Solved Issues with internet due to possible malware/virus

SXYYP · Jan 19, 2017

My internet has some really odd problems where it will technically be up but randomly not load pages in Chrome and give a message about connection being interuppted. This for some reason happens on and off and can seemingly work perfectly for 10 seconds but in the next 10 seconds it doesn't work. Minimal network loads such as spotify and messaging seem to have no issues though. I have tried lots of troubleshooting online and it seems nothing helps. This problem applies to every device on the network, so I'm not sure if malware/viruses can do that? Thanks!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Chris (administrator) on CHRISDAWN-PC (19-01-2017 17:42:44)
Running from C:\Users\Chris\Downloads
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Chris\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046496 2016-12-22] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2017-01-19] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-19] (Valve Corporation)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Spotify Web Helper] => C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-23] (Spotify Ltd)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Iccsoft] => C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe [117561 2017-01-15] ()
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-19] (AVAST Software)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-09-27]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:56776ba747 /A:"* " /L:"1033" /heur:80 /RA:fix /pup /archives /IA:0 /KBD:3 /wow /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{A0D072C1-C8BC-474C-9C06-15F384EA59CD}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{A53325C3-2F40-44AF-89C0-D16ABAB5180C}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-19] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-01-19] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-12-23] (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-08-07]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150
CHR StartupUrls: Default -> "hxxp://www.bing.com/","hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150","hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=997063","hxxp://www.trovi.com/?ctid=CT3331786&SearchSource=55&CUI=18D9F08D-E849-40E6-9838-520D13DB8120&UM=5"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-27]
CHR Extension: (BetterTTV) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-27]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-27]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-27]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-27]
CHR Extension: (Galaxy-View) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-06-27]
CHR Extension: (Tampermonkey) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-27]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2017-01-15]
CHR Extension: (Session Buddy) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2016-06-27]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-27]
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-27]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-01-18]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-11-06]
CHR Extension: (Momentum) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-27]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-27]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-19] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [731648 2016-12-05] (Splashtop Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-19] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-19] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-19] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2016-10-05] (Leapdroid Inc.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [85160 2016-04-18] (Logitech Inc.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SXYYP · Jan 19, 2017

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-19 17:41 - 2017-01-19 17:42 - 00000000 ____D C:\FRST
2017-01-19 17:41 - 2017-01-19 17:41 - 02193920 _____ (Farbar) C:\Users\Chris\Downloads\FRST64 (1).exe
2017-01-19 17:16 - 2017-01-19 17:16 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1484864172
2017-01-19 17:16 - 2017-01-19 17:16 - 00001043 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-01-19 17:16 - 2017-01-19 17:16 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-19 17:15 - 2017-01-19 17:15 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-19 17:12 - 2017-01-19 17:12 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-19 17:12 - 2017-01-19 17:12 - 00000000 ____D C:\Users\Chris\AppData\Roaming\AVAST Software
2017-01-19 17:12 - 2017-01-19 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-01-19 17:11 - 2017-01-19 17:12 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-01-19 17:11 - 2017-01-19 17:12 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-01-19 17:11 - 2017-01-19 17:12 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148486392525407
2017-01-19 17:11 - 2017-01-19 17:11 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148486392625210
2017-01-19 17:11 - 2017-01-19 17:11 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-19 17:11 - 2017-01-19 17:11 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148486392607912
2017-01-19 17:11 - 2017-01-19 17:11 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-19 17:11 - 2017-01-19 17:11 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-19 17:11 - 2017-01-19 17:11 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-19 17:11 - 2017-01-19 17:11 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-19 17:09 - 2017-01-19 17:15 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-19 17:08 - 2017-01-19 17:15 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-19 17:08 - 2017-01-19 17:08 - 06334848 _____ (AVAST Software) C:\Users\Chris\Downloads\avast_free_antivirus_setup.exe
2017-01-19 15:39 - 2017-01-19 15:39 - 00000031 _____ C:\Users\Chris\Downloads\stream (1).m3u
2017-01-18 23:30 - 2017-01-19 17:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-18 23:30 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-01-18 22:59 - 2017-01-18 23:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-18 22:59 - 2017-01-18 23:30 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-18 22:59 - 2017-01-18 22:59 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-18 22:59 - 2017-01-18 22:59 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-18 22:59 - 2017-01-18 22:59 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-01-18 22:59 - 2017-01-18 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-18 22:59 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2017-01-18 22:57 - 2017-01-18 22:58 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chris\Downloads\spybot-2.4.exe
2017-01-17 23:12 - 2017-01-17 23:12 - 00438301 _____ C:\Users\Chris\Downloads\session_buddy_backup_2017_01_17_23_12_31.json
2017-01-16 23:02 - 2017-01-19 15:33 - 00000336 _____ C:\Windows\setupact.log
2017-01-16 23:02 - 2017-01-16 23:02 - 00001038 _____ C:\Windows\PFRO.log
2017-01-16 23:02 - 2017-01-16 23:02 - 00000000 _____ C:\Windows\setuperr.log
2017-01-16 21:52 - 2017-01-16 21:53 - 08805960 _____ (Piriform Ltd) C:\Users\Chris\Downloads\ccsetup525pro.exe
2017-01-15 14:01 - 2017-01-15 14:01 - 00000031 _____ C:\Users\Chris\Downloads\stream.m3u
2017-01-15 11:49 - 2017-01-19 17:19 - 00000000 ____D C:\Users\Chris\AppData\Local\Iccsoft
2017-01-15 11:49 - 2017-01-19 17:17 - 00000000 ____D C:\Users\Chris\AppData\Local\Ubnrmedia
2017-01-15 11:48 - 2017-01-15 11:54 - 00000000 ___HD C:\Users\Chris\AppData\Local\SysHashTable
2017-01-14 19:37 - 2017-01-14 19:37 - 00033026 _____ C:\Users\Chris\Downloads\The Wasted Times 2016 (1).torrent
2017-01-11 15:50 - 2017-01-11 15:50 - 00135927 _____ C:\Users\Chris\Downloads\BlackJackFP.zip
2017-01-10 15:58 - 2017-01-05 13:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-10 15:58 - 2017-01-05 13:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-10 15:58 - 2017-01-05 13:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-10 15:58 - 2017-01-05 12:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-10 15:58 - 2017-01-05 12:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-10 15:58 - 2017-01-05 12:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-10 15:58 - 2017-01-05 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-10 15:58 - 2017-01-05 12:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-04 20:26 - 2017-01-04 20:28 - 00000000 ____D C:\Users\Chris\Documents\My Games
2017-01-04 20:26 - 2017-01-04 20:26 - 00000000 ____D C:\Users\Chris\AppData\Local\HirezLauncherUI
2017-01-04 20:25 - 2017-01-18 23:16 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-04 20:25 - 2017-01-04 20:28 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-01-04 20:25 - 2017-01-04 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-12-31 19:20 - 2016-12-31 19:20 - 00994498 _____ C:\Users\Chris\Downloads\ElophantClient.zip
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Users\Chris\Documents\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-26 14:29 - 2017-01-15 18:57 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\uTorrent
2016-12-25 14:03 - 2016-12-25 14:07 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Daybreak Game Company
2016-12-25 14:03 - 2016-12-25 14:03 - 00000000 ____D C:\Users\Chris\AppData\Local\SCE
2016-12-25 14:03 - 2016-12-25 14:03 - 00000000 ____D C:\Users\Chris\AppData\Local\Daybreak Game Company
2016-12-25 14:03 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-25 14:03 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-25 14:03 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-25 14:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-25 14:03 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-25 14:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-25 14:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-25 14:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-25 14:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-25 14:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-25 14:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-25 14:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-25 14:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-25 14:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-25 14:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-25 14:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-25 14:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-25 14:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-25 14:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-25 14:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-25 14:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-25 14:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-25 14:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-25 14:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-25 14:03 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-25 14:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-25 14:03 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-12-25 14:03 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-25 14:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-25 14:03 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-25 14:03 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-25 14:03 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-25 14:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-25 14:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-25 14:03 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-25 14:03 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-25 14:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-25 14:03 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-25 14:03 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-25 14:03 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-25 14:03 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-25 14:03 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-25 14:03 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-25 14:03 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-25 14:03 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-25 14:03 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-25 14:03 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-25 14:03 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-25 14:03 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-25 14:03 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-25 14:03 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-25 14:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-25 14:03 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-25 14:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-25 14:03 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-25 14:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-25 14:03 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-25 14:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-25 14:03 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-25 14:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-19 17:42 - 2016-12-19 23:05 - 00024741 _____ C:\Users\Chris\Downloads\FRST.txt
2017-01-19 17:34 - 2016-07-29 16:48 - 00003652 _____ C:\Windows\System32\Tasks\DivXUpdate
2017-01-19 17:34 - 2016-07-29 16:48 - 00001575 _____ C:\Users\Chris\Desktop\DivX Movies.lnk
2017-01-19 17:34 - 2016-07-29 16:48 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2017-01-19 17:34 - 2016-07-29 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-01-19 17:34 - 2016-07-29 16:47 - 00000000 ____D C:\Program Files (x86)\DivX
2017-01-19 17:34 - 2016-07-29 16:46 - 00000000 ____D C:\ProgramData\DivX
2017-01-19 17:33 - 2016-07-29 16:48 - 00001091 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2017-01-19 17:33 - 2016-07-29 16:48 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DivX
2017-01-19 17:19 - 2016-06-27 21:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2017-01-19 17:18 - 2016-06-27 21:21 - 00000000 ____D C:\ProgramData\Skype
2017-01-19 16:08 - 2016-08-16 23:39 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-19 15:56 - 2016-06-27 19:32 - 01883887 _____ C:\Windows\WindowsUpdate.log
2017-01-19 15:39 - 2016-08-08 22:33 - 00000000 ____D C:\Users\Chris\AppData\Roaming\foobar2000
2017-01-18 23:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-18 23:24 - 2009-07-13 23:45 - 00021936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-18 23:24 - 2009-07-13 23:45 - 00021936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-18 23:22 - 2009-07-14 00:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-18 23:16 - 2016-08-08 22:49 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-18 23:16 - 2016-06-29 19:17 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-18 23:16 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-18 19:44 - 2016-12-19 15:37 - 00000000 ____D C:\Users\Chris\.jrebel
2017-01-17 21:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2017-01-16 21:54 - 2016-07-29 16:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\uTorrent
2017-01-16 21:54 - 2016-07-12 21:49 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2017-01-16 21:54 - 2016-06-27 23:23 - 00000000 ____D C:\Windows\panther
2017-01-16 09:59 - 2016-08-09 16:04 - 00000000 ____D C:\Users\Chris\Documents\ShareX
2017-01-15 12:24 - 2016-11-23 18:40 - 00000000 ____D C:\AdwCleaner
2017-01-15 12:23 - 2016-08-08 22:52 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Spotify
2017-01-15 11:58 - 2016-08-08 22:53 - 00000000 ____D C:\Users\Chris\AppData\Local\Spotify
2017-01-05 15:49 - 2016-06-27 21:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-05 15:48 - 2016-06-29 15:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-04 20:25 - 2016-06-28 17:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-30 22:56 - 2016-06-27 20:16 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-20 23:08 - 2016-06-27 21:38 - 00007599 _____ C:\Users\Chris\AppData\Local\Resmon.ResmonCfg

==================== Files in the root of some directories =======

2016-08-21 13:39 - 2016-08-21 13:39 - 0003069 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2016-06-27 21:38 - 2016-12-20 23:08 - 0007599 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2016-08-07 17:32 - 2016-08-07 17:40 - 0000775 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-13 16:09

==================== End of FRST.txt ============================

SXYYP · Jan 19, 2017

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Chris (2017-01-19 18:04:29)
Running from C:\Users\Chris\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-06-28 00:32:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1550537845-2684649534-4076172876-500 - Administrator - Disabled)
Chris (S-1-5-21-1550537845-2684649534-4076172876-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-1550537845-2684649534-4076172876-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.141 - DivX, LLC)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League client alpha (HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
LeapdroidVM (HKLM-x32\...\LeapdroidVM) (Version: - LeapdroidVM)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.4.1 - ShareX Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.2.0 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17329 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

15-01-2017 17:00:59 Removed Adobe Acrobat Reader DC.
17-01-2017 15:36:04 Windows Update
19-01-2017 17:33:33 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2017-01-15 17:38 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05462819-4FB8-4A9C-A9E7-57975FF375E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {0B099184-4E16-445F-BEE6-2774A1260B9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {0C1A0EE4-8BF4-4EB9-8189-A75DA257523C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {15423FE3-5D23-4E52-94DC-886C596778D4} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2016-12-15] (DivX, LLC)
Task: {23591037-174B-4E9E-A563-36AA2CAF51F5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {2ECCB766-91A1-4A96-B5C7-7248C3776A7C} - System32\Tasks\{5CF3A32E-342A-44E7-B566-D47504C0B1FB} => F:\Setup.exe
Task: {676819B7-A11F-4F4C-92DC-F9B26201EC66} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {76818E54-DFE3-4D4C-9DAA-77D6BF38E6E9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {818EC731-DECB-46C5-8DDF-8F388A9BCA9D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
Task: {82568BAF-7173-4CA6-9FF0-09D1152CBA59} - System32\Tasks\{95B99FDC-E28F-4EB4-B0A0-15BDBE6969E9} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.24.0.104&LastError=12029
Task: {86B018C5-4B77-4039-A22C-A4C6870E61BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-19] (AVAST Software)
Task: {C690BAD7-4F97-4967-8FA4-8EDEA7C571B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {CDA559A8-B297-4E26-B5E5-A415588609AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {D49D9F63-FDA9-4D95-9352-D7B03362F264} - System32\Tasks\SafeZone scheduled Autoupdate 1484864172 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {DD356FFB-189F-47B7-A4A9-58AFE7F8FFF4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {E23C8A84-17AB-4F04-93B4-BB2D97F3B9D2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-10] (Microsoft Corporation)
Task: {FBCA5A58-8FD3-4FF3-A989-85DB009A6D94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-19] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-29 19:17 - 2016-06-02 22:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-15 11:49 - 2017-01-15 11:48 - 00117561 _____ () C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe
2016-10-31 14:45 - 2016-10-31 14:45 - 00592384 _____ () C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
2016-06-29 16:04 - 2016-12-09 18:33 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-12-14 21:22 - 2016-12-08 03:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 21:22 - 2016-12-08 03:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 21:22 - 2017-01-11 21:22 - 31167576 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2017-01-18 22:59 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-01-18 22:59 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-01-18 22:59 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-01-18 22:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-01-18 22:59 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-03-17 07:58 - 2016-03-17 07:58 - 00095696 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 00160704 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2016-03-09 07:42 - 2016-03-09 07:42 - 00307200 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00205312 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00250368 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 01087960 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00356352 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2016-03-09 07:42 - 2016-03-09 07:42 - 00294912 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2016-03-25 05:58 - 2016-03-25 05:58 - 00309760 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00536064 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2016-03-25 05:58 - 2016-03-25 05:58 - 00263168 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 01409496 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00375296 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2016-10-31 14:43 - 2016-10-31 14:43 - 00564736 _____ () C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
2016-06-29 16:04 - 2016-12-09 17:47 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2017-01-19 17:11 - 2017-01-19 17:11 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-19 17:11 - 2017-01-19 17:11 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-19 17:15 - 2017-01-19 17:15 - 04450840 _____ () C:\Program Files\AVAST Software\Avast\defs\17011903\algo.dll
2017-01-19 17:11 - 2017-01-19 17:11 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.62 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{E645FC8F-0C57-4174-94FA-ADF77F3176C5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3B837C2E-C9C6-48CE-9FC8-C1B41B8D0D47}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F1ABF086-C96E-4EFD-8E24-5DDD442BFB4C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB4F1A6F-A87D-43C1-9587-D44AFA04DCD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6C5ED8B4-B807-4F2C-84D7-9FCD6948B84D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8B23274A-4871-47B4-9973-545808A48025}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BD3EA478-8F53-4B3C-A6D6-CD11F294C69C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{42F0FE4F-0ECE-453D-91F6-D46127A672CD}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D04B3AE-4ED9-458D-96B7-EC76BE57FE04}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1F1CC42-2163-4666-A025-A6603545EA48}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8053E5D7-6AAF-4421-AA74-91931C4D521D}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D310966B-68E5-4CBA-8C2D-81406FD43FB4}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A72DFF91-B69A-48CF-9B06-BEDC4A64BBBA}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4A16E5F2-8D68-4E5D-AAA7-D9F387F2D67D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{96D1674B-15B3-46EC-800B-4E1BAD17F55C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9EC18DD3-5C93-40F9-87F3-0F6B8254F09A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2DDD38A2-56E0-4480-B04C-5969035C9C1B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{976859E5-FB52-4BD7-B638-3CE9B04DC3A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{72FD1390-6961-4FE8-ACB1-941E406D7983}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{AC3D228C-75F1-4827-865C-B1EDEA8C78A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{749CD7EC-2154-4527-9663-C37D0321B15C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{51EA0340-C422-4A44-A8EA-C44330265305}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{3F2EAC1C-5679-4EBE-A13A-5EA4C92ACBB0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{8D12F3C8-9F20-4C00-944C-3DF2ADC57DA3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B77F56EB-BEA4-47B6-9CB9-E2B21D480B69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B7629A83-E156-4316-9F3A-8411BDA05366}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D3197A52-1506-4B1E-B2F3-CFA1BF49EBAC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AB87714F-EB67-4BA4-BDE0-6005551F5741}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B919E389-6858-499C-BE4C-86BB3CF61F01}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B260B33-C804-4CA8-BF4D-BD3FD9E1F4D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CAA056CA-6013-4677-BCDB-2FC972D9D764}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3EBBF2E8-284E-444A-A0F6-C7ED8C284D42}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{5699316A-A1AA-4C7A-88EF-B790829FC1D4}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0AC8B108-FE92-415A-BD96-4973AF86D076}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3D50AF9F-1AC4-470A-ABE1-EEB6FB9D2E36}C:\users\chris\appdata\local\henwatch server\henwatch server.exe] => (Allow) C:\users\chris\appdata\local\henwatch server\henwatch server.exe
FirewallRules: [UDP Query User{3F1A3C9A-0329-4195-B849-B72DF7D86962}C:\users\chris\appdata\local\henwatch server\henwatch server.exe] => (Allow) C:\users\chris\appdata\local\henwatch server\henwatch server.exe
FirewallRules: [TCP Query User{643A9AE0-48EC-4412-AB02-F06094A8DF13}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{96A4BDFE-7C88-4B4E-997D-C13F3482060C}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DC225015-D094-4FA5-A5A7-EE19D2139B32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FE387347-A7B4-4281-ACA4-29AA768A01C0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C3EDDA66-5381-4601-B4F6-0CE87D6E2F35}] => (Allow) LPort=2869
FirewallRules: [{3956E1C8-5572-4C11-B8B0-056EB2C53F6F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D9693A31-0FC9-4F7E-B39D-C49E01148A77}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9274A531-EAC6-4104-96BF-BBD4D5D07DD5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{4097C25F-858B-4CF3-84D4-2F27A89D9FE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{045C6E37-BA02-49EC-BF8E-3A930A7DAE9C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8B10E54-3918-4C1F-963C-C8C278020284}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C13A70D0-BB60-4CD0-851F-D15B6443A267}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49BF69D6-A704-4752-9FAA-4BD54E77FC1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9EA6BC2C-DD4E-4951-8AF4-177673491045}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08B27EF5-041A-4CC2-BF19-2462152B360A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{51C65A0A-3322-480F-824E-CE46E7892ECB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{7BB3CE84-0AEA-40C9-8D43-91A7ECA25958}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [UDP Query User{9D3CC9F8-080C-41CF-894B-6E3A6E59D587}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [{2F8821C2-F532-4424-84B5-07424B2E32E2}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{4ABED4B6-AD15-463B-ADA2-9D58F75867BC}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{72549DE2-7B5C-46F1-9AB3-25E1EDE0CCAB}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{EFD5118A-5C63-4937-87D0-CE0F33D353A5}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{1ADAA85D-5C0B-4721-9FF7-AA9FD22FDCC0}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3879E1E9-298E-4074-B8E2-E285EC135987}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DAA6432D-D3DB-4B7E-96D9-F9DE8EEBBE36}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B589CB9C-28B7-4B5D-A9EE-E17957189310}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{21772F45-2933-4096-A854-AEF871F8864A}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{926CE8CB-D5E4-41B3-AA9B-3EA31B9E99E1}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{74EDDAC7-52C4-4369-8B24-2E2606126BA7}] => (Allow) H:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{25159AA8-B78C-400E-B604-C5625D295ECF}] => (Allow) H:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{883BFD76-AA64-4ECA-8D9D-4E6847320253}H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{7AABAB2F-CDB4-4C20-9640-E61E62AE9432}H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{18A65697-0052-4E7A-B412-7292DF78A00F}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{5AD49244-9ACF-4969-89BD-03162D238A67}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{395ECEB7-2F35-4E42-BBAE-12B2B5F4257C}] => (Allow) H:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{D92394D8-7DA8-4081-A024-2F0E35F28725}] => (Allow) H:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{339734AA-A872-4DA5-8DC8-FB0B2CE7BA92}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

SXYYP · Jan 19, 2017

==================== Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: System Interrupt Controller
Description: System Interrupt Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2017 05:12:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1".
Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/19/2017 03:59:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18538, time stamp: 0x582749db
Faulting module name: Flash10b.ocx, version: 10.0.22.87, time stamp: 0x4987a6c3
Exception code: 0xc0000005
Fault offset: 0x0017fbd8
Faulting process id: 0x10b8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (01/19/2017 12:12:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9875

Error: (01/19/2017 12:12:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9875

Error: (01/19/2017 12:12:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/18/2017 11:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: SHELL32.dll, version: 6.1.7601.23537, time stamp: 0x57c45548
Exception code: 0xc000041d
Fault offset: 0x0000000000050446
Faulting process id: 0xee0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (01/18/2017 11:42:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: SHELL32.dll, version: 6.1.7601.23537, time stamp: 0x57c45548
Exception code: 0xc0000005
Fault offset: 0x0000000000050446
Faulting process id: 0xee0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (01/18/2017 11:39:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: SHELL32.dll, version: 6.1.7601.23537, time stamp: 0x57c45548
Exception code: 0xc000041d
Fault offset: 0x0000000000050446
Faulting process id: 0x18fc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (01/18/2017 11:39:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: SHELL32.dll, version: 6.1.7601.23537, time stamp: 0x57c45548
Exception code: 0xc0000005
Fault offset: 0x0000000000050446
Faulting process id: 0x18fc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (01/18/2017 11:39:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: SHELL32.dll, version: 6.1.7601.23537, time stamp: 0x57c45548
Exception code: 0xc000041d
Fault offset: 0x0000000000050446
Faulting process id: 0xec4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

System errors:
=============
Error: (01/19/2017 05:23:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/19/2017 05:17:15 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (01/18/2017 11:15:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/16/2017 11:02:59 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (01/16/2017 11:02:38 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (01/16/2017 11:02:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/16/2017 11:02:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (01/16/2017 11:01:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/16/2017 06:02:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (01/16/2017 03:14:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

CodeIntegrity:
===================================
Date: 2016-06-27 21:33:31.413
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:33:31.413
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:32:48.090
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:32:48.085
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:17:18.436
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:17:18.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 30%
Total physical RAM: 16285.66 MB
Available physical RAM: 11375.9 MB
Total Virtual: 32569.51 MB
Available Virtual: 26030.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:31.76 GB) NTFS
Drive d: () (Fixed) (Total:119.24 GB) (Free:119.11 GB) NTFS
Drive h: () (Fixed) (Total:931.51 GB) (Free:490.86 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive l: () (Fixed) (Total:111.79 GB) (Free:111.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=119.2 GB) - (Type=04)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 34946434)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3CDE3E97)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3CDE3E90)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Broni · Jan 19, 2017

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.
The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
The tool will start to update the database if one is required.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Logfile button.
A window will open which lists the logs of your scans.
Click on the Scan tab.
Double-click the most recent scan which will be at the top of the list....the log will appear.
Review the results...see note below
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

SXYYP · Jan 20, 2017

RogueKiller V12.9.4.0 (x64) [Jan 16 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Chris [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 01/20/2017 15:49:21 (Duration : 00:13:24)

¤¤¤ Processes : 3 ¤¤¤
[Suspicious.Path|VT.TrojanDownloader:Win32/Dimegup.A] tmp3368.exe(4060) -- C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe[-] -> Killed [TermProc]
[Suspicious.Path] BinapiSpi32.dll(4076) -- C:\Users\Chris\AppData\Local\Iccsoft\BinapiSpi32.dll[x] -> Found
[Suspicious.Path] BinapiSpi32.dll(3148) -- C:\Users\Chris\AppData\Local\Ubnrmedia\BinapiSpi32.dll[x] -> Found

¤¤¤ Registry : 10 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\OCS -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\OCS -> Deleted
[Suspicious.Path|VT.TrojanDownloader:Win32/Dimegup.A] (X64) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Run | Iccsoft : C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe [-] -> Deleted
[Suspicious.Path|VT.TrojanDownloader:Win32/Dimegup.A] (X86) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Run | Iccsoft : C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe [-] -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{3D50AF9F-1AC4-470A-ABE1-EEB6FB9D2E36}C:\users\chris\appdata\local\henwatch server\henwatch server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\chris\appdata\local\henwatch server\henwatch server.exe|Name=henwatch server.exe|Desc=henwatch server.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3F1A3C9A-0329-4195-B849-B72DF7D86962}C:\users\chris\appdata\local\henwatch server\henwatch server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\chris\appdata\local\henwatch server\henwatch server.exe|Name=henwatch server.exe|Desc=henwatch server.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{3D50AF9F-1AC4-470A-ABE1-EEB6FB9D2E36}C:\users\chris\appdata\local\henwatch server\henwatch server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\chris\appdata\local\henwatch server\henwatch server.exe|Name=henwatch server.exe|Desc=henwatch server.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3F1A3C9A-0329-4195-B849-B72DF7D86962}C:\users\chris\appdata\local\henwatch server\henwatch server.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\chris\appdata\local\henwatch server\henwatch server.exe|Name=henwatch server.exe|Desc=henwatch server.exe|Defer=User| [x] -> Deleted
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 6 ¤¤¤
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.8_42445\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe -> Deleted
[Tr.Gen0][File] C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [https://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.bing.com/|https://search...CUI=18D9F08D-E849-40E6-9838-520D13DB8120&UM=5] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 PRO 128GB ATA Device +++++
--- User ---
[MBR] 7d1bcf4d4bea02ab314a2b1fa606b8bc
[BSP] e94c2e1be1b2240bed362a266878a37c : Compressed BootMgr MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x4) [VISIBLE] Offset (sectors): 0 | Size: 122104 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Samsung SSD 850 PRO 128GB ATA Device +++++
--- User ---
[MBR] 95971c24d891cdb5adeb05f5f162e7e7
[BSP] ffc631e517ecb90c4253bc6724dc2c11 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 122102 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD10EZEX-00BN5A0 ATA Device +++++
--- User ---
[MBR] 0366918b82c527d4e2dc65d1ccc7cc42
[BSP] ef348b5596c688be1359528247644c2e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] e96ab9aea2094f0689353897a775ae5b
[BSP] 1b7b7f6ce31d7a237f2ae3c4fdcf95cb : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: Generic STORAGE DEVICE USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

SXYYP · Jan 20, 2017

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/20/17
Scan Time: 4:14 PM
Logfile: report.txt
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.1057
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ChrisDawn-PC\Chris

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352102
Time Elapsed: 1 min, 39 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

SXYYP · Jan 20, 2017

# AdwCleaner v6.042 - Logfile created 20/01/2017 at 16:21:22
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-20.1 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Chris - CHRISDAWN-PC
# Running from : C:\Users\Chris\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150
[-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=997063
[-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.trovi.com/?ctid=CT3331786&SearchSource=55&CUI=18D9F08D-E849-40E6-9838-520D13DB8120&UM=5
[-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3962 Bytes] - [19/12/2016 22:17:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1447 Bytes] - [15/01/2017 12:24:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [1575 Bytes] - [20/01/2017 16:21:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [4107 Bytes] - [23/11/2016 18:41:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [3834 Bytes] - [19/12/2016 22:16:41]
C:\AdwCleaner\AdwCleaner[S2].txt - [2052 Bytes] - [19/12/2016 22:29:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [1582 Bytes] - [15/01/2017 12:23:48]
C:\AdwCleaner\AdwCleaner[S4].txt - [2266 Bytes] - [20/01/2017 16:19:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2013 Bytes] ##########

SXYYP · Jan 20, 2017

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Chris (Administrator) on Fri 01/20/2017 at 16:51:58.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 20

Successfully deleted: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File)
Successfully deleted: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1G6R81CY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3F2M31MF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S8ICUBN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9E2PD0SD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9O50Z7S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C009Q3DA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U08Y7A7V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM7KU1LZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1G6R81CY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3F2M31MF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S8ICUBN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9E2PD0SD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9O50Z7S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C009Q3DA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U08Y7A7V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM7KU1LZ (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/20/2017 at 16:53:37.86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Broni · Jan 20, 2017

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.
Close any open browsers.
Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix.
Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

Double-click on the Rkill desktop icon to run the tool.
If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

SXYYP · Jan 23, 2017

ComboFix 17-01-13.01 - Chris 01/23/2017 18:49:19.1.12 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16286.12379 [GMT -5:00]
Running from: c:\users\Chris\Downloads\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Updated* {A16C3F68-9280-E053-1818-342707FECF4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\WanPacket.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2016-12-23 to 2017-01-23 )))))))))))))))))))))))))))))))
.
.
2017-01-23 23:52 . 2017-01-23 23:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-21 17:12 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90D29E3C-DC8F-4334-B72D-53621AD4CF8B}\mpengine.dll
2017-01-20 21:51 . 2017-01-19 22:12 513632 ----a-w- c:\windows\system32\drivers\aswC6AE.tmp
2017-01-20 21:51 . 2017-01-19 22:12 293352 ----a-w- c:\windows\system32\drivers\aswC6DE.tmp
2017-01-20 21:51 . 2017-01-19 22:11 74544 ----a-w- c:\windows\system32\drivers\aswC68E.tmp
2017-01-20 21:51 . 2017-01-19 22:11 37656 ----a-w- c:\windows\system32\drivers\aswC61F.tmp
2017-01-20 21:51 . 2017-01-19 22:11 163416 ----a-w- c:\windows\system32\drivers\aswC846.tmp
2017-01-20 21:51 . 2017-01-19 22:11 108816 ----a-w- c:\windows\system32\drivers\aswC65E.tmp
2017-01-20 21:51 . 2017-01-19 22:11 103064 ----a-w- c:\windows\system32\drivers\aswC488.tmp
2017-01-20 21:51 . 2017-01-19 22:15 37144 ----a-w- c:\windows\system32\drivers\aswC32F.tmp
2017-01-19 05:02 . 2015-07-25 02:41 982720 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.6965.2117\ucrtbase.dll
2017-01-19 04:30 . 2017-01-19 22:11 -------- d-----w- c:\program files\Common Files\AV
2017-01-19 03:59 . 2017-01-23 23:48 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2017-01-19 03:59 . 2017-01-23 23:48 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2017-01-15 16:49 . 2017-01-19 22:28 -------- d-----w- c:\users\Chris\AppData\Local\Ubnrmedia
2017-01-15 16:49 . 2017-01-19 22:19 -------- d-----w- c:\users\Chris\AppData\Local\Iccsoft
2017-01-15 16:48 . 2017-01-15 16:54 -------- d--h--w- c:\users\Chris\AppData\Local\SysHashTable
2017-01-05 20:49 . 2017-01-05 20:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2017-01-05 01:26 . 2017-01-05 01:26 -------- d-----w- c:\users\Chris\AppData\Local\HirezLauncherUI
2017-01-05 01:25 . 2017-01-05 01:28 -------- d-----w- c:\programdata\Hi-Rez Studios
2017-01-05 01:25 . 2017-01-20 21:50 -------- d-----w- c:\program files (x86)\Hi-Rez Studios
2016-12-31 03:56 . 2016-12-31 03:56 -------- d-----w- c:\users\Chris\AppData\Local\Rockstar Games
2016-12-31 03:56 . 2016-12-31 03:56 -------- d-----w- c:\program files (x86)\Rockstar Games
2016-12-31 03:56 . 2016-12-31 03:56 -------- d-----w- c:\program files\Rockstar Games
2016-12-25 19:07 . 2017-01-15 03:04 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2016-12-25 17:14 . 2016-12-25 17:14 24832 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2016-12-25 17:09 . 2016-12-25 17:09 372000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2016-12-25 16:59 . 2016-12-25 16:59 209112 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-20 21:14 . 2016-08-17 04:39 250816 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-15 16:58 . 2012-07-17 19:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-12-25 19:59 . 2016-06-29 21:03 2834720 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-12-20 03:55 . 2016-12-20 03:55 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-12-20 02:41 . 2016-12-20 02:41 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys
2016-12-15 10:35 . 2016-12-15 10:35 367072 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2016-12-14 17:55 . 2016-12-20 03:33 77416 ----a-w- c:\windows\system32\drivers\mbae64.sys
2016-11-30 03:34 . 2016-11-30 03:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-11-30 03:34 . 2016-11-30 03:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-11-30 03:34 . 2016-11-30 03:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-11-30 03:34 . 2016-11-30 03:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-11-30 03:27 . 2016-11-30 03:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-30 03:27 . 2016-11-30 03:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-30 03:27 . 2016-11-30 03:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-30 03:27 . 2016-11-30 03:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-11-21 18:12 . 2016-12-13 21:10 109568 ----a-w- c:\windows\system32\hlink.dll
2016-11-20 16:19 . 2016-12-13 21:10 84992 ----a-w- c:\windows\SysWow64\hlink.dll
2016-11-20 14:07 . 2016-12-13 21:10 467392 ----a-w- c:\windows\system32\drivers\cng.sys
2016-11-17 16:41 . 2016-12-13 21:10 370920 ----a-w- c:\windows\system32\clfs.sys
2016-11-14 23:27 . 2016-12-13 21:10 394448 ----a-w- c:\windows\system32\iedkcs32.dll
2016-11-12 19:48 . 2016-12-13 21:10 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-11-12 19:48 . 2016-12-13 21:10 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-11-12 19:28 . 2016-12-13 21:10 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-11-12 19:26 . 2016-12-13 21:10 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-11-12 19:26 . 2016-12-13 21:10 417792 ----a-w- c:\windows\system32\html.iec
2016-11-12 19:25 . 2016-12-13 21:10 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-11-12 19:25 . 2016-12-13 21:10 576000 ----a-w- c:\windows\system32\vbscript.dll
2016-11-12 19:21 . 2016-12-13 21:10 2896384 ----a-w- c:\windows\system32\iertutil.dll
2016-11-12 19:15 . 2016-12-13 21:10 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-11-12 19:14 . 2016-12-13 21:10 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-11-12 19:09 . 2016-12-13 21:10 615936 ----a-w- c:\windows\system32\ieui.dll
2016-11-12 19:08 . 2016-12-13 21:10 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-11-12 19:08 . 2016-12-13 21:10 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-11-12 19:08 . 2016-12-13 21:10 25759744 ----a-w- c:\windows\system32\mshtml.dll
2016-11-12 19:07 . 2016-12-13 21:10 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-11-12 19:07 . 2016-12-13 21:10 817664 ----a-w- c:\windows\system32\jscript.dll
2016-11-12 18:56 . 2016-12-13 21:10 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-11-12 18:53 . 2016-12-13 21:10 6049280 ----a-w- c:\windows\system32\jscript9.dll
2016-11-12 18:52 . 2016-12-13 21:10 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-11-12 18:47 . 2016-12-13 21:10 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-11-12 18:41 . 2016-12-13 21:10 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 18:40 . 2016-12-13 21:10 107520 ----a-w- c:\windows\system32\inseng.dll
2016-11-12 18:35 . 2016-12-13 21:10 199680 ----a-w- c:\windows\system32\msrating.dll
2016-11-12 18:34 . 2016-12-13 21:10 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-11-12 18:31 . 2016-12-13 21:10 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-11-12 18:30 . 2016-12-13 21:10 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-11-12 18:29 . 2016-12-13 21:10 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-11-12 18:29 . 2016-12-13 21:10 498688 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-11-12 18:29 . 2016-12-13 21:10 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-11-12 18:28 . 2016-12-13 21:10 152064 ----a-w- c:\windows\system32\occache.dll
2016-11-12 18:27 . 2016-12-13 21:10 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-11-12 18:14 . 2016-12-13 21:10 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-11-12 18:14 . 2016-12-13 21:10 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-11-12 18:14 . 2016-12-13 21:10 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-11-12 18:11 . 2016-12-13 21:10 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-11-12 18:10 . 2016-12-13 21:10 806912 ----a-w- c:\windows\system32\msfeeds.dll
2016-11-12 18:08 . 2016-12-13 21:10 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-11-12 18:08 . 2016-12-13 21:10 2131456 ----a-w- c:\windows\system32\inetcpl.cpl
2016-11-12 17:57 . 2016-12-13 21:10 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-11-12 17:41 . 2016-12-13 21:10 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-11-12 17:37 . 2016-12-13 21:10 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-11-12 17:36 . 2016-12-13 21:10 2055680 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-11-12 17:36 . 2016-12-13 21:10 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-11-12 17:35 . 2016-12-13 21:10 2920960 ----a-w- c:\windows\system32\wininet.dll
2016-11-12 17:20 . 2016-12-13 21:10 1543680 ----a-w- c:\windows\system32\urlmon.dll
2016-11-12 17:11 . 2016-12-13 21:10 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-11-12 17:05 . 2016-12-13 21:10 2444800 ----a-w- c:\windows\SysWow64\wininet.dll
2016-11-10 16:32 . 2016-12-13 21:10 1009152 ----a-w- c:\windows\system32\user32.dll
2016-11-10 16:19 . 2016-12-13 21:10 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-11-09 16:41 . 2016-12-13 21:10 114408 ----a-w- c:\windows\system32\consent.exe
2016-11-09 16:33 . 2016-12-13 21:10 2048 ----a-w- c:\windows\system32\tzres.dll
2016-11-09 16:33 . 2016-12-13 21:10 3244032 ----a-w- c:\windows\system32\msi.dll
2016-11-09 16:33 . 2016-12-13 21:10 504320 ----a-w- c:\windows\system32\msihnd.dll
2016-11-09 16:33 . 2016-12-13 21:10 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-11-09 16:33 . 2016-12-13 21:10 70144 ----a-w- c:\windows\system32\appinfo.dll
2016-11-09 16:33 . 2016-12-13 21:10 1941504 ----a-w- c:\windows\system32\authui.dll
2016-11-09 16:17 . 2016-12-13 21:10 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-11-09 16:17 . 2016-12-13 21:10 2365440 ----a-w- c:\windows\SysWow64\msi.dll
2016-11-09 16:17 . 2016-12-13 21:10 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2016-11-09 16:17 . 2016-12-13 21:10 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2016-11-09 16:17 . 2016-12-13 21:10 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-11-09 16:02 . 2016-12-13 21:10 128512 ----a-w- c:\windows\system32\msiexec.exe
2016-11-09 15:55 . 2016-12-13 21:10 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2016-11-06 16:33 . 2016-12-13 21:10 404992 ----a-w- c:\windows\system32\gdi32.dll
2016-11-06 16:16 . 2016-12-13 21:10 312832 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-11-06 16:01 . 2016-12-13 21:10 3219456 ----a-w- c:\windows\system32\win32k.sys
2016-11-02 15:36 . 2016-11-08 22:14 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-08 22:14 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-08 22:14 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-11-02 15:32 . 2016-11-08 22:14 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-11-02 15:32 . 2016-11-08 22:14 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-11-02 15:22 . 2016-11-08 22:14 308456 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-11-02 15:16 . 2016-11-08 22:14 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-11-02 15:16 . 2016-11-08 22:14 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-11-02 15:16 . 2016-11-08 22:14 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-11-02 14:53 . 2016-11-08 22:14 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-10-27 15:33 . 2016-12-13 21:10 802304 ----a-w- c:\windows\system32\usp10.dll
2016-10-27 15:20 . 2016-12-13 21:10 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-10-26 21:29 . 2010-11-21 03:27 485032 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2016-10-31 19:43 564736 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2016-10-31 19:43 564736 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2016-10-31 19:43 564736 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-12-25 19:59 1522480 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-12-25 19:59 1522480 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-12-25 19:59 1522480 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-12-21 27250144]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-12-20 2876704]
"Spotify Web Helper"="c:\users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-12-23 1444976]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2016-12-22 1046496]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2016-11-17 67384]
.
c:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Send to OneNote.lnk - c:\program files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr [2016-6-29 169152]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWRVRT
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2016-10-31 19:45 592384 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2016-10-31 19:45 592384 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2016-10-31 19:45 592384 ----a-w- c:\users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-12-25 20:43 2099504 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-12-25 20:43 2099504 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-12-25 20:43 2099504 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-12-06 176440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.62 209.18.47.61
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-CyberGhost - c:\program files\CyberGhost 6\CyberGhost.exe
Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{3B5B973C-92A4-4855-9D3F-0F3D23332208} - (no file)
HKLM-Run-Wondershare Helper Compact.exe - c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
AddRemove-NCLauncher_NCWest - c:\program files (x86)\NCWest\NCLauncher\Uninstall.exe
AddRemove-League client alpha 1.0 - c:\riot games\League of Legends\Uninstall League client alpha.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2017-01-23 18:54:10
ComboFix-quarantined-files.txt 2017-01-23 23:54
.
Pre-Run: 39,095,595,008 bytes free
Post-Run: 38,894,899,200 bytes free
.
- - End Of File - - B7F7440866E8CF2632A4C2F28CE8B190
61379D084131F69958E478EA0D681342

Broni · Jan 23, 2017

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

SXYYP · Jan 24, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Chris (administrator) on CHRISDAWN-PC (24-01-2017 17:38:03)
Running from C:\Users\Chris\Downloads
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShareX Team) H:\ShareX\ShareX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClient.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
(Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe
(Spotify Ltd) C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Chris\Downloads\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1046496 2016-12-22] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-19] (Valve Corporation)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [Spotify Web Helper] => C:\Users\Chris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-23] (Spotify Ltd)
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-07]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-09-27]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{A0D072C1-C8BC-474C-9C06-15F384EA59CD}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{A53325C3-2F40-44AF-89C0-D16ABAB5180C}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-01-19] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-25] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-25] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-12-23] (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-08-07]
FF HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150
CHR StartupUrls: Default -> "hxxp://www.bing.com/","hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=967150","hxxps://search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=997063","hxxp://www.trovi.com/?ctid=CT3331786&SearchSource=55&CUI=18D9F08D-E849-40E6-9838-520D13DB8120&UM=5"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-27]
CHR Extension: (BetterTTV) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-27]
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-27]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-27]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-27]
CHR Extension: (Galaxy-View) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-06-27]
CHR Extension: (Tampermonkey) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-27]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2017-01-15]
CHR Extension: (Session Buddy) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2016-06-27]
CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-27]
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-27]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-01-20]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-11-06]
CHR Extension: (Momentum) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-27]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-27]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-25] (Microsoft Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [731648 2016-12-05] (Splashtop Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2016-10-05] (Leapdroid Inc.)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [85160 2016-04-18] (Logitech Inc.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-20] (Malwarebytes)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation)
R0 aswVmm; no ImagePath
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SXYYP · Jan 24, 2017

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 09:49 - 2017-01-24 09:49 - 00450450 _____ C:\Users\Chris\Downloads\PhaseDiagramv5.dir
2017-01-23 18:54 - 2017-01-23 18:54 - 00025799 _____ C:\ComboFix.txt
2017-01-23 18:48 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
2017-01-23 18:48 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
2017-01-23 18:48 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-01-23 18:48 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-01-23 18:48 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-01-23 18:48 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
2017-01-23 18:48 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
2017-01-23 18:48 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
2017-01-23 18:46 - 2017-01-23 18:46 - 00000000 ____D C:\Users\Chris\Documents\ProcAlyzer Dumps
2017-01-23 18:45 - 2017-01-23 18:54 - 00000000 ____D C:\Qoobox
2017-01-23 18:45 - 2017-01-23 18:53 - 00000000 ____D C:\Windows\erdnt
2017-01-23 18:45 - 2017-01-23 18:45 - 05659349 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe
2017-01-23 18:45 - 2017-01-23 18:45 - 00013306 _____ C:\Users\Chris\Desktop\ComboFix.exe - Shortcut.lnk
2017-01-20 16:51 - 2017-01-20 16:51 - 01663040 _____ (Malwarebytes) C:\Users\Chris\Downloads\JRT (1).exe
2017-01-20 16:51 - 2017-01-19 17:15 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC32F.tmp
2017-01-20 16:51 - 2017-01-19 17:12 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC3BD.tmp
2017-01-20 16:51 - 2017-01-19 17:12 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6AE.tmp
2017-01-20 16:51 - 2017-01-19 17:12 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6DE.tmp
2017-01-20 16:51 - 2017-01-19 17:11 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC846.tmp
2017-01-20 16:51 - 2017-01-19 17:11 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC65E.tmp
2017-01-20 16:51 - 2017-01-19 17:11 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC488.tmp
2017-01-20 16:51 - 2017-01-19 17:11 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC68E.tmp
2017-01-20 16:51 - 2017-01-19 17:11 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC61F.tmp
2017-01-20 16:17 - 2017-01-20 16:17 - 03988944 _____ C:\Users\Chris\Downloads\AdwCleaner.exe
2017-01-20 16:16 - 2017-01-20 16:16 - 00001047 _____ C:\Users\Chris\Desktop\report.txt
2017-01-20 15:49 - 2017-01-20 15:49 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-01-20 15:48 - 2017-01-20 16:13 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-20 15:48 - 2017-01-20 15:48 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-01-20 15:48 - 2017-01-20 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-01-20 15:48 - 2017-01-20 15:48 - 00000000 ____D C:\Program Files\RogueKiller
2017-01-20 15:46 - 2017-01-20 15:48 - 34741672 _____ (Adlice Software ) C:\Users\Chris\Downloads\setup (2).exe
2017-01-19 19:05 - 2017-01-19 19:05 - 00028486 _____ C:\Users\Chris\Downloads\Config.bin
2017-01-19 18:03 - 2017-01-19 18:03 - 00013272 _____ C:\Users\Chris\Desktop\FRST64 (1).exe - Shortcut.lnk
2017-01-19 17:41 - 2017-01-24 17:38 - 00000000 ____D C:\FRST
2017-01-19 17:41 - 2017-01-19 17:41 - 02193920 _____ (Farbar) C:\Users\Chris\Downloads\FRST64 (1).exe
2017-01-19 17:12 - 2017-01-19 17:12 - 00000000 ____D C:\Users\Chris\AppData\Roaming\AVAST Software
2017-01-19 17:11 - 2017-01-19 17:11 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-01-19 17:11 - 2017-01-19 17:11 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-01-19 17:09 - 2017-01-19 17:15 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-19 17:08 - 2017-01-20 16:51 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-19 17:08 - 2017-01-19 17:08 - 06334848 _____ (AVAST Software) C:\Users\Chris\Downloads\avast_free_antivirus_setup.exe
2017-01-19 15:39 - 2017-01-19 15:39 - 00000031 _____ C:\Users\Chris\Downloads\stream (1).m3u
2017-01-18 23:30 - 2017-01-19 17:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-18 23:30 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-01-18 22:59 - 2017-01-23 18:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-18 22:59 - 2017-01-23 18:48 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-18 22:59 - 2017-01-18 22:59 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-01-18 22:57 - 2017-01-18 22:58 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chris\Downloads\spybot-2.4.exe
2017-01-17 23:12 - 2017-01-17 23:12 - 00438301 _____ C:\Users\Chris\Downloads\session_buddy_backup_2017_01_17_23_12_31.json
2017-01-16 23:02 - 2017-01-21 10:22 - 00000504 _____ C:\Windows\setupact.log
2017-01-16 23:02 - 2017-01-20 16:50 - 00008040 _____ C:\Windows\PFRO.log
2017-01-16 23:02 - 2017-01-16 23:02 - 00000000 _____ C:\Windows\setuperr.log
2017-01-16 21:52 - 2017-01-16 21:53 - 08805960 _____ (Piriform Ltd) C:\Users\Chris\Downloads\ccsetup525pro.exe
2017-01-15 14:01 - 2017-01-15 14:01 - 00000031 _____ C:\Users\Chris\Downloads\stream.m3u
2017-01-15 11:49 - 2017-01-19 17:28 - 00000000 ____D C:\Users\Chris\AppData\Local\Ubnrmedia
2017-01-15 11:49 - 2017-01-19 17:19 - 00000000 ____D C:\Users\Chris\AppData\Local\Iccsoft
2017-01-15 11:48 - 2017-01-15 11:54 - 00000000 ___HD C:\Users\Chris\AppData\Local\SysHashTable
2017-01-14 19:37 - 2017-01-14 19:37 - 00033026 _____ C:\Users\Chris\Downloads\The Wasted Times 2016 (1).torrent
2017-01-11 15:50 - 2017-01-11 15:50 - 00135927 _____ C:\Users\Chris\Downloads\BlackJackFP.zip
2017-01-10 15:58 - 2017-01-05 13:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-10 15:58 - 2017-01-05 13:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-10 15:58 - 2017-01-05 13:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-10 15:58 - 2017-01-05 13:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-10 15:58 - 2017-01-05 12:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-10 15:58 - 2017-01-05 12:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-10 15:58 - 2017-01-05 12:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-10 15:58 - 2017-01-05 12:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-10 15:58 - 2017-01-05 12:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-10 15:58 - 2017-01-05 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-10 15:58 - 2017-01-05 12:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-04 20:26 - 2017-01-04 20:28 - 00000000 ____D C:\Users\Chris\Documents\My Games
2017-01-04 20:26 - 2017-01-04 20:26 - 00000000 ____D C:\Users\Chris\AppData\Local\HirezLauncherUI
2017-01-04 20:25 - 2017-01-20 16:50 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-01-04 20:25 - 2017-01-04 20:28 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-01-04 20:25 - 2017-01-04 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-12-31 19:20 - 2016-12-31 19:20 - 00994498 _____ C:\Users\Chris\Downloads\ElophantClient.zip
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Users\Chris\Documents\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Users\Chris\AppData\Local\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-30 22:56 - 2016-12-30 22:56 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-26 14:29 - 2017-01-15 18:57 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\uTorrent
2016-12-25 14:03 - 2016-12-25 14:07 - 00000000 ____D C:\Users\Chris\AppData\LocalLow\Daybreak Game Company
2016-12-25 14:03 - 2016-12-25 14:03 - 00000000 ____D C:\Users\Chris\AppData\Local\SCE
2016-12-25 14:03 - 2016-12-25 14:03 - 00000000 ____D C:\Users\Chris\AppData\Local\Daybreak Game Company
2016-12-25 14:03 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-25 14:03 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-25 14:03 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-25 14:03 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-25 14:03 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-25 14:03 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-25 14:03 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-25 14:03 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-25 14:03 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-25 14:03 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-25 14:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-25 14:03 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-25 14:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-25 14:03 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-25 14:03 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-25 14:03 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-25 14:03 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-25 14:03 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-25 14:03 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-25 14:03 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-25 14:03 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-25 14:03 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-25 14:03 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-25 14:03 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-25 14:03 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-25 14:03 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-25 14:03 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-25 14:03 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-25 14:03 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-25 14:03 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-25 14:03 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-25 14:03 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-25 14:03 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-25 14:03 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-25 14:03 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-25 14:03 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-25 14:03 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-25 14:03 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-25 14:03 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-25 14:03 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-25 14:03 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-25 14:03 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-25 14:03 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-25 14:03 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-12-25 14:03 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-25 14:03 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-25 14:03 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-25 14:03 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-25 14:03 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-25 14:03 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-25 14:03 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-25 14:03 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-25 14:03 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-25 14:03 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-25 14:03 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-25 14:03 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-25 14:03 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-25 14:03 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-25 14:03 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-25 14:03 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-25 14:03 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-25 14:03 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-25 14:03 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-25 14:03 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-25 14:03 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-25 14:03 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-25 14:03 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-25 14:03 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-25 14:03 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-25 14:03 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-25 14:03 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-25 14:03 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-25 14:03 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-25 14:03 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-25 14:03 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-25 14:03 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-25 14:03 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-25 14:03 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-25 14:03 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-25 14:03 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-25 14:03 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-24 17:38 - 2016-12-19 23:05 - 00021158 _____ C:\Users\Chris\Downloads\FRST.txt
2017-01-24 17:37 - 2016-06-27 19:32 - 01558719 _____ C:\Windows\WindowsUpdate.log
2017-01-24 17:25 - 2016-06-27 21:21 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Skype
2017-01-24 13:31 - 2016-12-19 15:37 - 00000000 ____D C:\Users\Chris\.jrebel
2017-01-24 13:31 - 2016-09-21 18:49 - 00000000 ____D C:\Program Files\NetBeans 8.1
2017-01-24 13:29 - 2016-08-08 22:53 - 00000000 ____D C:\Users\Chris\AppData\Local\Spotify
2017-01-24 10:11 - 2016-08-08 22:52 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Spotify
2017-01-24 10:05 - 2016-08-08 22:33 - 00000000 ____D C:\Users\Chris\AppData\Roaming\foobar2000
2017-01-24 09:46 - 2009-07-13 23:45 - 00021936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-24 09:46 - 2009-07-13 23:45 - 00021936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-23 18:54 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2017-01-23 18:52 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2017-01-21 21:31 - 2016-08-09 16:04 - 00000000 ____D C:\Users\Chris\Documents\ShareX
2017-01-21 13:14 - 2016-08-08 22:49 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-20 16:56 - 2009-07-14 00:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-20 16:53 - 2016-12-19 22:31 - 00003827 _____ C:\Users\Chris\Desktop\JRT.txt
2017-01-20 16:50 - 2016-07-29 16:46 - 00000000 ____D C:\ProgramData\DivX
2017-01-20 16:50 - 2016-06-29 19:17 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-20 16:50 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-20 16:21 - 2016-11-23 18:40 - 00000000 ____D C:\AdwCleaner
2017-01-20 16:14 - 2016-08-16 23:39 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-20 16:14 - 2016-06-29 15:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-19 18:04 - 2016-12-19 23:06 - 00063431 _____ C:\Users\Chris\Downloads\Addition.txt
2017-01-19 17:34 - 2016-07-29 16:48 - 00003652 _____ C:\Windows\System32\Tasks\DivXUpdate
2017-01-19 17:34 - 2016-07-29 16:48 - 00001575 _____ C:\Users\Chris\Desktop\DivX Movies.lnk
2017-01-19 17:34 - 2016-07-29 16:48 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2017-01-19 17:34 - 2016-07-29 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-01-19 17:34 - 2016-07-29 16:47 - 00000000 ____D C:\Program Files (x86)\DivX
2017-01-19 17:33 - 2016-07-29 16:48 - 00001091 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2017-01-19 17:33 - 2016-07-29 16:48 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DivX
2017-01-19 17:18 - 2016-06-27 21:21 - 00000000 ____D C:\ProgramData\Skype
2017-01-18 23:29 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2017-01-17 21:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2017-01-16 21:54 - 2016-07-29 16:25 - 00000000 ____D C:\Users\Chris\AppData\Roaming\uTorrent
2017-01-16 21:54 - 2016-07-12 21:49 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2017-01-16 21:54 - 2016-06-27 23:23 - 00000000 ____D C:\Windows\panther
2017-01-05 15:49 - 2016-06-27 21:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-04 20:25 - 2016-06-28 17:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-30 22:56 - 2016-06-27 20:16 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-08-21 13:39 - 2016-08-21 13:39 - 0003069 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2016-06-27 21:38 - 2016-12-20 23:08 - 0007599 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2016-08-07 17:32 - 2016-08-07 17:40 - 0000775 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 19:35

==================== End of FRST.txt ============================

SXYYP · Jan 24, 2017

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Chris (2017-01-24 17:38:22)
Running from C:\Users\Chris\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-06-28 00:32:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1550537845-2684649534-4076172876-500 - Administrator - Disabled)
Chris (S-1-5-21-1550537845-2684649534-4076172876-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-1550537845-2684649534-4076172876-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.141 - DivX, LLC)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
LeapdroidVM (HKLM-x32\...\LeapdroidVM) (Version: - LeapdroidVM)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6965.2117 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2117 - Microsoft Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
RogueKiller version 12.9.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.4.0 - Adlice Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.4.1 - ShareX Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.1.2.0 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17329 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

19-01-2017 17:33:33 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
20-01-2017 16:51:58 JRT Pre-Junkware Removal
21-01-2017 12:12:07 Windows Update
23-01-2017 18:48:29 ComboFix created restore point
24-01-2017 15:58:18 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2017-01-23 18:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B099184-4E16-445F-BEE6-2774A1260B9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {0B861F81-153C-463D-A350-7AB9ED4EC8A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-03] (Microsoft Corporation)
Task: {15423FE3-5D23-4E52-94DC-886C596778D4} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2016-12-15] (DivX, LLC)
Task: {18927CA6-75D7-4BA4-BDE4-562804F3BEA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-03] (Microsoft Corporation)
Task: {2ECCB766-91A1-4A96-B5C7-7248C3776A7C} - System32\Tasks\{5CF3A32E-342A-44E7-B566-D47504C0B1FB} => F:\Setup.exe
Task: {818EC731-DECB-46C5-8DDF-8F388A9BCA9D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-12] (Microsoft Corporation)
Task: {82568BAF-7173-4CA6-9FF0-09D1152CBA59} - System32\Tasks\{95B99FDC-E28F-4EB4-B0A0-15BDBE6969E9} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.24.0.104&LastError=12029
Task: {86B018C5-4B77-4039-A22C-A4C6870E61BD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-19] (AVAST Software)
Task: {89A731D0-D54B-430B-A5E0-A6305DB46D57} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-25] (Microsoft Corporation)
Task: {CDA559A8-B297-4E26-B5E5-A415588609AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.)
Task: {E23C8A84-17AB-4F04-93B4-BB2D97F3B9D2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-01-03] (Microsoft Corporation)
Task: {EC04B053-171B-48B3-964A-791AD13BF9C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-25] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (Whitelisted) ==============

2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-29 19:17 - 2016-06-02 22:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-31 14:45 - 2016-10-31 14:45 - 00592384 _____ () C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX64.dll
2016-06-29 16:04 - 2016-12-25 15:43 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-12-14 21:22 - 2016-12-08 03:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 21:22 - 2016-12-08 03:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 04581368 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClient.exe
2017-01-11 15:44 - 2017-01-11 15:44 - 03461112 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
2017-01-11 21:22 - 2017-01-11 21:22 - 31167576 _____ () C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-10-31 14:43 - 2016-10-31 14:43 - 00564736 _____ () C:\Users\Chris\AppData\Local\MEGAsync\ShellExtX32.dll
2016-06-29 16:04 - 2016-12-25 14:59 - 08919752 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 03335680 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01041408 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 02523648 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00583680 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-account-settings\rcp-be-lol-account-settings.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00582144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00732672 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00630272 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00563200 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00707584 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00862208 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00934400 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00690176 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00657408 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00632320 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 02491392 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00159224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libexpat.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 02015232 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00559616 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00582144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00580096 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00606720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00564224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01121280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00955904 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00557056 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01043968 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00685568 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01558528 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00854016 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01177088 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00702464 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00825856 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00543744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00552960 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00622080 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00820224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00585728 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00594944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kudos\rcp-be-lol-kudos.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00663040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00898048 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00674304 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00681984 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00668160 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00594944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00611840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00737280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00709632 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00852992 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 01705472 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00638976 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00780288 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00579072 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00697856 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00571392 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00547328 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2017-01-11 15:44 - 2017-01-11 15:44 - 00600576 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00607744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00549888 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 55617504 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libcef.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 01876448 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libglesv2.dll
2017-01-11 15:43 - 2016-12-08 17:14 - 00021984 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libegl.dll
2016-03-17 07:58 - 2016-03-17 07:58 - 00095696 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 00160704 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2016-03-09 07:42 - 2016-03-09 07:42 - 00307200 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00250368 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 01087960 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2016-03-25 05:58 - 2016-03-25 05:58 - 00263168 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2016-03-25 05:58 - 2016-03-25 05:58 - 00309760 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2016-03-25 06:04 - 2016-03-25 06:04 - 01409496 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00375296 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00205312 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00356352 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2016-03-09 07:44 - 2016-03-09 07:44 - 00536064 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2016-03-09 07:42 - 2016-03-09 07:42 - 00294912 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.62 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{E645FC8F-0C57-4174-94FA-ADF77F3176C5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3B837C2E-C9C6-48CE-9FC8-C1B41B8D0D47}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F1ABF086-C96E-4EFD-8E24-5DDD442BFB4C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB4F1A6F-A87D-43C1-9587-D44AFA04DCD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6C5ED8B4-B807-4F2C-84D7-9FCD6948B84D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8B23274A-4871-47B4-9973-545808A48025}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BD3EA478-8F53-4B3C-A6D6-CD11F294C69C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{42F0FE4F-0ECE-453D-91F6-D46127A672CD}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7D04B3AE-4ED9-458D-96B7-EC76BE57FE04}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1F1CC42-2163-4666-A025-A6603545EA48}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8053E5D7-6AAF-4421-AA74-91931C4D521D}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D310966B-68E5-4CBA-8C2D-81406FD43FB4}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A72DFF91-B69A-48CF-9B06-BEDC4A64BBBA}] => (Allow) C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4A16E5F2-8D68-4E5D-AAA7-D9F387F2D67D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{96D1674B-15B3-46EC-800B-4E1BAD17F55C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9EC18DD3-5C93-40F9-87F3-0F6B8254F09A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2DDD38A2-56E0-4480-B04C-5969035C9C1B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{976859E5-FB52-4BD7-B638-3CE9B04DC3A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{72FD1390-6961-4FE8-ACB1-941E406D7983}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{AC3D228C-75F1-4827-865C-B1EDEA8C78A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{749CD7EC-2154-4527-9663-C37D0321B15C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{51EA0340-C422-4A44-A8EA-C44330265305}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{3F2EAC1C-5679-4EBE-A13A-5EA4C92ACBB0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{8D12F3C8-9F20-4C00-944C-3DF2ADC57DA3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B77F56EB-BEA4-47B6-9CB9-E2B21D480B69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B7629A83-E156-4316-9F3A-8411BDA05366}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D3197A52-1506-4B1E-B2F3-CFA1BF49EBAC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AB87714F-EB67-4BA4-BDE0-6005551F5741}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B919E389-6858-499C-BE4C-86BB3CF61F01}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B260B33-C804-4CA8-BF4D-BD3FD9E1F4D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CAA056CA-6013-4677-BCDB-2FC972D9D764}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3EBBF2E8-284E-444A-A0F6-C7ED8C284D42}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{5699316A-A1AA-4C7A-88EF-B790829FC1D4}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0AC8B108-FE92-415A-BD96-4973AF86D076}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{643A9AE0-48EC-4412-AB02-F06094A8DF13}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{96A4BDFE-7C88-4B4E-997D-C13F3482060C}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DC225015-D094-4FA5-A5A7-EE19D2139B32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FE387347-A7B4-4281-ACA4-29AA768A01C0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C3EDDA66-5381-4601-B4F6-0CE87D6E2F35}] => (Allow) LPort=2869
FirewallRules: [{3956E1C8-5572-4C11-B8B0-056EB2C53F6F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D9693A31-0FC9-4F7E-B39D-C49E01148A77}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9274A531-EAC6-4104-96BF-BBD4D5D07DD5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{4097C25F-858B-4CF3-84D4-2F27A89D9FE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{045C6E37-BA02-49EC-BF8E-3A930A7DAE9C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8B10E54-3918-4C1F-963C-C8C278020284}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C13A70D0-BB60-4CD0-851F-D15B6443A267}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{49BF69D6-A704-4752-9FAA-4BD54E77FC1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9EA6BC2C-DD4E-4951-8AF4-177673491045}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08B27EF5-041A-4CC2-BF19-2462152B360A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{51C65A0A-3322-480F-824E-CE46E7892ECB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{7BB3CE84-0AEA-40C9-8D43-91A7ECA25958}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [UDP Query User{9D3CC9F8-080C-41CF-894B-6E3A6E59D587}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [{2F8821C2-F532-4424-84B5-07424B2E32E2}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{4ABED4B6-AD15-463B-ADA2-9D58F75867BC}] => (Allow) H:\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{72549DE2-7B5C-46F1-9AB3-25E1EDE0CCAB}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{EFD5118A-5C63-4937-87D0-CE0F33D353A5}H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) H:\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{1ADAA85D-5C0B-4721-9FF7-AA9FD22FDCC0}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3879E1E9-298E-4074-B8E2-E285EC135987}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DAA6432D-D3DB-4B7E-96D9-F9DE8EEBBE36}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B589CB9C-28B7-4B5D-A9EE-E17957189310}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{21772F45-2933-4096-A854-AEF871F8864A}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{926CE8CB-D5E4-41B3-AA9B-3EA31B9E99E1}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{74EDDAC7-52C4-4369-8B24-2E2606126BA7}] => (Allow) H:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{25159AA8-B78C-400E-B604-C5625D295ECF}] => (Allow) H:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{883BFD76-AA64-4ECA-8D9D-4E6847320253}H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{7AABAB2F-CDB4-4C20-9640-E61E62AE9432}H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) H:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{18A65697-0052-4E7A-B412-7292DF78A00F}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{5AD49244-9ACF-4969-89BD-03162D238A67}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{395ECEB7-2F35-4E42-BBAE-12B2B5F4257C}] => (Allow) H:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{D92394D8-7DA8-4081-A024-2F0E35F28725}] => (Allow) H:\SteamLibrary\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{C96FCD37-0C41-442F-A0F0-58341BBAC94B}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe

SXYYP · Jan 24, 2017

==================== Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: System Interrupt Controller
Description: System Interrupt Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Performance Counters
Description: Performance Counters
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Revert.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 03:58:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswKbd.

System Error:
The system cannot find the file specified.
.

Error: (01/24/2017 12:19:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9828

Error: (01/24/2017 12:19:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9828

System errors:
=============
Error: (01/24/2017 09:38:18 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/23/2017 06:52:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/23/2017 06:52:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/23/2017 06:50:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/23/2017 06:45:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/23/2017 06:45:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

Error: (01/20/2017 04:21:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1069

Error: (01/20/2017 04:21:33 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/20/2017 04:21:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/20/2017 04:21:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

CodeIntegrity:
===================================
Date: 2017-01-23 18:52:35.992
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-23 18:52:35.962
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:33:31.413
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:33:31.413
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:32:48.090
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:32:48.085
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:17:18.436
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-06-27 21:17:18.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 36%
Total physical RAM: 16285.66 MB
Available physical RAM: 10315.43 MB
Total Virtual: 32569.51 MB
Available Virtual: 24684.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:35.63 GB) NTFS
Drive d: () (Fixed) (Total:119.24 GB) (Free:119.11 GB) NTFS
Drive h: () (Fixed) (Total:931.51 GB) (Free:490.88 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive l: () (Fixed) (Total:111.79 GB) (Free:111.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=119.2 GB) - (Type=04)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 34946434)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3CDE3E97)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3CDE3E90)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Broni · Jan 24, 2017

What happened to Avast?
I don't see any AV program running.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

SXYYP · Jan 26, 2017

You needed to disable your AV for one of the programs and since I was planning on buying one after I uninstalled it.

Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Chris (2017-01-26 15:21:56) Run:2
Running from C:\Users\Chris\Downloads
Loaded Profiles: Chris (Available Profiles: Chris)
Boot Mode: Normal
==============================================

fixlist content:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
R0 aswVmm; no ImagePath
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
2016-08-21 13:39 - 2016-08-21 13:39 - 0003069 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel
2016-06-27 21:38 - 2016-12-20 23:08 - 0007599 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
2016-08-07 17:32 - 2016-08-07 17:40 - 0000775 _____ () C:\ProgramData\hpzinstall.log

*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0PerformanceMonitor" => key removed successfully
HKCR\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
ZAMSvc => service removed successfully
aswVmm => Unable to stop service.
aswVmm => service removed successfully
catchme => service removed successfully
ZAM => service removed successfully
ZAM_Guard => service removed successfully
C:\Users\Chris\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Chris\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\ProgramData\hpzinstall.log => moved successfully

==== End of Fixlog 15:22:02 ====

Broni · Jan 26, 2017

You have to install some AV program right away.

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

Broni · Feb 1, 2017

Still with me?

SXYYP · Feb 1, 2017

Security Check
Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Google Chrome (55.0.2883.87)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

SXYYP · Feb 1, 2017

FSS
Farbar Service Scanner Version: 27-01-2016
Ran by Chris (administrator) on 01-02-2017 at 15:32:26
Running from "C:\Users\Chris\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

SXYYP · Feb 1, 2017

2017-02-01 20:38:08.658 Sophos Virus Removal Tool version 2.5.6
2017-02-01 20:38:08.658 Copyright (c) 2009-2016 Sophos Limited. All rights reserved.

2017-02-01 20:38:08.658 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2017-02-01 20:38:08.658 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2017-02-01 20:38:08.658 Checking for updates...
2017-02-01 20:38:08.688 Update progress: proxy server not available
2017-02-01 20:38:15.502 Downloading updates...
2017-02-01 20:38:15.502 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2017-02-01 20:38:15.502 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-02-01 20:38:15.502 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-02-01 20:38:15.502 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2017-02-01 20:38:15.502 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I49502] sdds.data0910.xml: found supplement IDE536 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2017-02-01 20:38:15.502 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE536 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE536 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I49502] sdds.data0910.xml: found supplement IDE537 LATEST path= baseVersion= [included from product IDE536 LATEST path=]
2017-02-01 20:38:15.502 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE537 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE537 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I49502] sdds.data0910.xml: found supplement IDE538 LATEST path= baseVersion= [included from product IDE537 LATEST path=]
2017-02-01 20:38:15.502 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE538 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE538 LATEST path=
2017-02-01 20:38:15.502 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2017-02-01 20:38:15.878 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2017-02-01 20:38:15.888 Update progress: [I19463] Product download size 156130248 bytes
2017-02-01 20:38:16.018 Option all = no
2017-02-01 20:38:16.018 Option recurse = yes
2017-02-01 20:38:16.018 Option archive = no
2017-02-01 20:38:16.018 Option service = yes
2017-02-01 20:38:16.018 Option confirm = yes
2017-02-01 20:38:16.018 Option sxl = yes
2017-02-01 20:38:16.018 Option max-data-age = 35
2017-02-01 20:38:16.018 Option vdl-logging = yes
2017-02-01 20:38:16.018 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-02-01 20:38:16.018 Machine ID: c4128e9619064413afc12dab01723daa
2017-02-01 20:38:16.018 Component SVRTcli.exe version 2.5.6
2017-02-01 20:38:16.018 Component control.dll version 2.5.6
2017-02-01 20:38:16.018 Component SVRTservice.exe version 2.5.6
2017-02-01 20:38:16.018 Component engine\osdp.dll version 1.44.1.2270
2017-02-01 20:38:16.018 Component engine\veex.dll version 3.67.0.2270
2017-02-01 20:38:16.018 Component engine\savi.dll version 9.0.5.2270
2017-02-01 20:38:16.028 Component rkdisk.dll version 1.5.31.1
2017-02-01 20:38:16.028 Version info: Product version 2.5.6
2017-02-01 20:38:16.028 Version info: Detection engine 3.67.0
2017-02-01 20:38:16.028 Version info: Detection data 5.32
2017-02-01 20:38:16.028 Version info: Build date 10/4/2016
2017-02-01 20:38:16.028 Version info: Data files added 742
2017-02-01 20:38:16.028 Version info: Last successful update (not yet updated)
2017-02-01 20:38:31.338 Update progress: [I19463] Syncing product IDE536 LATEST path=
2017-02-01 20:38:31.339 Update progress: [I19463] Product download size 3527452 bytes
2017-02-01 20:38:31.553 Update progress: [I19463] Syncing product IDE537 LATEST path=
2017-02-01 20:38:31.553 Update progress: [I19463] Product download size 2048333 bytes
2017-02-01 20:38:31.616 Update progress: [I19463] Syncing product IDE538 LATEST path=
2017-02-01 20:38:31.629 Installing updates...
2017-02-01 20:38:32.229 Error level 1
2017-02-01 20:38:33.960 Update successful
2017-02-01 20:38:42.543 Option all = no
2017-02-01 20:38:42.543 Option recurse = yes
2017-02-01 20:38:42.543 Option archive = no
2017-02-01 20:38:42.543 Option service = yes
2017-02-01 20:38:42.543 Option confirm = yes
2017-02-01 20:38:42.543 Option sxl = yes
2017-02-01 20:38:42.544 Option max-data-age = 35
2017-02-01 20:38:42.544 Option vdl-logging = yes
2017-02-01 20:38:42.552 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2017-02-01 20:38:42.552 Machine ID: c4128e9619064413afc12dab01723daa
2017-02-01 20:38:42.553 Component SVRTcli.exe version 2.5.6
2017-02-01 20:38:42.553 Component control.dll version 2.5.6
2017-02-01 20:38:42.553 Component SVRTservice.exe version 2.5.6
2017-02-01 20:38:42.554 Component engine\osdp.dll version 1.44.1.2280
2017-02-01 20:38:42.554 Component engine\veex.dll version 3.68.0.2280
2017-02-01 20:38:42.554 Component engine\savi.dll version 9.0.7.2280
2017-02-01 20:38:42.554 Component rkdisk.dll version 1.5.31.1
2017-02-01 20:38:42.554 Version info: Product version 2.5.6
2017-02-01 20:38:42.554 Version info: Detection engine 3.68.0
2017-02-01 20:38:42.554 Version info: Detection data 5.35
2017-02-01 20:38:42.554 Version info: Build date 1/10/2017
2017-02-01 20:38:42.554 Version info: Data files added 320
2017-02-01 20:38:42.554 Version info: Last successful update 2/1/2017 3:38:33 PM

2017-02-01 20:42:46.604 Could not open C:\hiberfil.sys
2017-02-01 20:42:46.604 Could not open C:\pagefile.sys
2017-02-01 20:47:57.566 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f541-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f572-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f646-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f699-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f813-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:57.567 Could not open C:\System Volume Information\{8236f83f-df56-11e6-8d61-c008b2e6e103}{3808876b-c176-4e48-b7ae-04046e6cc752}
2017-02-01 20:47:58.642 Could not open C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Current Session
2017-02-01 20:47:58.642 Could not open C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2017-02-01 20:48:07.929 >>> Virus 'Mal/Generic-S' found in file C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe
2017-02-01 20:48:07.929 >>> Virus 'Mal/Generic-S' found in file C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe
2017-02-01 20:48:07.929 >>> Virus 'Mal/Generic-S' found in file C:\Users\Chris\AppData\Local\Iccsoft\tmp3368.exe
2017-02-01 20:48:07.929 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2017-02-01 20:48:07.930 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-1550537845-2684649534-4076172876-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2017-02-01 20:48:07.930 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2017-02-01 20:50:57.499 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2017-02-01 20:50:57.499 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2017-02-01 20:50:58.274 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2017-02-01 20:50:58.274 Could not open C:\Windows\System32\config\RegBack\SAM
2017-02-01 20:50:58.275 Could not open C:\Windows\System32\config\RegBack\SECURITY
2017-02-01 20:50:58.276 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2017-02-01 20:50:58.276 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2017-02-01 20:57:17.068 Could not open LOGICAL:0005:00000000
2017-02-01 20:57:17.078 Could not open F:\
2017-02-01 20:57:17.085 Could not open LOGICAL:0006:00000000
2017-02-01 20:57:17.097 Could not open G:\
2017-02-01 20:59:01.724 Could not open H:\Boot\BCD
2017-02-01 21:09:07.476 Could not open PHYSICAL:0084:0000:0000:0001
2017-02-01 21:09:07.476 The following items will be cleaned up:
2017-02-01 21:09:07.476 Mal/Generic-S

Broni · Feb 1, 2017

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

==================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

11. Please, let me know, how your computer is doing.

Broni · Feb 6, 2017

The issue seems to be resolved.

Solved Issues with internet due to possible malware/virus

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 56,041 +516

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 56,041 +516

Posts: 17 +0

Posts: 56,041 +516

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 56,041 +516

Attachments

Posts: 17 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 17 +0

Posts: 17 +0

Posts: 17 +0

Posts: 56,041 +516

Posts: 56,041 +516

Similar threads