\Users\Owner\AppData\Roaminguser_gensett.xml
2016-02-14 18:39 - 2016-02-14 18:39 - 00431656 _____ C:\ProgramData\1455492953.bdinstall.bin
2016-02-14 18:39 - 2016-02-14 18:39 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-02-14 18:39 - 2016-02-14 18:39 - 00002270 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-02-14 18:39 - 2016-02-14 18:39 - 00000785 _____ C:\bdlog.txt
2016-02-14 18:39 - 2016-02-14 18:39 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-02-14 18:39 - 2016-02-14 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-02-14 18:39 - 2016-02-14 18:39 - 00000000 ____D C:\ProgramData\BDLogging
2016-02-14 18:39 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-02-14 18:39 - 2009-07-14 12:21 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-02-14 18:39 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-02-14 18:38 - 2016-02-14 18:39 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Bitdefender
2016-02-14 18:38 - 2016-01-22 08:12 - 00806344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-02-14 18:38 - 2016-01-22 08:11 - 01622512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-02-14 18:38 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-02-14 18:37 - 2016-02-14 18:46 - 00000000 ____D C:\ProgramData\Bitdefender
2016-02-14 18:37 - 2016-02-14 18:37 - 00000000 ____D C:\Program Files\Bitdefender
2016-02-14 18:37 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-02-14 18:37 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-02-14 18:35 - 2016-02-14 18:37 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-02-14 18:35 - 2016-02-14 18:35 - 00000000 ____D C:\Users\Owner\AppData\Roaming\QuickScan
2016-02-14 18:32 - 2016-02-14 21:01 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-02-14 18:32 - 2016-02-14 18:32 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-02-14 18:32 - 2016-02-14 18:32 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-02-14 18:31 - 2016-02-14 18:32 - 09736920 _____ C:\Users\Owner\Downloads\bitdefender_windows_10e3f9de-f735-4a1c-b04a-82f170b8eee9.exe
2016-02-14 17:02 - 2016-02-14 21:33 - 00015177 _____ C:\Users\Owner\Downloads\FRST.txt
2016-02-14 17:02 - 2016-02-14 17:03 - 00037180 _____ C:\Users\Owner\Downloads\Addition.txt
2016-02-14 17:01 - 2016-02-14 21:29 - 00000000 ____D C:\FRST
2016-02-14 17:01 - 2016-02-14 21:23 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-02-14 17:01 - 2016-02-14 17:01 - 02370560 _____ (Farbar) C:\Users\Owner\Downloads\FRST64 (1).exe
2016-02-14 13:41 - 2016-02-14 13:41 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (3).exe
2016-02-14 13:29 - 2016-02-14 13:30 - 00255928 _____ C:\TDSSKiller.3.1.0.9_14.02.2016_13.29.15_log.txt
2016-02-14 13:28 - 2016-02-14 13:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Downloads\tdsskiller.exe
2016-02-14 13:27 - 2016-02-14 13:27 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (2).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix (1).exe
2016-02-14 13:24 - 2016-02-14 13:24 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT (1).exe
2016-02-14 13:23 - 2016-02-14 13:23 - 00000683 _____ C:\Users\Owner\Desktop\JRT.txt
2016-02-14 13:22 - 2016-02-14 13:35 - 05657023 _____ (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2016-02-14 13:22 - 2016-02-14 13:22 - 01609032 _____ (Malwarebytes) C:\Users\Owner\Downloads\JRT.exe
2016-02-14 13:09 - 2016-02-14 13:09 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-02-14 13:08 - 2016-02-14 13:08 - 20943432 _____ C:\Users\Owner\Downloads\RogueKiller.exe
2016-02-14 13:08 - 2016-02-14 13:08 - 00000000 ____D C:\ProgramData\RogueKiller
2016-02-14 13:06 - 2016-02-14 13:32 - 01508352 _____ C:\Users\Owner\Downloads\AdwCleaner.exe
2016-02-14 12:48 - 2016-02-14 12:48 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Owner\Downloads\rkill.com
2016-02-14 12:48 - 2016-02-14 12:48 - 00002930 _____ C:\Users\Owner\Desktop\Rkill.txt
2016-02-14 12:44 - 2016-02-14 13:32 - 00000000 ____D C:\AdwCleaner
2016-02-14 12:43 - 2016-02-14 12:43 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST (1).exe
2016-02-14 12:42 - 2016-02-14 12:49 - 01721344 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe
2016-02-14 12:38 - 2016-02-14 12:49 - 01508352 _____ C:\Users\Owner\Downloads\adwcleaner_5.033.exe
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-02-12 14:14 - 2016-02-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-02-09 14:29 - 2016-01-29 01:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 14:29 - 2016-01-29 01:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 14:29 - 2016-01-27 01:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 14:29 - 2016-01-27 01:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 14:29 - 2016-01-27 01:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 14:29 - 2016-01-27 00:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 14:29 - 2016-01-27 00:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 14:29 - 2016-01-27 00:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 14:29 - 2016-01-27 00:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 14:29 - 2016-01-27 00:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 14:29 - 2016-01-27 00:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 14:29 - 2016-01-27 00:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 14:29 - 2016-01-27 00:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 14:29 - 2016-01-27 00:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 14:29 - 2016-01-27 00:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 14:29 - 2016-01-27 00:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 14:29 - 2016-01-27 00:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 14:29 - 2016-01-27 00:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 14:29 - 2016-01-27 00:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 14:29 - 2016-01-27 00:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 14:29 - 2016-01-27 00:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 14:29 - 2016-01-27 00:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 14:29 - 2016-01-27 00:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 14:29 - 2016-01-27 00:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 14:29 - 2016-01-26 23:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 14:29 - 2016-01-26 23:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 14:29 - 2016-01-26 23:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 14:29 - 2016-01-26 23:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 14:29 - 2016-01-26 23:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 14:29 - 2016-01-26 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 14:29 - 2016-01-26 23:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 14:29 - 2016-01-26 23:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 14:29 - 2016-01-26 23:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 14:29 - 2016-01-26 23:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 14:29 - 2016-01-26 23:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 14:29 - 2016-01-26 23:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 14:29 - 2016-01-26 23:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 15:31 - 2016-02-08 19:29 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Public\Foxit Software
2016-02-08 15:31 - 2016-02-08 15:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Foxit AgentInformation
 
2016-02-08 15:30 - 2016-02-08 15:30 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-02-08 15:28 - 2016-02-08 15:29 - 43048592 _____ (Foxit Software Inc. ) C:\Users\Owner\Downloads\FoxitReader73_enu_Setup_Prom.exe
2016-02-08 15:19 - 2016-02-08 15:21 - 295249739 _____ C:\Users\Owner\Downloads\CB10h-Edition.pdf
2016-02-08 15:14 - 2016-02-08 15:14 - 01992496 _____ C:\Users\Owner\Downloads\winrar-x64-531.exe
2016-02-08 15:08 - 2016-02-08 15:08 - 00000197 _____ C:\Users\Owner\Downloads\aazea.com_0321775651.rar
2016-02-05 00:23 - 2016-02-05 00:23 - 00003336 _____ C:\WINDOWS\System32\Tasks\{09059723-20CA-40B3-9C08-D8667C90FB5A}
2016-02-02 15:02 - 2016-02-02 15:09 - 00001834 _____ C:\Users\Public\Desktop\ÁúÖ®¹È.lnk
2016-02-02 14:24 - 2016-02-02 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÓÎÏ·
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\盛大游戏
2016-02-02 14:22 - 2016-02-02 14:22 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÓÎÏ·
2016-02-02 12:11 - 2016-02-02 14:58 - 00000000 ____D C:\lzg251
2016-02-02 12:11 - 2016-02-02 12:11 - 00000000 ____D C:\ProgramData\SNDA
2016-02-02 12:10 - 2016-02-02 12:11 - 03450376 _____ (盛大游戏) C:\Users\Owner\Downloads\dragonnest.251_download.exe
2016-02-02 12:07 - 2016-02-02 12:07 - 00000000 ____D C:\Users\Owner\Documents\DragonNest
2016-02-01 22:56 - 2016-02-01 22:56 - 00000000 ____D C:\Users\Owner\AppData\Roaming\WinRAR
2016-02-01 21:51 - 2016-02-01 22:39 - 00104634 _____ C:\ZipSetupLog.txt
2016-02-01 21:51 - 2016-02-01 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ê¢´óÍøÂç
2016-02-01 21:51 - 2016-02-01 21:51 - 00000000 ____D C:\Program Files (x86)\Ê¢´óÍøÂç
2016-02-01 17:02 - 2016-02-01 19:44 - 00000027 _____ C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:38 - 00000000 ____D C:\Gamedownloader
2016-02-01 16:32 - 2016-02-02 14:08 - 00000059 _____ C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-01 16:32 - 2016-02-01 16:32 - 00000000 ____D C:\Users\Owner\AppData\Roaming\lzg1024_setup
2016-02-01 16:23 - 2016-02-02 14:38 - 03733896 _____ (ShenZhen Xunlei Networking Technologies,LTD) C:\Users\Owner\Downloads\lzg1024_setup.exe
2016-01-29 23:56 - 2016-01-29 23:56 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-01-29 21:48 - 2016-02-14 19:21 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2016-01-29 21:43 - 2016-01-29 21:43 - 00003336 _____ C:\WINDOWS\System32\Tasks\{735EF87E-9250-4026-953E-D5F27030B7F1}
2016-01-29 19:13 - 2016-01-29 19:13 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-29 19:13 - 2016-01-29 19:13 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-29 19:12 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-01-29 19:12 - 2016-01-29 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-29 19:12 - 2016-01-22 21:54 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-29 19:12 - 2016-01-22 21:54 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01859936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-29 19:12 - 2016-01-22 21:53 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-29 19:12 - 2016-01-22 19:47 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-29 19:11 - 2016-02-14 19:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-29 19:11 - 2016-01-29 19:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-29 19:11 - 2016-01-22 20:01 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-29 19:11 - 2016-01-22 20:01 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00123448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-29 19:11 - 2016-01-21 21:06 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-29 19:10 - 2016-01-25 12:34 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-29 19:10 - 2016-01-22 22:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-29 19:10 - 2016-01-22 22:31 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-29 19:10 - 2015-12-18 01:11 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-01-29 19:10 - 2015-12-18 01:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-29 19:10 - 2015-12-18 01:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-29 19:08 - 2016-01-29 19:08 - 00000000 ____D C:\NVIDIA
2016-01-29 19:07 - 2016-01-29 19:08 - 122461596 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql (1).exe.hj3lkj7.partial
2016-01-28 15:46 - 2016-01-28 15:46 - 00000000 ____D C:\Users\Owner\Documents\League of Legends
2016-01-28 12:00 - 2016-01-16 01:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 12:00 - 2016-01-16 01:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 11:59 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 11:59 - 2016-01-16 01:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 11:59 - 2016-01-16 01:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 11:59 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 11:59 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 11:59 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 11:59 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 11:59 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 11:59 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 11:59 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 11:59 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 11:59 - 2016-01-16 00:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 11:59 - 2016-01-16 00:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 11:59 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 11:59 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 11:59 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 11:59 - 2016-01-16 00:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 11:59 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 11:59 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 11:59 - 2016-01-16 00:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 11:59 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 11:59 - 2016-01-16 00:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 11:59 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 11:59 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 11:59 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 11:59 - 2016-01-16 00:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 11:59 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 11:59 - 2016-01-16 00:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 11:59 - 2016-01-16 00:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 11:59 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 11:59 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 11:59 - 2016-01-16 00:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 11:59 - 2016-01-16 00:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 11:59 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 11:59 - 2016-01-16 00:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 11:59 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 11:59 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 11:59 - 2016-01-16 00:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 11:59 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 00:38 - 2016-01-29 19:08 - 389921688 _____ (NVIDIA Corporation) C:\Users\Owner\Downloads\361.75-notebook-win10-64bit-international-whql.exe
2016-01-22 21:44 - 2016-01-22 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-01-22 21:36 - 2016-01-22 21:42 - 27864920 _____ (Riot Games) C:\Users\Owner\Downloads\LeagueofLegends_NA_Installer_9_15_2014 (1).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 20:09 - 2016-01-10 11:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-14 19:06 - 2015-11-16 23:47 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-14 19:06 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-14 19:01 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Local\NexonLauncher
2016-02-14 19:01 - 2015-12-16 14:21 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-14 19:01 - 2015-11-16 22:31 - 00000000 ____D C:\Users\Owner\AppData\Local\Deployment
2016-02-14 19:00 - 2015-12-07 10:17 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 19:00 - 2015-11-16 21:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-14 19:00 - 2015-11-16 21:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-14 19:00 - 2015-11-16 20:59 - 00000000 __SHD C:\Users\Owner\IntelGraphicsProfiles
2016-02-14 19:00 - 2015-10-30 01:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-14 18:39 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-14 17:35 - 2015-12-23 11:16 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6E9C8FB6-6FFC-4CC2-94CB-F2E4A93C6C03}
2016-02-13 12:45 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 14:14 - 2015-11-16 22:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-12 14:14 - 2015-11-16 22:23 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-02-12 12:08 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 11:37 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 22:54 - 2016-01-02 21:13 - 00000000 ____D C:\Users\Owner\Downloads\PopcornTime
2016-02-10 16:29 - 2015-12-07 10:18 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 16:29 - 2015-12-07 10:18 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 02:09 - 2015-11-16 21:54 - 00000000 ____D C:\Users\Owner
2016-02-09 21:11 - 2015-09-10 00:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-09 21:10 - 2015-10-30 04:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 15:09 - 2015-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 15:07 - 2015-11-16 21:00 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 15:07 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 15:14 - 2015-11-16 22:49 - 00000000 ____D C:\Program Files\WinRAR
2016-02-05 13:57 - 2015-11-16 20:52 - 00002363 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 13:57 - 2015-11-16 20:52 - 00000000 ___RD C:\Users\Owner\OneDrive
2016-02-05 00:26 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-04 16:32 - 2015-12-16 16:54 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NexonLauncher
2016-02-03 14:01 - 2015-10-30 02:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 14:01 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 20:48 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-02-02 14:07 - 2015-12-16 14:24 - 00000000 ____D C:\Users\Owner\AppData\Local\Steam
2016-02-01 18:23 - 2015-12-07 10:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 18:23 - 2015-12-07 10:17 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 18:23 - 2015-12-07 10:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-29 23:30 - 2015-12-16 14:28 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-29 19:13 - 2015-11-16 21:56 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA
2016-01-29 19:12 - 2015-11-16 21:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 19:12 - 2015-11-16 20:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-29 19:11 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Help
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 16:37 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-22 21:49 - 2015-12-07 10:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Riot Games
2016-01-17 19:13 - 2016-01-06 14:24 - 00000000 ____D C:\Users\Owner\Documents\My Games
2016-01-17 19:13 - 2015-11-16 22:55 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-02-01 17:02 - 2016-02-01 19:44 - 0000027 _____ () C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:08 - 0000059 _____ () C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-14 18:39 - 2016-02-14 18:39 - 0431656 _____ () C:\ProgramData\1455492953.bdinstall.bin
2015-11-16 21:53 - 2015-11-16 21:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Owner\AppData\Local\Temp\netease-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\ntes-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-06 22:13

==================== End of FRST.txt ============================
 
Dditional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Owner (2016-02-15 12:20:17)
Running from C:\Users\Owner\Downloads
Windows 10 Pro (X64) (2015-11-17 02:56:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3197005435-3639198766-659270671-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3197005435-3639198766-659270671-503 - Limited - Disabled)
Guest (S-1-5-21-3197005435-3639198766-659270671-501 - Limited - Disabled)
Owner (S-1-5-21-3197005435-3639198766-659270671-1001 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ÁúÖ®¹È (HKLM-x32\...\DragonNest) (Version: 2.0.8.251 - SHANDAGAMES)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
Bitdefender Antivirus Plus 2016 (HKLM\...\Bitdefender) (Version: 20.0.25.1378 - Bitdefender)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.2.0.13 - Lenovo)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.256 - SurfRight B.V.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
ÍøÒ×-ÌìÚÍ (HKLM-x32\...\tianyu) (Version: 1.0.130 - ÍøÒ×£¨º¼ÖÝ£©ÍøÂçÓÐÏÞ¹«Ë¾)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.017.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3197005435-3639198766-659270671-1001\...\cbe8636f7dd0cf1d) (Version: 1.6.0.0 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvel Heroes 2016 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NVIDIA 3D Vision Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3197005435-3639198766-659270671-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E260F9A-33F5-410C-9462-2D02AC96725B} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [2016-02-01] (Bitdefender)
Task: {2F25D1D9-0448-428B-B454-17CF4E1FD628} - System32\Tasks\{09B16D9D-082B-4636-A5E2-BF03E6FD480B} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {60E97DA1-2642-4D19-A7D8-1656A77C3B0F} - System32\Tasks\{09059723-20CA-40B3-9C08-D8667C90FB5A} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {7BE9D574-5497-4FDF-9AD5-5A9F29F5875F} - System32\Tasks\{735EF87E-9250-4026-953E-D5F27030B7F1} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {837E182B-4407-4868-909A-4FD5389BF324} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {8FBB7972-4AE1-4E8F-A608-0034F897C555} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {A44838B7-2B2A-48E0-BBCC-A1484FADC0A2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3197005435-3639198766-659270671-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {A5E7CA59-FC52-4616-989A-2F86FDAC0908} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.)
Task: {BB2903F6-EDDD-42B1-B9EC-84694C40AC28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-07] (Google Inc.)
Task: {E5AE8CB9-73CB-4158-9499-1515BE4F320E} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender)
Task: {F947A237-880C-4D88-9807-B7FC4523AE08} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-29 19:11 - 2016-01-22 20:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-29 19:12 - 2016-01-22 21:55 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-07 10:25 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-07 10:25 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-11-16 20:59 - 2015-11-16 20:59 - 00405416 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-17 23:48 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 23:48 - 2015-12-06 23:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-17 23:48 - 2015-12-06 23:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-11-16 22:52 - 2015-11-16 22:52 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-11-16 22:52 - 2015-11-16 22:52 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2016-02-14 18:38 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-02-14 18:39 - 2016-01-25 19:51 - 01119064 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-02-14 18:39 - 2016-01-25 19:51 - 00794832 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-02-14 18:39 - 2016-01-25 19:51 - 03038112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-02-14 18:39 - 2016-01-25 19:51 - 01648408 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-02-14 18:38 - 2016-01-29 19:11 - 00519000 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2016-02-14 18:39 - 2015-12-15 19:21 - 00159232 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2016-02-14 18:39 - 2016-02-02 19:48 - 00030208 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\en-US\intermsec.txtui
2016-02-14 18:39 - 2016-02-02 19:47 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\en-US\bdaphconp.txtui
2016-02-14 18:38 - 2016-01-14 18:35 - 00061392 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2016-01-13 00:29 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 00:29 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 11:59 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 11:59 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-13 00:29 - 2016-01-04 20:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-30 02:18 - 2015-10-30 02:18 - 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2015-11-16 20:55 - 2015-11-16 20:55 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-01-21 16:54 - 2014-01-21 16:54 - 01301688 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-02-10 14:58 - 2016-02-10 14:58 - 02364928 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.10\deploy\LoLLauncher.exe
2016-02-10 14:58 - 2016-02-10 14:58 - 04287488 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\LoLPatcher.exe
2016-01-22 22:35 - 2016-01-22 22:35 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\LolClient.exe
2016-01-22 13:21 - 2016-01-22 13:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:21 - 2016-01-22 13:21 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-29 19:12 - 2016-01-22 21:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-16 14:23 - 2015-12-15 00:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-16 14:23 - 2016-02-04 16:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-16 14:23 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-16 14:23 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-16 14:23 - 2016-02-04 16:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-12-16 14:23 - 2015-12-29 20:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-16 14:23 - 2016-01-05 20:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-16 16:54 - 2015-12-12 19:02 - 00044544 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_socket.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00899584 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_ssl.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00087552 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_ctypes.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00358400 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_hashlib.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00100352 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32api.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00110080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\pywintypes27.dll
2015-12-16 16:54 - 2015-12-12 19:02 - 00010240 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\select.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00036864 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32process.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00485888 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\libsodium.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00516096 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\libzmq.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00038400 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\constants.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00014336 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\error.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00046080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\message.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00032256 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\context.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00073216 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\socket.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00023552 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\utils.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00029696 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_poll.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00012800 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_version.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00025088 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\backend\cython\_device.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00027136 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_multiprocessing.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00031232 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\zmq\devices\monitoredqueue.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00036352 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\_psutil_mswindows.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00167936 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\win32gui.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00009728 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Random\OSRNG\winrandom.pyd
2015-12-16 16:53 - 2015-12-12 19:02 - 00010240 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Util\_counter.pyd
2015-12-16 16:54 - 2015-12-12 19:02 - 00029184 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\lib\Crypto\Cipher\_AES.pyd
2015-12-16 16:54 - 2015-11-19 15:03 - 00160768 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\modules\tray\mxwin.pyd
2015-12-16 16:53 - 2015-11-19 15:03 - 00031232 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\modules\tray\Nexon.Mantis.Client.Resources.dll
2015-12-16 16:53 - 2015-12-12 19:02 - 00686080 _____ () C:\Program Files (x86)\Nexon\Nexon Launcher\bin\unicodedata.pyd
2015-11-16 22:56 - 2015-02-12 16:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2016-02-10 14:58 - 2016-02-10 14:58 - 01458176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.50\deploy\RiotLauncher.dll
2016-01-22 22:22 - 2016-01-22 22:22 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-01-22 22:22 - 2016-01-22 22:22 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.186\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Owner\Downloads\adwcleaner_5.033 (1).exe:BDU
AlternateDataStreams: C:\Users\Owner\Downloads\FRST64 (2).exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-30 17:42 - 2016-02-15 11:42 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3197005435-3639198766-659270671-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\Downloads\cherry_blossom_tunnel.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{9EEDA7EA-FB82-463B-9ABF-F480F9DEE9ED}C:\users\owner\downloads\tianyu_dl_0730.exe] => (Allow) C:\users\owner\downloads\tianyu_dl_0730.exe
FirewallRules: [UDP Query User{5ACFB03D-B664-429F-A831-9BBFB56B75A9}C:\users\owner\downloads\tianyu_dl_0730.exe] => (Allow) C:\users\owner\downloads\tianyu_dl_0730.exe
FirewallRules: [TCP Query User{37AAE1B4-79B5-4290-AFBE-F878C83F7C0D}C:\users\owner\appdata\local\temp\netease-tianyu.exe] => (Allow) C:\users\owner\appdata\local\temp\netease-tianyu.exe
FirewallRules: [UDP Query User{A1B1765D-B21C-4D2B-9BDB-292807D10504}C:\users\owner\appdata\local\temp\netease-tianyu.exe] => (Allow) C:\users\owner\appdata\local\temp\netease-tianyu.exe
FirewallRules: [TCP Query User{A53C1BDC-47C8-42F7-B368-A1CA6CA28F4B}C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe
FirewallRules: [UDP Query User{EA7A4CFE-45A7-434B-AD6D-1E60CBB86430}C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\pgloader.exe
FirewallRules: [TCP Query User{F95E48A8-C2A8-4612-BCC8-28C4E214F543}C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe
FirewallRules: [UDP Query User{07C15253-EE24-4E14-A1AB-6484FF9B90B0}C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe] => (Allow) C:\users\owner\appdata\local\temp\pg_download_temp_file\p2pupdater.exe
FirewallRules: [TCP Query User{69DC82E0-0D37-46FF-BC73-D8EFD959BD11}C:\program files (x86)\netease\ty\game\tianyu.exe] => (Allow) C:\program files (x86)\netease\ty\game\tianyu.exe
FirewallRules: [UDP Query User{B741CC80-62DC-42AC-80B6-849E6D0598E2}C:\program files (x86)\netease\ty\game\tianyu.exe] => (Allow) C:\program files (x86)\netease\ty\game\tianyu.exe
FirewallRules: [{8D3069F9-E5E5-42FE-9912-5080374280FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3D127AE5-DB40-4F3C-B8FD-72F41B152B49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17E98202-4072-4D11-A68A-65CC24C94AA6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1FB7C382-110D-4A1F-9031-BFB14D62128E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C34E3C2C-FB8F-4E19-9319-3D6A730F0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{FE2E09D4-6E18-4221-88A5-E57848868996}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{D0225C20-E3C6-469A-8069-A3322FAD312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{7E3E8AD8-066E-4AA6-9348-DD339D8AD291}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{5B0DF0BE-E379-4234-A9EE-DDE260C27BFF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{5A276C42-5110-4373-8B0A-B53338083020}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{29038CB8-4361-4E1A-A5D5-9A8BEE316427}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{BD922299-EA3C-4E11-97AB-D3DD9CFE2F73}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{C54371B0-A77B-4977-82AE-F86C3C833BE6}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{4301086A-0880-4783-B4A0-8D74D1F1ED32}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{C670E80B-C297-4217-BC31-FD4B83D42855}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{9310A6DB-4E7B-4230-ACD0-8984CC26466B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{F3DE407D-E6C7-47D0-9F02-2DE64D0DC504}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2AF0B00D-C9A1-4C26-90BB-6F9573279FC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5AEB6F71-F773-4FFD-BBE1-8651A9B9289D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{41FF28EC-7F02-420C-8385-927452B44D8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5A7E3C1-EDA0-4C27-B3F3-2BC8FD6A419A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2EDDB6A6-AC67-4967-9E80-B44BA42758BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{281AB3DF-B434-40EB-8A7E-41B34A5422AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A91394E6-BF53-4436-9973-A566ED83E162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{66F91DB2-0693-4144-A44D-470C6848EAD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{29EF3BF2-B55F-45E6-B0DF-E3B5DB76B26C}] => (Allow) C:\Users\Owner\Downloads\lzg1024_setup.exe
FirewallRules: [{8D4534D1-C702-431D-B2F5-B39B1703CA8A}] => (Allow) C:\Users\Owner\Downloads\lzg1024_setup.exe
FirewallRules: [TCP Query User{94341CC4-F3D9-4830-93A3-BCFD2990511B}C:\users\owner\downloads\dragonnest.251_download.exe] => (Allow) C:\users\owner\downloads\dragonnest.251_download.exe
FirewallRules: [UDP Query User{8D036A37-0F6C-4E28-889A-92FE15AC9DF1}C:\users\owner\downloads\dragonnest.251_download.exe] => (Allow) C:\users\owner\downloads\dragonnest.251_download.exe
FirewallRules: [{7946DA7C-E153-442A-AD68-EDA3CF4B2A24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{221CCADE-293B-46F8-8776-1E49DBAB9FB6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{303C9904-D45A-4C2C-A941-02F6CCDFE589}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe

==================== Restore Points =========================

28-01-2016 20:26:32 Windows Update
06-02-2016 12:24:51 Scheduled Checkpoint
09-02-2016 15:06:21 Windows Update
14-02-2016 13:22:45 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2016 11:48:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (02/15/2016 11:48:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/14/2016 07:21:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x2398
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/14/2016 07:09:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vsserv.exe, version: 20.0.25.1375, time stamp: 0x56af6256
Faulting module name: ntdll.dll, version: 10.0.10586.103, time stamp: 0x56a8483f
Exception code: 0xc0000374
Fault offset: 0x00000000000ee71c
Faulting process id: 0x45c
Faulting application start time: 0xvsserv.exe0
Faulting application path: vsserv.exe1
Faulting module path: vsserv.exe2
Report Id: vsserv.exe3
Faulting package full name: vsserv.exe4
Faulting package-relative application ID: vsserv.exe5

Error: (02/14/2016 06:54:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vsserv.exe, version: 20.0.25.1375, time stamp: 0x56af6256
Faulting module name: ntdll.dll, version: 10.0.10586.103, time stamp: 0x56a8483f
Exception code: 0xc0000374
Fault offset: 0x00000000000ee71c
Faulting process id: 0xcbc
Faulting application start time: 0xvsserv.exe0
Faulting application path: vsserv.exe1
Faulting module path: vsserv.exe2
Report Id: vsserv.exe3
Faulting package full name: vsserv.exe4
Faulting package-relative application ID: vsserv.exe5

Error: (02/14/2016 05:07:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: igd10iumd64.dll, version: 10.18.15.4279, time stamp: 0x55db7ece
Exception code: 0xc0000005
Fault offset: 0x0000000000151c3a
Faulting process id: 0x1f00
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/14/2016 01:22:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.103, time stamp: 0x56a84dc4
Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4
Exception code: 0xc0000005
Fault offset: 0x00000000000780cd
Faulting process id: 0x1144
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/14/2016 01:22:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/14/2016 12:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.103, time stamp: 0x56a84dc4
Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x565185e4
Exception code: 0xc0000005
Fault offset: 0x00000000000780cd
Faulting process id: 0x17cc
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/13/2016 11:33:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


System errors:
=============
Error: (02/15/2016 10:42:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/15/2016 02:30:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 11:13:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 10:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 07:14:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2016 07:00:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VMOPO8L)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (02/14/2016 07:00:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_39abf service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/14/2016 07:00:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/14/2016 06:58:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).

Error: (02/14/2016 04:05:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
Date: 2016-02-13 23:33:31.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-12 12:04:00.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-10 02:11:38.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-09 22:13:14.071
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-09 21:11:17.296
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-06 11:07:16.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-05 12:15:35.003
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-02-03 22:48:02.526
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-30 10:41:39.774
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-01-29 16:40:03.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 54%
Total physical RAM: 8104.27 MB
Available physical RAM: 3666.96 MB
Total Virtual: 10024.27 MB
Available Virtual: 5518.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.92 GB) (Free:121.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D7916CC8)

Partition: GPT.

==================== End of Addition.txt ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    841 bytes · Views: 4
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================

fixlist content:
*****************
2016-02-01 17:02 - 2016-02-01 19:44 - 0000027 _____ () C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini
2016-02-01 16:32 - 2016-02-02 14:08 - 0000059 _____ () C:\Users\Owner\AppData\Roaming\xlgdlapp.ini
2016-02-14 18:39 - 2016-02-14 18:39 - 0431656 _____ () C:\ProgramData\1455492953.bdinstall.bin
2015-11-16 21:53 - 2015-11-16 21:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Owner\AppData\Local\Temp\netease-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\ntes-tianyu.exe
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe
AlternateDataStreams: C:\Users\Owner\Downloads\adwcleaner_5.033 (1).exe:BDU
AlternateDataStreams: C:\Users\Owner\Downloads\FRST64 (2).exe:BDU

*****************

C:\Users\Owner\AppData\Roaming\xlaccolsetupstatus.ini => moved successfully
C:\Users\Owner\AppData\Roaming\xlgdlapp.ini => moved successfully
C:\ProgramData\1455492953.bdinstall.bin => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\netease-tianyu.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\ntes-tianyu.exe => moved successfully
C:\Users\Owner\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\nvStereoApiI64.dll => moved successfully
C:\Users\Owner\AppData\Local\Temp\nvStInst.exe => moved successfully
C:\Users\Owner\Downloads\adwcleaner_5.033 (1).exe => ":BDU" ADS removed successfully.
C:\Users\Owner\Downloads\FRST64 (2).exe => ":BDU" ADS removed successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-02-15 22:14:32)

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 22:14:32 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (48.0.2564.103)
Google Chrome (48.0.2564.109)
````````Process Check: objlist.exe by Laurent````````
Bitdefender Bitdefender 2016 vsserv.exe
Bitdefender Bitdefender 2016 updatesrv.exe
Bitdefender Agent ProductAgentService.exe
Bitdefender Bitdefender 2016 bdagent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
  • Farbar Service Scanner Version: 27-01-2016
    Ran by Owner (administrator) on 15-02-2016 at 23:29:09
    Running from "C:\Users\Owner\Downloads"
    Microsoft Windows 10 Pro (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Attempt to access Google IP returned error. Google IP is unreachable
    Google.com is accessible.
    Yahoo.com is accessible.


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****
 
You must log in or register to reply here.

Similar threads

midian182
YouTube escalates battle against ad blockers, rolls out site slowdown (update)
2
Replies
47
Views
726
Benny26
Benny26
midian182
Another Matrix movie is in the works with a new writer-director
2
Replies
25
Views
339
ZedRM
ZedRM
midian182
OpenAI transcribed over a million hours of YouTube videos to train its LLMs, Google engaged in same practice
Replies
5
Views
78
daffy duck
D

Latest posts

Back