Solved Virus causing pc internet to slow down and turn off

[HenrikNoVirus]

I've had this issue for a few months now, and at first I didn't really realize that it was a virus until I found out this only happened to my computer.
For some reason it made my brother get bad connection as well. At one point I managed to get the virus removed (temporary)! And then it worked fine, but it came back. I've tried to do many scans with Malware Bytes, Adware Bytes & Avast PC Cleanup, but it keeps coming back, and my computer seems to slow down and have errors when I launch games and such.

I should also mention that my standard browser, Google Chrome is having many issues. I get new searchtools set as my standard search engine without my permission, and I can't get them removed. Examples: www.mystarting123search.com, luckysearch123, luckypageing123, mysearch, rocketTab
and I've gone through a couple more hijackers like these.
At one point I kept getting the Mozilla Firefox browser installed automatically and set as default browser and put into the windows taskbar.

I recently did a scan with Farbar Recovery Scan Tool and I'll attach the text files that came with it.

I'm running on 64-bit Windows 10 Enterprise, 8GB Ram.

I would love for this virus stuff to end, hate it, ahah.. Please help!
xoxo, Henrik

 

[HenrikNoVirus]

I think some on you told me to not post the text files as attached files, but I can't post more than 50000 characters!

 

[HenrikNoVirus]

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-06-27 16:23:00
Windows 6.2.9200 x64
Running: lg6yt776.exe


---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\MUI\StringCacheSettings@StringCacheGeneration 200
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 866388206
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14939127316872294@SetupOperations ???I?????I?I?I?j?j?j????????????????????????????????????????????? ???????@???????????^?@??????????h?&???????????????????????? ???????@???????????^?@??????????I?&????????????????????????????7???????????d???????????????????@???A???????????I???????????I??? ???????@???????????^?@??????????v?&????????????????????????????????????????d??? ???????I???????????I???????? ??????????????????????????I???&??Commited?????I?I?I?I?I?I?????????????&???????????????????????????????????I???????????????????&???????????c???????????????????I??????????? ???????I???????????I???????? ??????????????????????????I??????Commited?????I?I?I?I?I?j???????????????????????????????????????tC:???????I???s??????dr??????as???????????????????????????j???????k???I??????????????MoveFile("\??\C:\Program Files\AVAST Software\Avast\avBF83B.tmp","\??\C:\Program Files\AVAST Software\Avast\avBugReport.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\AvDF89A.tmp","\??\C:\Program Files\AVAST Software\Avast\AvDump32.exe",TRUE)?MoveFile("\??\C:\Pro
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@PerfMMFileName Global\MMF_BITSa43735f9-985d-492a-9f9c-d26f2427890a
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xF1 0x99 0x1F 0xCC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xF1 0x01 0xE4 0x2D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xF1 0x31 0x5B 0x6A ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\62\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\MMDEVAPI\{0.0.0.00000000}.{3DE07338-E951-4156-BCB8-68272246E388}\Interfaces\{e6327cad-dcec-4949-ae8a-991e976a79d2}\Properties\{a2a3fff4-353f-407c-9d86-1f9dc7d5a606}\0002@ 0x64 0x62 0x02 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\MMDEVAPI\{0.0.0.00000000}.{CA783EFB-B2AE-438D-ACBC-A28F9FC4BEF9}\Interfaces\{e6327cad-dcec-4949-ae8a-991e976a79d2}\Properties\{a2a3fff4-353f-407c-9d86-1f9dc7d5a606}\0002@ 0x64 0x62 0x02 0x00 ...

---- EOF - GMER 2.2 ----

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

========================================

Please observe forum rules.
1. All logs have to pasted not attached. Split logs between couple of replies if necessary.
2. Do NOT any other tools than those I ask for.

 

[HenrikNoVirus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by Henrik (administrator) on HENRIK (27-06-2017 15:14:45)
Running from C:\Users\Henrik\Downloads
Loaded Profiles: Henrik (Available Profiles: Henrik)
Platform: Windows 10 Enterprise Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Scarlet.Crush Productions) D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Scarlet.Crush Productions) D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Greenshot)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-04] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Spotify Web Helper] => C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Spotify] => C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Discord] => C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Reflector2] => [X]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-04] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2017-06-15]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2017-06-15]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-15]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{37330187-6ff4-4ef2-8217-dfdbaa4c78c1}: [DhcpNameServer] 109.247.114.4 92.220.228.70
ManualProxies:

 

[HenrikNoVirus]

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001 -> hxxp://www.google.com

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)

Chrome:
=======
CHR res: Infected resources.pak (search_engine). Reinstall Chrome. <==== ATTENTION
CHR DefaultProfile: ChromeDefaultData
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/index.php?q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> f
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-27] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-12]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-11]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2017-03-26]
CHR Extension: (Google Docs) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-12]
CHR Extension: (Google Drive) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-13]
CHR Extension: (Turn Off the Lights) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-06-19]
CHR Extension: (YouTube) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-12]
CHR Extension: (Avast Passwords) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-04-03]
CHR Extension: (Avast SafePrice) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-15]
CHR Extension: (Google Sheets) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-13]
CHR Extension: (AdBlock) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-26]
CHR Extension: (Avast Online Security) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18]
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-26]
CHR Extension: (Google Slides) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-27]
CHR Extension: (Google Docs) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-27]
CHR Extension: (Google Drive) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]
CHR Extension: (YouTube) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-17]
CHR Extension: (Google Sheets) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Avast Online Security) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-27]
CHR Extension: (Gmail) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-04] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-05-30] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-06-04] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd)
R2 Ds3Service; D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-09] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [1102848 2012-03-26] (Atheros Communications, Inc.) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-25] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-25] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [File not signed]
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [307928 2013-11-11] ()
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S3 WsDrvInst; "D:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe" [X]

 

[HenrikNoVirus]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Alpham1; C:\WINDOWS\System32\drivers\Alpham164.sys [52992 2016-10-12] (Ideazon Corporation)
R3 Alpham2; C:\WINDOWS\System32\drivers\Alpham264.sys [21760 2016-10-12] (Ideazon Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-04] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-04] (AVAST Software)
R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R3 automap; C:\WINDOWS\system32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
R3 camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [139264 2012-10-17] (Guillemot Corporation)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\system32\DRIVERS\dtliteusbbus.sys [47672 2017-01-16] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-10-12] ()
R3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2017-06-08] (hxxp://libusb-win32.sourceforge.net)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-27] (Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 OM0530; C:\WINDOWS\System32\Drivers\ov530vx.sys [172928 2012-10-17] (OmniVision Technology Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45896 2017-05-10] (SteelSeries ApS)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-11-25] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-04-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-04-08] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-27 15:14 - 2017-06-27 15:15 - 00031451 _____ C:\Users\Henrik\Downloads\FRST.txt
2017-06-27 15:14 - 2017-06-27 15:14 - 00000000 ____D C:\FRST
2017-06-27 04:36 - 2017-06-27 04:37 - 22389014 _____ C:\Users\Henrik\Desktop\this feelin.wav
2017-06-27 04:32 - 2017-06-27 04:33 - 28885646 _____ C:\Users\Henrik\Desktop\break down.wav
2017-06-27 04:24 - 2017-04-21 01:40 - 116572558 _____ C:\Users\Henrik\Desktop\cinema.wav
2017-06-27 04:22 - 2017-01-25 20:49 - 08146778 _____ C:\Users\Henrik\Desktop\rhodee.wav
2017-06-27 04:21 - 2017-06-27 04:22 - 26442394 _____ C:\Users\Henrik\Desktop\hold you down.wav
2017-06-27 04:17 - 2017-06-27 04:18 - 23750754 _____ C:\Users\Henrik\Desktop\gone.wav
2017-06-27 04:08 - 2017-06-27 04:09 - 23299362 _____ C:\Users\Henrik\Desktop\goin down.wav
2017-06-27 04:05 - 2017-06-27 04:05 - 27170766 _____ C:\Users\Henrik\Desktop\broken pieces.wav
2017-06-27 03:48 - 2017-06-27 03:48 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-06-27 01:29 - 2017-06-27 01:30 - 35489760 _____ (Adlice Software ) C:\Users\Henrik\Downloads\RogueKiller_setup.exe
2017-06-27 01:28 - 2017-06-27 15:14 - 02441216 _____ (Farbar) C:\Users\Henrik\Downloads\FRST64.exe
2017-06-27 01:28 - 2017-06-27 01:28 - 05365336 _____ (COMODO) C:\Users\Henrik\Downloads\cispremium_installer.exe
2017-06-26 22:04 - 2017-06-27 00:22 - 00000000 ____D C:\Users\Henrik\Documents\ProfileCache
2017-06-26 22:04 - 2017-06-27 00:10 - 00000000 ____D C:\Users\Henrik\Documents\The Crew
2017-06-26 22:01 - 2017-06-26 22:01 - 00000000 ____D C:\Users\Henrik\AppData\Local\Ubisoft
2017-06-26 20:45 - 2017-06-26 20:45 - 00066805 _____ C:\Users\Henrik\Desktop\frank.flp
2017-06-26 20:32 - 2017-06-27 01:52 - 00000000 ____D C:\Users\Henrik\Desktop\SLAM_v1.5.0
2017-06-26 20:32 - 2017-06-26 20:32 - 00428153 _____ C:\Users\Henrik\Downloads\SLAM_v1.5.0.zip
2017-06-26 20:27 - 2017-06-26 20:27 - 06080731 _____ C:\Users\Henrik\Desktop\undisclosed_1.psd
2017-06-26 20:24 - 2017-06-26 20:24 - 98326400 _____ C:\Users\Henrik\Desktop\sdfjb.psd
2017-06-26 20:20 - 2017-06-26 20:20 - 06078801 _____ C:\Users\Henrik\Desktop\undisclosed.psd
2017-06-26 20:17 - 2017-06-26 20:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsigned95b6f2d1b211c2
2017-06-26 19:56 - 2017-06-26 19:56 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsignc2e65c25b1a84bb4
2017-06-26 19:29 - 2017-06-26 19:30 - 07778738 _____ C:\Users\Henrik\Desktop\Untitled-1.psd
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsigna191f7155c7d6bd2
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign678c5de269c56621
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign181fb23a8a2d00b6
2017-06-26 19:19 - 2017-06-26 19:19 - 00003702 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-MicrosoftAccount-ciizify@hotmail.com
2017-06-26 19:00 - 2017-06-26 19:01 - 54802970 _____ C:\Users\Henrik\Desktop\aeth.wav
2017-06-26 18:34 - 2017-06-26 18:35 - 37596774 _____ C:\Users\Henrik\Desktop\ambient.wav
2017-06-26 18:32 - 2017-06-26 18:32 - 30364834 _____ C:\Users\Henrik\Desktop\lol2.wav
2017-06-26 18:28 - 2017-06-26 18:30 - 44280222 _____ C:\Users\Henrik\Desktop\omglul.wav
2017-06-26 17:51 - 2017-06-26 17:51 - 45588522 _____ C:\Users\Henrik\Desktop\quick.wav
2017-06-26 00:05 - 2017-06-26 00:05 - 03089601 _____ C:\Users\Henrik\Downloads\soundeffects.zip
2017-06-25 20:38 - 2017-06-25 20:40 - 00000110 _____ C:\Users\Henrik\Desktop\rush.txt
2017-06-25 19:41 - 2017-06-25 19:41 - 00000222 _____ C:\Users\Henrik\Desktop\The Crew.url
2017-06-25 19:10 - 2017-06-25 19:10 - 54854408 _____ (Electronic Arts) C:\Users\Henrik\Downloads\OriginThinSetup (1).exe
2017-06-25 16:45 - 2017-06-25 16:45 - 00014184 _____ C:\Users\Henrik\Downloads\The Emotions - Best of My Love - Part_2.wav
2017-06-25 16:41 - 2017-06-25 16:41 - 00048960 _____ C:\Users\Henrik\Downloads\The Emotions - Best of My Love - Part_1.wav
2017-06-25 00:23 - 2017-06-25 00:32 - 690662708 _____ C:\Users\Henrik\Downloads\CSS_Content_Addon_(Dec2013).rar
2017-06-24 23:54 - 2017-06-24 23:54 - 00000220 _____ C:\Users\Henrik\Desktop\Garry's Mod.url
2017-06-24 15:46 - 2017-06-24 15:46 - 00037830 _____ C:\Users\Henrik\Downloads\mod_chatBubbles-1.0.1c_for_1.10.0.litemod
2017-06-24 15:46 - 2017-06-24 15:46 - 00037830 _____ C:\Users\Henrik\Downloads\mod_chatBubbles-1.0.1c_for_1.10.0 (1).litemod
2017-06-24 15:43 - 2017-06-24 15:43 - 00093431 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.11.2_00_lite_mc1.11.2.litemod
2017-06-24 15:43 - 2017-06-24 15:43 - 00093406 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.10_00_lite_mc1.10 (1).litemod
2017-06-24 15:42 - 2017-06-24 15:43 - 03999694 _____ () C:\Users\Henrik\Downloads\liteloader-installer-1.10.2-00 (1).exe
2017-06-24 15:26 - 2017-06-24 15:26 - 04612343 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2185-installer-win (1).exe
2017-06-24 15:23 - 2017-06-24 15:23 - 01464826 _____ C:\Users\Henrik\Downloads\worldedit-forge-mc1.10.2-6.1.4-dist (1).jar
2017-06-23 13:53 - 2017-06-23 13:53 - 03999694 _____ () C:\Users\Henrik\Downloads\liteloader-installer-1.10.2-00.exe
2017-06-23 13:50 - 2017-06-23 13:50 - 00093406 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.10_00_lite_mc1.10.litemod
2017-06-23 13:03 - 2017-06-23 13:03 - 01464826 _____ C:\Users\Henrik\Downloads\worldedit-forge-mc1.10.2-6.1.4-dist.jar
2017-06-22 20:48 - 2017-06-22 20:48 - 00000219 _____ C:\Users\Henrik\Desktop\Counter-Strike Global Offensive.url
2017-06-22 15:54 - 2017-06-22 15:54 - 04175190 _____ C:\Users\Henrik\Downloads\Bro Beatz - Free Midi & Drumkit.zip
2017-06-21 21:14 - 2017-06-21 21:36 - 00000000 ____D C:\Users\Henrik\Desktop\test
2017-06-21 20:44 - 2017-06-21 20:44 - 05614948 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.8.1-1.10.2.zip
2017-06-21 20:12 - 2017-06-21 20:12 - 04601566 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2254-installer.jar
2017-06-21 20:09 - 2017-06-21 20:09 - 00011256 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.3.0 (1).jar
2017-06-21 20:08 - 2017-06-21 20:08 - 17669841 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2254-5.2.0-BETA-2241.jar
2017-06-21 20:04 - 2017-06-21 20:06 - 192107834 _____ C:\Users\Henrik\Downloads\FTBBeyondServer_1.2.1.zip
2017-06-21 20:00 - 2017-06-21 20:02 - 67424751 _____ C:\Users\Henrik\Downloads\libraries.zip
2017-06-21 20:00 - 2017-06-21 20:00 - 10514583 _____ C:\Users\Henrik\Downloads\Thermos-1.7.10-1614-server.jar
2017-06-21 19:42 - 2017-06-21 19:42 - 05252896 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.4.2-1.10.2 (1).zip
2017-06-21 19:00 - 2017-06-21 19:00 - 04607192 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2281-installer.jar
2017-06-21 18:59 - 2017-06-21 18:59 - 04464494 _____ C:\Users\Henrik\Downloads\forge-1.11.2-13.20.0.2228-installer-win.exe
2017-06-21 18:21 - 2017-06-21 18:21 - 04612343 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2017-06-21 18:20 - 2017-06-21 18:20 - 17687869 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2401 (1).jar
2017-06-21 17:28 - 2017-06-21 17:28 - 00000000 ____D C:\WINDOWS\system32\libraries
2017-06-21 00:11 - 2017-06-21 00:11 - 00011252 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.2.0 (1).jar
2017-06-20 22:38 - 2017-06-20 22:38 - 07082664 _____ (Tim Kosse) C:\Users\Henrik\Downloads\FileZilla_3.26.2_win64-setup_bundled2.exe
2017-06-20 22:18 - 2017-06-20 22:18 - 04615458 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2316-installer.jar
2017-06-20 22:15 - 2017-06-20 22:15 - 00011256 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.3.0.jar
2017-06-20 22:11 - 2017-06-20 22:11 - 00011252 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.2.0.jar
2017-06-20 22:08 - 2017-06-20 22:10 - 17687869 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2401.jar
2017-06-20 22:02 - 2017-06-20 22:04 - 209193509 _____ C:\Users\Henrik\Downloads\FTBBeyondServer_1.9.0.zip
2017-06-20 21:57 - 2017-06-20 21:57 - 06030951 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.9.0-1.10.2.zip
2017-06-20 21:55 - 2017-06-20 21:55 - 17687055 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2394.jar
2017-06-20 21:49 - 2017-06-27 15:07 - 00000000 ____D C:\Users\Henrik\AppData\Local\LogMeIn Hamachi
2017-06-20 21:49 - 2017-06-20 21:49 - 05252896 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.4.2-1.10.2.zip
2017-06-20 21:49 - 2017-06-20 21:49 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\Users\Henrik\AppData\Local\LogMeIn
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\ProgramData\LogMeIn
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-06-20 21:48 - 2017-06-27 15:07 - 00000176 _____ C:\Users\Henrik\BullseyeCoverageError.txt
2017-06-20 21:48 - 2017-06-20 21:48 - 10412032 _____ C:\Users\Henrik\Downloads\hamachi.msi
2017-06-20 16:51 - 2017-06-20 17:21 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\streamlabels
2017-06-20 16:51 - 2017-06-20 16:51 - 65472440 _____ (Streamlabs) C:\Users\Henrik\Downloads\streamlabels+setup.exe
2017-06-20 16:51 - 2017-06-20 16:51 - 00002392 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk
2017-06-20 16:51 - 2017-06-20 16:51 - 00002384 _____ C:\Users\Henrik\Desktop\StreamLabels.lnk
2017-06-20 16:01 - 2017-06-20 16:01 - 09025046 _____ C:\Users\Henrik\Downloads\ezgif.com-video-to-gif.mp4
2017-06-20 15:17 - 2017-06-20 15:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign371eb794bd092be1
2017-06-20 15:17 - 2017-06-20 15:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign0feb01170e6e6ee9
2017-06-20 15:05 - 2017-06-20 15:05 - 50246985 _____ C:\Users\Henrik\Downloads\Filthy Frank Its time to stop full template.mp4
2017-06-20 14:43 - 2017-06-20 14:46 - 90894256 _____ C:\Users\Henrik\Downloads\OBS-Studio-0.14.1-With-Browser-Installer.exe
2017-06-20 14:03 - 2017-06-20 14:03 - 00000000 ____D C:\Users\Henrik\EyeToy64
2017-06-20 14:01 - 2017-06-20 14:01 - 03624130 _____ C:\Users\Henrik\Downloads\Eyetoy Logitech and Namti Drivers x64 Windows 7.zip
2017-06-20 14:01 - 2017-06-20 14:01 - 00305917 _____ C:\Users\Henrik\Downloads\EyeToy64.zip
2017-06-20 14:01 - 2017-06-20 14:01 - 00305917 _____ C:\Users\Henrik\Downloads\EyeToy64 (1).zip
2017-06-20 13:44 - 2017-06-20 13:44 - 00001064 _____ C:\Users\Public\Desktop\ManyCam.lnk
2017-06-20 13:44 - 2017-06-20 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2017-06-20 13:41 - 2017-06-20 13:41 - 67807452 _____ C:\Users\Henrik\Downloads\ManyCam_5.5+Crack.rar
2017-06-20 13:38 - 2017-06-20 13:38 - 00606120 _____ (Visicom Media inc.) C:\Users\Henrik\Downloads\ManyCamWebInstaller.exe
2017-06-19 18:54 - 2017-06-19 18:54 - 00137113 _____ C:\Users\Henrik\Downloads\Orientering om retten til å klage på karakterer.pdf
2017-06-19 14:50 - 2017-06-24 16:04 - 00001280 _____ C:\Users\Henrik\Desktop\nativelog.txt
2017-06-18 20:50 - 2017-06-18 20:50 - 06504360 _____ (SosVirus) C:\Users\Henrik\Downloads\adsfix_4_18.06.17.5.exe
2017-06-18 20:48 - 2017-06-27 15:07 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-18 20:47 - 2017-06-27 15:07 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-18 20:47 - 2017-06-18 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-18 20:47 - 2017-06-18 20:47 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-18 20:47 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-18 20:46 - 2017-06-18 20:47 - 64232976 _____ (Malwarebytes ) C:\Users\Henrik\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-18 20:39 - 2017-06-18 21:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Henrik\Downloads\rkill_2.8.4.0.exe
2017-06-18 20:38 - 2017-06-18 20:38 - 04110280 _____ C:\Users\Henrik\Downloads\adwcleaner_6.047.exe
2017-06-15 23:27 - 2017-06-15 23:33 - 10451640 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\HitmanPro x86.exe
2017-06-15 23:26 - 2017-06-15 23:32 - 13310864 _____ (MEGA Limited) C:\Users\Henrik\Downloads\MEGAsyncSetup.exe
2017-06-15 23:21 - 2017-06-15 23:21 - 11584088 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\HitmanPro_x64 (2).exe
2017-06-15 23:14 - 2017-06-15 23:15 - 11584088 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\hitmanpro_x64 (1).exe
2017-06-15 14:44 - 2017-06-15 14:45 - 53019913 _____ C:\Users\Henrik\Downloads\SnailsHousePixelGalaxy DTRemake.zip
2017-06-13 17:31 - 2017-06-13 17:31 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3 (2)
2017-06-13 17:31 - 2017-06-13 17:31 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3 (1)
2017-06-10 18:24 - 2017-06-10 18:24 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsignf8d9d52e7cb458e8
2017-06-10 18:24 - 2017-06-10 18:24 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign2ba83088af4b2ab9
2017-06-10 18:23 - 2017-06-10 18:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign2405b4dd70ca57a1
2017-06-10 02:23 - 2017-06-20 20:24 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\obs-studio
2017-06-10 02:23 - 2017-06-15 23:12 - 00001279 _____ C:\Users\Henrik\Desktop\OBS Studio.lnk
2017-06-10 02:23 - 2017-06-10 02:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-10 02:22 - 2017-06-10 02:22 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-06-10 02:21 - 2017-06-10 02:22 - 113227632 _____ (obsproject.com) C:\Users\Henrik\Downloads\OBS-Studio-19.0.2-Full-Installer.exe
2017-06-08 23:28 - 2017-06-08 23:28 - 00962440 _____ C:\Users\Henrik\Downloads\Cinematic and Emotional Background Music For Documentaries - Part_2.wav
2017-06-08 23:28 - 2017-06-08 23:28 - 00962440 _____ C:\Users\Henrik\Downloads\Cinematic and Emotional Background Music For Documentaries - Part_1.wav
2017-06-08 20:19 - 2017-06-08 20:20 - 201330037 _____ C:\Users\Henrik\Downloads\SAY LESS_grouped stems.zip
2017-06-08 17:23 - 2017-06-08 17:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\PoolNationFX
2017-06-08 16:48 - 2017-06-08 16:48 - 00000222 _____ C:\Users\Henrik\Desktop\Pool Nation FX.url
2017-06-08 15:16 - 2017-06-08 15:16 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusbK.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusbK.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusbK.sys
2017-06-08 15:12 - 2017-06-08 15:12 - 50449456 _____ (Microsoft Corporation) C:\Users\Henrik\Downloads\dotNetFx40_Full_x86_x64.exe
2017-06-07 16:46 - 2017-06-07 16:46 - 00003362 _____ C:\WINDOWS\System32\Tasks\{5236BE84-80C8-4CD2-9A99-5D86B2299762}
2017-06-07 16:45 - 2017-06-07 16:45 - 04895872 _____ C:\Users\Henrik\Downloads\cnltf_a380_12510928.zip
2017-06-07 16:44 - 2017-06-07 16:44 - 02458632 _____ (Megaify Software ) C:\Users\Henrik\Downloads\DriverToolkitInstaller (4).exe
2017-06-07 16:29 - 2017-06-07 16:30 - 00420644 _____ (Novation DMS Ltd. ) C:\Users\Henrik\Downloads\novation-usb-driver-2.7.exe
2017-06-07 16:17 - 2017-06-07 16:17 - 00452243 _____ (Novation DMS Ltd. ) C:\Users\Henrik\Downloads\novation-usb-driver-2.6 (1).exe
2017-06-07 16:02 - 2017-06-07 16:02 - 01633664 _____ (Novation ) C:\Users\Henrik\Downloads\bassstation-2.1.exe
2017-06-07 16:01 - 2017-06-07 16:03 - 28531792 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\Henrik\Downloads\automap4-4.10 (2).exe
2017-06-07 15:57 - 2017-06-07 16:06 - 922233412 _____ C:\Users\Henrik\Downloads\Unconfirmed 509119.crdownload
2017-06-06 19:52 - 2017-06-06 19:52 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 14:07 - 2017-06-06 14:07 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3
2017-06-05 01:55 - 2017-06-05 01:57 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-05 01:55 - 2017-06-05 01:55 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-05 01:55 - 2016-09-22 14:55 - 02839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2017-06-05 01:54 - 2017-06-05 01:54 - 217553063 _____ (Realtek Semiconductor Corp.) C:\Users\Henrik\Downloads\0008-64bit_Win7_Win8_Win81_Win10_R281.exe
2017-06-04 15:29 - 2017-06-04 15:29 - 00001088 _____ C:\Users\Henrik\Downloads\Progressive House 2.fxp
2017-06-04 15:29 - 2017-06-04 15:29 - 00001088 _____ C:\Users\Henrik\Downloads\Progressive House 1.fxp
2017-06-04 14:27 - 2017-06-04 14:27 - 00806116 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_3.wav
2017-06-04 14:18 - 2017-06-04 14:18 - 04856508 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_2.wav
2017-06-04 14:04 - 2017-06-04 14:04 - 01605732 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_1.wav
2017-06-04 13:18 - 2017-06-04 13:18 - 01716800 _____ C:\Users\Henrik\Downloads\outro part.wav
2017-06-03 18:17 - 2017-06-03 18:17 - 01487492 _____ C:\Users\Henrik\Downloads\Tony Yayo & Danny Brown - Roll Up - Part_1.wav
2017-06-03 18:16 - 2017-06-03 18:16 - 00576820 _____ C:\Users\Henrik\Downloads\is it the strength - Part_1.wav
2017-06-03 18:08 - 2017-06-03 18:08 - 07498840 _____ C:\Users\Henrik\Downloads\is it the strength.wav
2017-06-02 18:26 - 2017-06-02 18:26 - 02091860 _____ C:\Users\Henrik\Downloads\Heart - Alone - Part_2.wav
2017-06-02 16:48 - 2017-06-02 16:48 - 00243036 _____ C:\Users\Henrik\Downloads\Heart - Alone - Part_1.wav
2017-06-01 01:15 - 2017-06-01 01:15 - 01483856 _____ C:\Users\Henrik\Downloads\Jamaica - Living in the blue mountains - Part_1.wav
2017-05-30 12:47 - 2017-05-30 12:47 - 00000000 ____D C:\Users\Henrik\AppData\Local\TslGame
2017-05-30 12:26 - 2017-05-30 12:26 - 00000222 _____ C:\Users\Henrik\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-05-28 04:04 - 2017-05-28 04:04 - 00000000 ____D C:\Users\Henrik\.mputils
2017-05-28 01:24 - 2017-06-26 20:32 - 00000000 ____D C:\Users\Henrik\AppData\Local\SLAM
2017-05-28 01:23 - 2017-05-28 01:23 - 00236947 _____ C:\Users\Henrik\Downloads\SLAM_v1.3.4.zip

 

[HenrikNoVirus]

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-27 15:14 - 2017-04-08 13:40 - 00531969 _____ C:\WINDOWS\ZAM.krnl.trace
2017-06-27 15:14 - 2017-04-08 13:40 - 00498586 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-06-27 15:13 - 2016-10-12 21:25 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-27 15:12 - 2016-11-11 13:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-27 15:08 - 2016-11-11 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 15:07 - 2016-10-28 15:06 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-27 15:07 - 2016-10-28 15:06 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-27 15:07 - 2016-10-28 15:06 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-27 15:07 - 2016-10-12 22:38 - 00000000 ____D C:\Users\Henrik\AppData\Local\CrashDumps
2017-06-27 15:07 - 2016-10-12 22:14 - 00000000 __SHD C:\Users\Henrik\IntelGraphicsProfiles
2017-06-27 15:07 - 2016-10-12 21:28 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Spotify
2017-06-27 15:07 - 2016-10-12 21:28 - 00000000 ____D C:\Users\Henrik\AppData\Local\Spotify
2017-06-27 04:28 - 2016-11-10 13:08 - 00000000 ____D C:\Users\Henrik\AppData\Local\Ubisoft Game Launcher
2017-06-27 02:00 - 2016-10-12 21:16 - 00000000 ____D C:\Users\Henrik\AppData\Local\Adobe
2017-06-26 22:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-26 20:26 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-26 19:21 - 2016-10-26 21:44 - 00000000 ____D C:\Users\Henrik\Documents\Adobe
2017-06-26 19:21 - 2016-10-12 20:40 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Adobe
2017-06-26 02:06 - 2017-01-16 00:54 - 00000000 ____D C:\Users\Henrik\AppData\Local\Spectrasonics
2017-06-25 20:41 - 2016-10-12 20:15 - 02601654 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-25 20:34 - 2016-11-11 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-25 20:11 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-25 20:09 - 2016-10-18 19:42 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Origin
2017-06-25 19:41 - 2016-10-13 17:58 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-25 19:38 - 2016-10-18 19:39 - 00000000 ____D C:\ProgramData\Origin
2017-06-25 19:12 - 2016-10-18 19:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-25 16:57 - 2016-10-23 23:53 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Audacity
2017-06-24 16:04 - 2016-10-13 16:19 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\.minecraft
2017-06-24 14:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-24 04:42 - 2017-03-18 13:57 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Curse Client
2017-06-23 13:05 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 13:03 - 2016-11-21 20:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-23 12:49 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-21 14:07 - 2016-10-12 21:25 - 00000000 ____D C:\Users\Henrik\AppData\Local\Greenshot
2017-06-21 02:24 - 2016-10-15 03:02 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\FileZilla
2017-06-20 22:16 - 2016-10-15 03:07 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Notepad++
2017-06-20 21:49 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-20 21:48 - 2016-11-11 13:04 - 00000000 ____D C:\Users\Henrik
2017-06-20 17:15 - 2017-02-09 22:55 - 00000000 ____D C:\Users\Henrik\AppData\Local\ManyCam
2017-06-20 15:42 - 2016-10-26 21:36 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-20 13:45 - 2017-02-09 22:53 - 00000000 ____D C:\Program Files (x86)\ManyCam
2017-06-20 13:43 - 2017-02-09 22:53 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\ManyCam
2017-06-18 20:47 - 2016-10-12 21:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-18 20:41 - 2016-10-30 16:33 - 00000000 ____D C:\AdwCleaner
2017-06-18 14:16 - 2017-03-02 00:34 - 00000000 ____D C:\Users\Henrik\AppData\Local\Arma 3 Launcher
2017-06-18 13:47 - 2017-03-02 00:34 - 00000000 ____D C:\Users\Henrik\AppData\Local\Arma 3
2017-06-15 23:13 - 2017-05-03 15:57 - 00002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-15 23:13 - 2017-03-30 16:27 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-15 23:13 - 2017-02-08 19:03 - 00000759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2017-06-15 23:13 - 2017-02-02 17:37 - 00000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-06-15 23:13 - 2017-01-13 22:07 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-06-15 23:13 - 2016-11-20 03:23 - 00001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2017.lnk
2017-06-15 23:13 - 2016-11-20 03:21 - 00001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2017-06-15 23:13 - 2016-11-11 13:06 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-15 23:13 - 2016-11-07 21:42 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
2017-06-15 23:13 - 2016-10-30 16:29 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-15 23:13 - 2016-10-13 19:08 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-15 23:13 - 2016-10-13 19:07 - 00002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-06-15 23:13 - 2016-10-12 21:34 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-06-15 23:13 - 2016-10-12 21:31 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-06-15 23:13 - 2016-10-12 21:26 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-06-15 23:12 - 2017-04-11 20:24 - 00001005 _____ C:\Users\Henrik\Desktop\Twitch.lnk
2017-06-15 23:12 - 2017-04-11 20:24 - 00000991 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-06-15 23:12 - 2017-03-18 16:54 - 00000633 _____ C:\Users\Henrik\Desktop\Overwatch.lnk
2017-06-15 23:12 - 2017-03-18 16:22 - 00000565 _____ C:\Users\Henrik\Desktop\Battle.net.lnk
2017-06-15 23:12 - 2017-01-13 22:07 - 00001052 _____ C:\Users\Henrik\Desktop\TeamSpeak 3 Client.lnk
2017-06-15 23:12 - 2016-11-06 05:07 - 00000671 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Lite.lnk
2017-06-15 23:12 - 2016-10-30 16:29 - 00002254 _____ C:\Users\Henrik\Desktop\Google Chrome.lnk
2017-06-15 23:12 - 2016-10-18 19:41 - 00001066 _____ C:\Users\Henrik\Desktop\Origin.lnk
2017-06-15 23:12 - 2016-10-13 19:07 - 00002011 _____ C:\Users\Henrik\Desktop\Avast Free Antivirus.lnk
2017-06-15 23:12 - 2016-10-13 16:19 - 00000785 _____ C:\Users\Henrik\Desktop\Minecraft.lnk
2017-06-15 23:12 - 2016-10-13 01:35 - 00002663 _____ C:\Users\Henrik\Desktop\µTorrent.lnk
2017-06-15 23:12 - 2016-10-13 01:35 - 00002643 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-06-15 23:12 - 2016-10-13 01:13 - 00000996 _____ C:\Users\Henrik\Desktop\FL Studio 12.lnk
2017-06-15 23:12 - 2016-10-12 22:30 - 00001051 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-06-15 23:12 - 2016-10-12 21:28 - 00001855 _____ C:\Users\Henrik\Desktop\Spotify.lnk
2017-06-15 23:12 - 2016-10-12 21:28 - 00001841 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-06-15 23:12 - 2016-10-12 21:27 - 00002638 _____ C:\Users\Henrik\Desktop\Skype.lnk
2017-06-15 23:12 - 2016-10-12 21:25 - 00001036 _____ C:\Users\Henrik\Desktop\Steam.lnk
2017-06-15 23:12 - 2016-10-12 20:42 - 00002370 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-15 15:49 - 2016-10-12 22:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-15 15:47 - 2016-10-12 22:51 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-13 22:21 - 2016-12-06 17:21 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-13 22:21 - 2016-10-12 20:42 - 00000000 ___RD C:\Users\Henrik\OneDrive
2017-06-10 17:37 - 2016-10-12 22:15 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Skype
2017-06-10 04:21 - 2016-10-15 15:12 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\vlc
2017-06-10 00:39 - 2017-03-15 20:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 00:39 - 2016-10-12 21:27 - 00000000 ____D C:\ProgramData\Skype
2017-06-10 00:23 - 2017-03-18 16:22 - 00000000 ____D C:\Users\Henrik\AppData\Local\Battle.net
2017-06-08 15:16 - 2016-11-06 05:08 - 00000398 __RSH C:\ProgramData\ntuser.pol
2017-06-05 01:55 - 2016-10-12 21:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-03 17:02 - 2016-11-10 16:12 - 00697384 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 18:22 - 2017-05-03 15:50 - 00000000 ____D C:\Program Files\MK
2017-05-31 17:46 - 2016-11-11 13:08 - 00004004 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1476378490
2017-05-30 12:47 - 2016-12-09 19:06 - 00000000 ____D C:\Users\Henrik\AppData\Local\UnrealEngine

==================== Files in the root of some directories =======

2016-10-12 21:29 - 2016-10-12 21:29 - 0000000 _____ () C:\Program Files (x86)\ASUS Xonar D2 Audio
2016-11-07 21:45 - 2017-02-05 16:29 - 0000033 _____ () C:\Users\Henrik\AppData\Roaming\AdobeWLCMCache.dat
2016-11-26 07:18 - 2016-12-01 20:58 - 0004014 _____ () C:\Users\Henrik\AppData\Roaming\VoiceMeeterDefault.xml
2016-12-15 13:51 - 2017-03-18 19:09 - 0009275 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 13:51 - 2017-03-16 19:05 - 0006884 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-20 21:48 - 2017-06-20 21:48 - 0008720 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-06-20 21:49 - 2017-06-20 21:49 - 0012080 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-x64-3.dll
2017-06-20 21:49 - 2017-06-20 21:49 - 0010520 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-06-21 20:32 - 2017-06-21 20:32 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1071075392364444971.dll
2017-06-21 21:25 - 2017-06-21 21:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1153001586639308607.dll
2017-06-21 18:54 - 2017-06-21 18:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1260291970132728421.dll
2017-05-07 13:59 - 2017-05-07 13:59 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1363634836949659710.dll
2017-06-21 20:33 - 2017-06-21 20:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2186400338576564517.dll
2017-05-12 20:03 - 2017-05-12 20:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2290271135544366362.dll
2017-06-21 18:34 - 2017-06-21 18:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2469749168740701734.dll
2017-06-21 18:24 - 2017-06-21 18:24 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2728434572421372818.dll
2017-06-21 19:03 - 2017-06-21 19:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2855344790019296826.dll
2017-06-21 21:34 - 2017-06-21 21:34 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2917035292047346074.dll
2017-05-12 20:03 - 2017-05-12 20:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3215167825315777799.dll
2017-06-21 20:14 - 2017-06-21 20:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3277872538019738130.dll
2017-06-20 22:50 - 2017-06-20 22:50 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3282594619801589884.dll
2017-06-21 18:48 - 2017-06-21 18:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3305238220643517183.dll
2017-06-21 00:07 - 2017-06-21 00:07 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3353997431882390676.dll
2017-06-21 18:30 - 2017-06-21 18:30 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3355681635270746290.dll
2017-06-23 13:16 - 2017-06-23 13:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3589258148788507051.dll
2017-06-20 23:25 - 2017-06-20 23:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3627287089634379371.dll
2017-06-21 18:33 - 2017-06-21 18:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3719675648887146509.dll
2017-06-20 23:41 - 2017-06-20 23:41 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3837546123523305305.dll
2017-05-28 04:02 - 2017-05-28 04:02 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-4216179287273088663.dll
2017-06-20 23:22 - 2017-06-20 23:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-4235778254976684987.dll
2017-06-21 20:47 - 2017-06-21 20:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5038764882999847846.dll
2017-06-24 15:45 - 2017-06-24 15:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5460312811184151518.dll
2017-06-21 21:38 - 2017-06-21 21:38 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5581777625304781288.dll
2017-06-24 15:29 - 2017-06-24 15:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-6368812674826841464.dll
2017-06-21 19:22 - 2017-06-21 19:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-6761491517736766672.dll
2017-06-20 22:44 - 2017-06-20 22:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7062560105360448856.dll
2017-06-21 18:57 - 2017-06-21 18:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7176761637998703884.dll
2017-06-21 19:01 - 2017-06-21 19:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7261807896661401354.dll
2017-06-24 15:29 - 2017-06-24 15:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7367500199629893132.dll
2017-06-20 22:20 - 2017-06-20 22:20 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7496619433307775273.dll
2017-06-21 19:01 - 2017-06-21 19:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7518563292777661402.dll
2017-06-21 19:22 - 2017-06-21 19:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8366214386157331703.dll
2017-06-20 23:16 - 2017-06-20 23:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8663732862190852744.dll
2017-06-21 21:12 - 2017-06-21 21:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8929307440126607196.dll
2017-06-21 00:17 - 2017-06-21 00:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-92277662226697748.dll
2017-05-28 03:54 - 2017-05-28 03:54 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-946592660185118486.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-18 18:35

==================== End of FRST.txt ============================

 

[HenrikNoVirus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by Henrik (27-06-2017 15:15:25)
Running from C:\Users\Henrik\Downloads
Windows 10 Enterprise Version 1607 (X64) (2016-11-11 11:11:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2799272097-1707510344-1613828314-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2799272097-1707510344-1613828314-503 - Limited - Disabled)
Guest (S-1-5-21-2799272097-1707510344-1613828314-501 - Limited - Disabled)
Henrik (S-1-5-21-2799272097-1707510344-1613828314-1001 - Administrator - Enabled) => C:\Users\Henrik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Ableton Live 9 Lite (HKLM\...\{F32EA031-9333-44DD-AE45-31B9C4DBF398}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== ATTENTION
Altiverb 7 Uninstaller (HKLM\...\{367662CA-394A-4095-9549-973FC3807B9B}_is1) (Version: 7.2 - Audio Ease BV)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Apowersoft Phone Manager version 2.8.6 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.6 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Apple-programvaresupport (32-bits) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple-programvaresupport (64-bits) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Automap 4.10 (HKLM\...\Automap Universal_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Automap ReWire 1.0 (HKLM-x32\...\Automap Universal ReWire_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version: - The Behemoth)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Discord (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive®)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Infected Mushroom - Manipulator version 0.904 (HKLM\...\{25772CF9-4EEE-4D1A-9FE7-29A4B91B3422}_is1) (Version: 0.904 - Polyverse Music, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
ManyCam 5.5.0 (HKLM-x32\...\ManyCam) (Version: 5.5.0 - Visicom Media Inc.)
Microsoft Office 365 ProPlus - nb-no (HKLM\...\O365ProPlusRetail - nb-no) (Version: 16.0.7766.2092 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 2.2.0.1 - NETGEAR)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
Pool Nation FX (HKLM\...\Steam App 314000) (Version: - Cherry Pop Games)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Reflector (HKLM\...\{504A63E8-E5B6-4054-9CC2-85E490582620}) (Version: 1.5.1.0 - Squirrels)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
SnookerWorld (HKLM\...\Steam App 522660) (Version: - Ouyang zhengyu)
SNOW (HKLM\...\Steam App 244930) (Version: - Poppermost Productions)
Spotify (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.9.12 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.12 - SteelSeries ApS)
STEEP (HKLM-x32\...\Uplay Install 3445) (Version: - Ubisoft)
StreamLabels 0.2.2 (only current user) (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.2 - Streamlabs)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (HKLM\...\Steam App 241560) (Version: - Ivory Tower in collaboration with Ubisoft Reflections)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Twitch Leecher 1.3.5 (HKLM-x32\...\{dbdcd040-9099-4490-80a2-0a617c83df14}) (Version: 1.3.5.0 - Fake Smile Revolution)
Twitch Leecher 1.3.5 (Version: 1.3.5.0 - Fake Smile Revolution) Hidden
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.1 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\WinDirStat) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Yooka-Laylee (HKLM\...\Steam App 360830) (Version: - Playtonic Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3F8F9E874C70}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016765C3-A442-41B8-A87E-1D8DF15A6FE1} - System32\Tasks\{A2A997F5-7490-4189-BAC3-73B6EAA97EB1} => pcalua.exe -a "D:\Program Files (x86)\Wondershare\TunesGo\unins000.exe" -c /WAF
Task: {1BFF60FE-1871-4029-A15E-71CA2FB51CDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-10] (Microsoft Corporation)
Task: {239B2907-C427-42B2-979B-786B2294DED2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Henrik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {23F64AE5-CA22-4D70-9816-22F375E0B184} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2C3CB134-3E9F-4206-95EC-F4A6002D84A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-04] (Microsoft Corporation)
Task: {2D95B74B-ED50-4A1C-A700-E9D84623E367} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-10] (Microsoft Corporation)
Task: {408C4510-3292-4D8B-BAC0-73A70CAF3244} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ciizify@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {4A1FD6A3-49E6-40E8-BA53-BB53D3EC6A3C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {56BF966E-0760-4CA9-8470-07CF26015AAE} - System32\Tasks\SafeZone scheduled Autoupdate 1476378490 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {59105636-5EAF-4BD0-B994-975622AE7F65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-10] (Microsoft Corporation)
Task: {5E6BAC3B-D95E-4FB7-9F88-26528BD801A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-04] (Microsoft Corporation)
Task: {62F55296-757C-4D82-9008-E359053C7651} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {6D16567C-7600-4687-8DAF-3BC4751C5B4A} - \Uzuydarient -> No File <==== ATTENTION
Task: {79C8EFC1-77CA-46D0-875D-6C11059F0F61} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {837C9067-D7F1-4777-A0F1-0A522677960B} - System32\Tasks\{5236BE84-80C8-4CD2-9A99-5D86B2299762} => pcalua.exe -a "C:\Users\Henrik\Desktop\drake tut.logicx\lsl\SetUpDrv.exe" -d "C:\Users\Henrik\Desktop\drake tut.logicx\lsl"
Task: {998C8012-A509-473A-BB1B-39603D200776} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-21] (AVAST Software)
Task: {A58BAC3B-7CB2-4069-8C15-A733625CFBFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30] (Google Inc.)
Task: {A740A3E8-E785-466D-A81C-1A7AAA69B9DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30] (Google Inc.)
Task: {AD3E476E-5F2E-4860-88B7-E1DE4F86D326} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-04] (AVAST Software)
Task: {BA626151-0E64-4972-AD34-A13AAD4D5AF1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {C7E8AC70-8490-450A-AF42-3B68C8BBAFB6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {CEB28B00-C355-4399-A862-2995DDB17B10} - System32\Tasks\updater => D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions)
Task: {E6747F9C-F868-4176-9EFA-2E92845AC13F} - System32\Tasks\AdobeAAMUpdater-1.0 Fallback-MicrosoftAccount-ciizify@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {F50B3BAC-F0EA-4029-AA9A-DB10B47EBF99} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {F7367877-6F17-44BE-9B47-9B049DD3AA0D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70216a91c23d8320\mau5 - Chrome.lnk -> C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70216a91c23d8320 ()
Shortcut: C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\mau5 - Chrome.lnk -> C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9 ()

==================== Loaded Modules (Whitelisted) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-12 21:57 - 2017-02-23 20:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-12 21:57 - 2017-02-23 20:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-12 21:08 - 2013-11-11 15:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-06-20 21:49 - 2017-06-20 21:49 - 00012080 _____ () C:\WINDOWS\TEMP\BullseyeCoverage-x64-3.dll
2017-03-15 19:04 - 2017-03-15 19:04 - 00309760 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\e02f07b40299b7750946b12ee5fb9064\ReactiveSockets.ni.dll
2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 14:33 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-11 13:03 - 2016-12-29 14:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-30 16:25 - 2016-10-25 10:57 - 00491184 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-11 21:57 - 2016-11-11 21:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:34 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 14:13 - 2017-06-21 14:14 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-06-18 20:47 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-12 21:08 - 2014-01-02 13:13 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2017-03-30 16:25 - 2016-10-25 10:57 - 31723696 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-06-05 02:27 - 2017-06-05 02:27 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-05 02:27 - 2017-06-05 02:27 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 15:08 - 2017-05-26 15:22 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-17 12:54 - 2017-06-17 12:54 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-17 12:54 - 2017-06-17 12:54 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-15 13:34 - 2017-06-15 13:34 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-15 13:34 - 2017-06-15 13:34 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-08 19:10 - 2017-06-08 19:10 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 13:34 - 2017-06-15 13:35 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-10-12 22:42 - 2016-10-12 22:42 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-15 13:34 - 2017-06-15 13:35 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 17:22 - 2017-05-05 17:23 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-10-12 22:42 - 2016-10-12 22:43 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-05-18 07:22 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-18 07:22 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-06-16 21:24 - 2017-06-16 21:24 - 31133184 _____ () C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll
2016-10-12 21:08 - 2013-10-15 09:29 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2016-10-18 19:41 - 2017-06-25 19:11 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-12-27 23:22 - 2012-06-06 11:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-10-12 21:57 - 2017-02-23 20:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-12 22:20 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-12 22:20 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 00:55 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 12:32 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-10-27 16:30 - 2017-06-22 14:59 - 00189040 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 67117168 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libcef.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 02253424 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libglesv2.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 00086640 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libegl.dll
2017-03-18 17:02 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-03-15 01:33 - 2017-03-15 01:33 - 01082880 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-03-15 01:33 - 2017-03-15 01:33 - 03750400 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-03-15 01:33 - 2017-03-15 01:33 - 00914432 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-03-15 01:33 - 2017-03-15 01:33 - 01127424 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-03-18 17:02 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-03-18 17:02 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-03-30 16:25 - 2017-03-14 09:31 - 52051544 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 21:08 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2017-06-20 21:49 - 2017-06-20 21:49 - 00010520 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-06-27 15:08 - 2017-06-27 15:08 - 00148992 _____ () \\?\C:\Users\Henrik\AppData\Local\Temp\8FF4.tmp.node
2017-03-15 01:33 - 2017-04-29 16:57 - 02658296 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-03-15 01:36 - 2017-03-22 20:25 - 02665976 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2017-03-30 16:26 - 2017-01-25 21:07 - 00118272 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-03-30 16:26 - 2017-01-25 21:07 - 00214528 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-03-30 16:26 - 2017-01-25 21:06 - 00117248 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-03-30 16:26 - 2017-01-25 21:07 - 00125952 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-03-30 16:26 - 2017-03-14 09:35 - 00099416 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-03-30 16:26 - 2017-01-25 21:07 - 00086528 ____N () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 22:20 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

 

[HenrikNoVirus]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Henrik\Desktop\577446813c7af1c0a38459f06c9629d3.jpg
DNS Servers: 109.247.114.4 - 92.220.228.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E595E249-59D6-409D-A5FE-E2E891ECA31F}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{8E26A590-35DB-47CF-A12C-215FBFB9F40D}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{10406D22-A92E-4EFF-B84B-0D36601461F0}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\STEEP\steep.exe
FirewallRules: [UDP Query User{3CBDF26E-0EAB-4098-B139-EC29E5ADDB41}D:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) D:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [TCP Query User{940BE97B-F255-4FEF-B68D-116A00487126}D:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) D:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{2871BFDC-4AA6-4C6A-876C-81323D4A55BB}D:\program files (x86)\novation\automap\automapserver.exe] => (Allow) D:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [TCP Query User{AA5FFAE9-6950-4017-BF1F-8B6564934850}D:\program files (x86)\novation\automap\automapserver.exe] => (Allow) D:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [{D057E58E-E9DE-4A6F-83F5-7B5782017383}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A770FBE6-CC2C-4232-98D9-AD9C0DE9FBA8}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{E59E5B80-38A5-4636-A5BB-6C5DAF574369}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{185843A7-3279-467A-BE49-E848F055AD7D}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{8D842E21-D85C-450E-90E1-FFD2E299BA77}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E12C3502-CF97-4768-9785-8BE32C5F615D}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1BA6ECAF-886A-4DCE-9616-D4BC8950B632}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6FE9288A-BED0-43B1-9462-51F441E9CBE6}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28DDB9DD-FBC3-435F-B1C7-6532F169C516}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7943FA5F-FDB2-4E16-85C1-9F87842DE213}] => (Allow) C:\Users\Henrik\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4FD0B70-4973-4702-A797-FF5B37767122}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6D0BDB82-D4A0-4D3D-99DD-E14DA64DC361}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9A0EA733-7D11-4BE2-A174-4B1EC1B74C8B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2746E2BF-03E9-4BAA-8BE4-3667F3DEA3A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AF8531DB-8C80-4DCF-9A6C-0628D6FF45EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5EA161C7-62F2-42B6-A3CF-A5E3458F8676}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{3ABA35D2-4B2D-4085-8574-AC4B4222BDB5}C:\users\henrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henrik\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F008EDDD-1500-4303-9790-58E7C4D2F836}C:\users\henrik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henrik\appdata\roaming\spotify\spotify.exe
FirewallRules: [{18215A13-3E04-4DBA-AFAB-32030B211C3E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EEBF25B5-1E2C-40DB-823E-7C857CC762B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC493CDB-EFAE-4E55-B22A-E6D2276A42E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D3CB38D5-7544-4181-8AF8-420285055EA3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BCF82A08-AB4E-4523-92B0-F07306AE50FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F415DD9C-2DD1-4C38-9A96-8BC6095E5EB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{98275266-437E-4EF9-B787-9D633880F127}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [UDP Query User{E3E7C063-8743-4C3B-B4A9-9BCE504C590C}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe
FirewallRules: [TCP Query User{921B3F3E-F90C-4034-AC9D-7D3885B44548}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [UDP Query User{BE00A915-0473-4AFA-9E6C-DFBF998CC1A3}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [{DDBF36AF-16AE-48D5-B14C-DEEEC894E77D}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{D821A434-5012-4CF8-9709-915B4BDFA338}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{30E90204-C0EE-41D6-8068-0886070748F5}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{08017A71-7053-4348-87AE-DEAD56641E19}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7145FC12-98C5-4AE7-BD6E-FD4A5C82D2CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{180DD12C-562A-4A01-8188-92BBB20C5B32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8BCCB8D6-D42B-4D32-9FAF-D2558CD1BA81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E3AFD387-02E6-455E-81BD-796F1A8AB27F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{943F6FFC-862C-4821-BF1E-CCD4C020C90D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E5BD139A-7088-47D2-A9EB-EE11CC33441A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4DE9FCBD-EA75-483D-83D7-70C7EA710CE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AA565851-2CB2-47B7-BC07-7550E3C1773B}D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [UDP Query User{2FF83968-4EAE-4324-8330-0F275750DC44}D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [TCP Query User{DD2B71D8-1F38-4FA0-AC2F-52BC4B98F6AA}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [UDP Query User{FE086A2C-1ED0-4CF5-8051-16742BE63802}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [{094DFCCB-963A-4BBB-9DA2-37BCEA926F74}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{5FC10A25-6DAD-45DD-99D6-E1FD1755FA34}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{3493C184-EC19-4914-8192-1D3A0EC63B66}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{1CB1EAD1-32F6-4CD6-82F4-7CACE86E4970}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{24A9975F-C900-4B51-848A-FB7193F49FF5}] => (Allow) D:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{1E5E03D0-5FC2-4CC9-9E97-E1C8DE8D9FE0}] => (Allow) D:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{04A14983-3607-447A-92D5-4661680B1F07}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43085.exe
FirewallRules: [UDP Query User{74034BCD-E66B-4944-A2B6-8C9FBE52CCAA}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43085.exe
FirewallRules: [{DEDFC86D-3F61-4431-8854-60676C4FCF53}] => (Allow) D:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{300C5207-E116-491B-B8B7-94172007AF48}] => (Allow) D:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{B5A059AE-FB1E-40D0-9430-B93418DA4DBF}] => (Allow) D:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{890860F5-925A-456A-BE4C-1E9A516A2F43}] => (Allow) D:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{E2C9B226-D3FC-40BB-81D0-B871BA76FF6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{F6AE8FC0-97BE-4EB5-8D9E-001F4D3C8EAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{7F002107-2C0E-4D24-823F-3BEF6D964DA1}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CABC07F4-9618-438C-8067-F7AB3D2B508F}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{64E3E6A7-489F-4E6C-B22E-864FA6FF1160}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{B5C927D2-563E-4150-948A-683DA1817DA1}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{04DD4EC9-ABA1-47AC-9BCF-C5A02BCD56D2}D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\32bit\ilbridge.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\32bit\ilbridge.exe
FirewallRules: [UDP Query User{24465C93-89AA-4B8F-B951-77F580ABC859}D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\32bit\ilbridge.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\32bit\ilbridge.exe
FirewallRules: [TCP Query User{DB142851-5B72-4D30-B4E0-4326C05A6F56}D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe
FirewallRules: [UDP Query User{DF5B4712-CDB5-4854-9294-F5FEA0EA974A}D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe] => (Allow) D:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe
FirewallRules: [TCP Query User{4A3F1E68-75A9-4E4D-BD0D-D27999A5CEE2}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [UDP Query User{6CFBC0D9-CA54-40DF-8CD4-03D1685A5A4E}C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.4.9_43295.exe
FirewallRules: [{E69CC76D-2160-4288-9A47-5D479FD93888}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{89B2B7E3-6E98-4E22-9FE6-57762156D9B4}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8A9ABDC7-647C-4E80-A632-37BCAD2FFA0B}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{88E67F13-03A0-407F-9595-F904522A60DB}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{CF63DA79-8AE6-470E-AB29-6F5DD95D9E09}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{A2AB1551-30F0-49DE-AA58-D244EAE1B629}D:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{185A624D-6CE7-4155-91A6-0D873564E701}C:\users\henrik\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\henrik\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{17B3C428-AF8B-4D25-8E51-A911BB252DA6}C:\users\henrik\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\henrik\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D87BB95D-8D85-49EB-B06C-4ECEEEEEE4A5}D:\battlenet\overwatch\overwatch\overwatch.exe] => (Allow) D:\battlenet\overwatch\overwatch\overwatch.exe
FirewallRules: [UDP Query User{F98F39AA-F998-4785-8E88-69C6078D16CE}D:\battlenet\overwatch\overwatch\overwatch.exe] => (Allow) D:\battlenet\overwatch\overwatch\overwatch.exe
FirewallRules: [{CBDAA32C-3B1A-4A9F-AB82-831A8C8FE628}] => (Allow) D:\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{D5E67DA4-876B-4EB5-8ED8-71ED929EF0F4}] => (Allow) D:\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{A0ADD61A-9869-4F2F-971E-3F5659712C62}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{20B5DC09-CFAA-46AF-816B-853B3DF1B218}] => (Allow) D:\Steam\steamapps\common\YookaLaylee\YookaLaylee64.exe
FirewallRules: [{F4E7C8AF-B310-46F0-9F48-8510B5F4501E}] => (Allow) D:\Steam\steamapps\common\YookaLaylee\YookaLaylee64.exe
FirewallRules: [{5C342244-E913-47D6-9BAC-488DC49EE0CB}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{AD6F9B13-6BF0-4D0E-A3ED-12AD2CBB8165}] => (Allow) D:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{68250E07-9750-4EF9-B3DC-5607A7DC81A1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [TCP Query User{08CCF43F-595C-413E-A9C4-DC87618D1AE9}C:\program files\reflector\reflector.exe] => (Allow) C:\program files\reflector\reflector.exe
FirewallRules: [UDP Query User{7F30CCF8-81C9-4B02-90E8-95B29E216A54}C:\program files\reflector\reflector.exe] => (Allow) C:\program files\reflector\reflector.exe
FirewallRules: [TCP Query User{084CF1B5-88BF-4871-AEC2-F48929E535D2}C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe] => (Allow) C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe
FirewallRules: [UDP Query User{024458A8-0342-40DD-A88F-FE6373E1CB34}C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe] => (Allow) C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe
FirewallRules: [TCP Query User{BB6B96A1-18C1-4E37-8F34-00A576BFCF72}C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe] => (Allow) C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe
FirewallRules: [UDP Query User{FD1BDEE1-8B68-4CD0-8D72-7CA1B96CF4AC}C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe] => (Allow) C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe
FirewallRules: [TCP Query User{5D29533E-E55D-4A04-B329-6CCA667E5E5D}C:\users\henrik\desktop\airplayer.exe] => (Allow) C:\users\henrik\desktop\airplayer.exe
FirewallRules: [UDP Query User{819D284C-2098-46C2-9163-0F079A4F4704}C:\users\henrik\desktop\airplayer.exe] => (Allow) C:\users\henrik\desktop\airplayer.exe
FirewallRules: [TCP Query User{39DB3796-8D71-4D0F-A24C-CAD0EA8FF6D7}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [UDP Query User{2A9C3565-1864-48E1-9EB0-AC2E68CE8756}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe
FirewallRules: [{2DA20CCE-0A6F-43B2-AF87-B25CF4A8C12A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{5A817BEF-4155-4FDA-B155-A106BB873E82}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{0C991DE6-4B2C-4B44-B927-954ED9A81FCD}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{D731AADD-CEFD-4DCE-A6BA-C0C5369AC0A2}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9D6E73BF-112F-4762-964B-422D409A2AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{D7BE41E3-ACDC-4766-AE4A-442F488169AE}C:\users\henrik\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.5.0_43804.exe
FirewallRules: [UDP Query User{3EAA4CB4-3013-4CBE-A768-54F18D1013F2}C:\users\henrik\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\henrik\appdata\roaming\utorrent\updates\3.5.0_43804.exe
FirewallRules: [{DEF85D2C-899E-4A87-956A-4DCD264D1569}] => (Allow) C:\Program Files (x86)\Setleaf\Application\chrome.exe
FirewallRules: [{CC214A2A-EF87-4DEB-85E4-6105A76592FF}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [TCP Query User{A5B942EB-C68B-4373-861D-0B56325E54BA}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{91E6C7FA-A6D6-48BE-BB7A-22134E7D365D}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{C4072852-896B-4147-BD16-1980C081AB32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe
FirewallRules: [{AC0F2770-611C-4FA0-AD2D-19243F768A79}] => (Allow) D:\Steam\steamapps\common\SnookerWorld\SNOK.exe
FirewallRules: [{20C81EF3-736D-4E96-8E4F-58D12F3F9BF4}] => (Allow) D:\Steam\steamapps\common\SnookerWorld\SNOK.exe
FirewallRules: [{4D1C0BF1-4FE2-4AFA-AE54-422AB77B2E68}] => (Allow) D:\Steam\steamapps\common\Pool Nation FX\PoolNationFX\Binaries\Win64\PoolNationFX.exe
FirewallRules: [{E3D20A05-6D7F-4CA2-AFAB-71230A3B389F}] => (Allow) D:\Steam\steamapps\common\Pool Nation FX\PoolNationFX\Binaries\Win64\PoolNationFX.exe
FirewallRules: [TCP Query User{842D7206-2586-46A3-9A35-6D8CA47FCD46}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{CBFC3790-C681-41E2-8521-DCBE1E25E4D9}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{5E3AD7F0-0CC8-4A65-94EB-2091F532C103}C:\programdata\oracle\java\javapath_target_865328546\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_865328546\java.exe
FirewallRules: [UDP Query User{8F603CA5-B668-49F4-B2E2-17A97DB924C7}C:\programdata\oracle\java\javapath_target_865328546\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_865328546\java.exe
FirewallRules: [{9A0622D8-4FD1-4024-811B-427ABF0755C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CE3E6C85-5168-4CD8-84D2-71F4EFB165FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{F236A0AC-29AF-40BE-9AC6-1848F25292DD}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{515501E1-B9E3-43B2-94C4-B70614DB071A}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9028A3F7-E846-43C5-A359-C3128B60BBE2}] => (Allow) D:\Steam\steamapps\common\The Crew\TheCrew.exe
FirewallRules: [{A9F400C8-8C0B-4ECA-AC9A-655402E91079}] => (Allow) D:\Steam\steamapps\common\The Crew\TheCrew.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2017 03:07:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x3668
Faulting application start time: 0x01d2ef465bd7ef8e
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 1a76d69d-9e54-4496-b996-ed322ddcdd4b
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x26bc
Faulting application start time: 0x01d2ef4657a7cee0
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: ccc9d4f8-b642-4695-8473-2f6e7e71732e
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:07:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x3700
Faulting application start time: 0x01d2ef46556d2980
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: aca4a1b1-64af-486a-bb03-859b3be1221b
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:07:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x18f8
Faulting application start time: 0x01d2ef46534a6a5f
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 26e19675-a0a9-462d-8cc9-fae6178a97d2
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:07:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x1b60
Faulting application start time: 0x01d2ef46512789ff
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: aa7be4b8-9558-4149-822e-74d3605d7496
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:07:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=5

Error: (06/27/2017 03:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Faulting module name: SearchUI.exe, version: 10.0.14393.953, time stamp: 0x58ba5a2f
Exception code: 0x80000003
Fault offset: 0x00000000001f672f
Faulting process id: 0x20a0
Faulting application start time: 0x01d2ef464d02bf17
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 4f10a2c7-ce84-44bd-bb2e-53a646e353e1
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (06/27/2017 03:05:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/27/2017 04:42:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2266

Error: (06/27/2017 04:42:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2266


System errors:
=============
Error: (06/27/2017 03:07:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/27/2017 04:42:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/27/2017 12:26:47 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (06/27/2017 12:26:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (06/27/2017 12:26:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

Error: (06/26/2017 10:43:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (06/26/2017 10:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (06/26/2017 10:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

Error: (06/26/2017 10:21:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2017 10:19:58 PM) (Source: DCOM) (EventID: 10010) (User: HENRIK)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2017-05-06 12:30:42.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-05-06 12:30:42.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-05-06 12:25:52.145
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-05-05 16:35:45.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 57%
Total physical RAM: 8086.01 MB
Available physical RAM: 3434.77 MB
Total Virtual: 15510.01 MB
Available Virtual: 10045.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:6.67 GB) NTFS
Drive d: (Programs) (Fixed) (Total:585.94 GB) (Free:235.4 GB) NTFS
Drive f: (Movies) (Fixed) (Total:1276.48 GB) (Free:541.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 0746030D)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 8FEB1950)

Partition: GPT.

==================== End of Addition.txt ============================

 

[HenrikNoVirus]

I've done multiple scans, saying my computer is clean, but I still lose internet connection every now and then. It happens only when I'm browsing the internet on Google Chrome. I haven't tried any other browsers, but I know there must be some solution for this!

 

[Broni]

Uninstall following unwanted program: AlphaGo.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Double click on downloaded setup.exe file to install the program.
• Click on Start Scan button.
• Click on another Start Scan button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

• Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
• Then click Finish.
• Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
• If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
• When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
• Restart your computer when prompted to do so.
• The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• The tool will start to update the database if one is required.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Logfile button.
• A window will open which lists the logs of your scans.
• Click on the Scan tab.
• Double-click the most recent scan which will be at the top of the list....the log will appear.
• Review the results...see note below
• After reviewing the log, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
• To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
• Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
• A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[HenrikNoVirus]

RogueKiller V12.11.4.0 (x64) [Jun 26 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Henrik [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 07/01/2017 12:33:29 (Duration : 00:27:09)
Switches : -refid

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUP.Ghokswa] (X86) HKEY_LOCAL_MACHINE\Software\Firefox -> Deleted
[PUP.Ghokswa] (X64) HKEY_USERS\S-1-5-21-2799272097-1707510344-1613828314-1001\Software\Firefox -> Deleted
[PUP.Ghokswa] (X86) HKEY_USERS\S-1-5-21-2799272097-1707510344-1613828314-1001\Software\Firefox -> Deleted
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{AA565851-2CB2-47B7-BC07-7550E3C1773B}D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe|Name=ableton live 9 lite|Desc=ableton live 9 lite|Defer=User| [7] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{2FF83968-4EAE-4324-8330-0F275750DC44}D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe|Name=ableton live 9 lite|Desc=ableton live 9 lite|Defer=User| [7] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{084CF1B5-88BF-4871-AEC2-F48929E535D2}C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe|Name=??????|Desc=??????|Defer=User| [x] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{024458A8-0342-40DD-A88F-FE6373E1CB34}C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\henrik\appdata\local\temp\rar$exa0.349\airplayer\airplayer.exe|Name=??????|Desc=??????|Defer=User| [x] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{BB6B96A1-18C1-4E37-8F34-00A576BFCF72}C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe|Name=??????|Desc=??????|Defer=User| [x] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{FD1BDEE1-8B68-4CD0-8D72-7CA1B96CF4AC}C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\henrik\appdata\local\temp\rar$exa0.321\airplayer\airplayer.exe|Name=??????|Desc=??????|Defer=User| [x] -> Not selected
[Adw.FakeBro] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DEF85D2C-899E-4A87-956A-4DCD264D1569} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Setleaf\Application\chrome.exe|Name=Chrome browser| [x] -> Deleted
[PUP.Ghokswa] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CC214A2A-EF87-4DEB-85E4-6105A76592FF} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Firefox\Firefox.exe|Name=Firefox browser| [x] -> Not selected
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 4 ¤¤¤
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\oas_sert.cer -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\tap0901.cer -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP1\devcon.exe -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP1\OemVista.inf -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP1\ptun0901.cat -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP1\ptun0901.sys -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto\bin\driver\x64TAP1 -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP2\devcon.exe -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP2\tapoas.cat -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP2\tapoas.inf -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64TAP2\tapoas.sys -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto\bin\driver\x64TAP2 -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64WDV\FakeClient.exe -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64WDV\WdfCoInstaller01009.dll -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.dll -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.inf -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\driver\x64WDV\WinDivert.sys -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto\bin\driver\x64WDV -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto\bin\driver -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\KMSSS.exe -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\KMSSS.log -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\TunMirror.exe -> Deleted
[PUP.HackTool][File] C:\ProgramData\KMSAuto\bin\TunMirror2.exe -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto\bin -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\1kbk0vul.l50 -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\2b3qpvrm.dm1 -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\3amqitxj.3um -> Deleted
[PUP.Gen1][File] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\DownloadDrivers.data -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\fa3hzg0i.ncy -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\gmyfuowp.xr5 -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\injptkum.enk -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\ss33ojau.azb -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\y10jhv3z.tdc -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers\zgk0lwv2.hpi -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\drivers -> Deleted
[PUP.Gen1][File] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\partner.xml -> Deleted
[PUP.Gen1][File] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator\settings.dat -> Deleted
[PUP.Gen1][Folder] C:\Users\Henrik\AppData\Roaming\Easeware\DriverNavigator -> Deleted
[Tr.Gen0][File] C:\Users\Henrik\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe -> Deleted
[PUP.HackTool][Folder] C:\ProgramData\KMSAuto -> ERROR [3]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.SearchPage][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.keyword [mystarting123] -> Deleted
[PUP.Gen1][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.url [http://www.mystarting123.com/search/index.php?z=b8369154f57a2b0d9f302c3g0z7t4w6q1cdwae1g7c&q={searchTerms}] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 Series +++++
--- User ---
[MBR] e85f4e50a29013b38584758fb4d1de6c
[BSP] db2fc2f19a7cf28b5029ea56f2c361de : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 450 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 923648 | Size: 100 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1128448 | Size: 16 MB
3 - Basic data partition | Offset (sectors): 1161216 | Size: 113906 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST2000DM001-1CH164 +++++
--- User ---
[MBR] d6ac5c171e4989769617b6ccedfc40ee
[BSP] bdcfe4aca00403777ed1cb4f8fb06a40 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1230848 | Size: 16 MB
1 - Basic data partition | Offset (sectors): 1263616 | Size: 600000 MB
2 - Basic data partition | Offset (sectors): 1230063616 | Size: 1307112 MB
User = LL1 ... OK
User = LL2 ... OK

 

[HenrikNoVirus]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/30/17
Scan Time: 2:59 AM
Log File: malware.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2258
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 472375
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 7 min, 3 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

[HenrikNoVirus]

# AdwCleaner v6.047 - Logfile created 01/07/2017 at 13:23:11
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Server]
# Operating System : Windows 10 Enterprise (X64)
# Username : Henrik - HENRIK
# Running from : C:\Users\Henrik\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****

[-] File deleted: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File deleted: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****

[-] [C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Deleted: hxxp://www.startpageing123.com/searchfavicon.ico


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2008 Bytes] - [30/10/2016 16:38:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [4165 Bytes] - [22/03/2017 22:11:48]
C:\AdwCleaner\AdwCleaner[C3].txt - [4272 Bytes] - [18/06/2017 20:41:26]
C:\AdwCleaner\AdwCleaner[C4].txt - [1576 Bytes] - [27/06/2017 16:47:15]
C:\AdwCleaner\AdwCleaner[C5].txt - [1487 Bytes] - [01/07/2017 13:23:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [2397 Bytes] - [30/10/2016 16:34:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [3975 Bytes] - [22/03/2017 22:01:37]
C:\AdwCleaner\AdwCleaner[S2].txt - [4229 Bytes] - [18/06/2017 20:39:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [1936 Bytes] - [27/06/2017 16:46:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [2327 Bytes] - [01/07/2017 13:19:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1925 Bytes] ##########

 

[HenrikNoVirus]

Don't mind this post, I accidentally posted the same log twice
I guess I'll take this moment to say how grateful I am for what you're doing! love that this is free, and how helpful and supportive you are!!

 

[HenrikNoVirus]

# AdwCleaner v6.047 - Logfile created 01/07/2017 at 13:19:51
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Server]
# Operating System : Windows 10 Enterprise (X64)
# Username : Henrik - HENRIK
# Running from : C:\Users\Henrik\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

File Found: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Secure Preferences] - hxxp://www.startpageing123.com/searchfavicon.ico

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]


*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2008 Bytes] - [30/10/2016 16:38:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [4165 Bytes] - [22/03/2017 22:11:48]
C:\AdwCleaner\AdwCleaner[C3].txt - [4272 Bytes] - [18/06/2017 20:41:26]
C:\AdwCleaner\AdwCleaner[C4].txt - [1576 Bytes] - [27/06/2017 16:47:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [2397 Bytes] - [30/10/2016 16:34:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [3975 Bytes] - [22/03/2017 22:01:37]
C:\AdwCleaner\AdwCleaner[S2].txt - [4229 Bytes] - [18/06/2017 20:39:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [1936 Bytes] - [27/06/2017 16:46:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [2175 Bytes] - [01/07/2017 13:19:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2248 Bytes] ##########

 

[HenrikNoVirus]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Enterprise x64
Ran by Henrik (Administrator) on 01.07.2017 at 13.52.53,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\Henrik\AppData\Roaming\speedrunnerslog.txt (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.07.2017 at 13.53.53,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[HenrikNoVirus]

I got this error while trying to search "cute dog" on my browser / google.
I can't go to any webpage except from this one, I believe. I'll take a screenshot and extract it over to my laptop and post it here

NOTE: this is after I did all the scans. Should I reinstall Google Chrome?

 

[HenrikNoVirus]

UPDATE: I just turned my computer off and back on, and I can go to webpages and all that now.
It seems like the "startpageing123" search engine is gone for now, so that's great!
I just did "restore to defaults" on Google Chrome now, but I think I should re-install it as well, just to stay on the safe side!

I'll keep updating you regards my computer

 

[HenrikNoVirus]

Regarding* lol

 

[Broni]

If Chrome is OK I would leave it alone.

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double click to run it.
• Make sure you checkmark Addition.txt box.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

 

[HenrikNoVirus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by Henrik (administrator) on HENRIK (02-07-2017 15:18:44)
Running from C:\Users\Henrik\Desktop
Loaded Profiles: Henrik (Available Profiles: Henrik)
Platform: Windows 10 Enterprise Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Scarlet.Crush Productions) D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Scarlet.Crush Productions) D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Greenshot)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-04] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-06-30] (COMODO)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Spotify Web Helper] => C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Spotify] => C:\Users\Henrik\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Discord] => C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Run: [Reflector2] => [X]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-04] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk [2017-06-15]
ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2017-06-15]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-15]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.247.114.4 92.220.228.70
Tcpip\..\Interfaces\{37330187-6ff4-4ef2-8217-dfdbaa4c78c1}: [DhcpNameServer] 109.247.114.4 92.220.228.70
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-04] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001 -> hxxp://www.google.com

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-07-02] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-12]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-05-11]
CHR Extension: (Google Docs) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-12]
CHR Extension: (Google Drive) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-13]
CHR Extension: (YouTube) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-12]
CHR Extension: (Avast Passwords) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-04-03]
CHR Extension: (Avast SafePrice) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-15]
CHR Extension: (Google Sheets) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-13]
CHR Extension: (AdBlock) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-26]
CHR Extension: (Avast Online Security) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-12]
CHR Extension: (Chrome Media Router) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29]
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-26]
CHR Extension: (Google Slides) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-27]
CHR Extension: (Google Docs) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-27]
CHR Extension: (Google Drive) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]
CHR Extension: (YouTube) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-17]
CHR Extension: (Google Sheets) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-28]
CHR Extension: (Avast Online Security) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-27]
CHR Extension: (Gmail) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR Profile: C:\Users\Henrik\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-04] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-05-30] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-06-04] (Microsoft Corporation)
R2 Ds3Service; D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-09] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-06-30] (COMODO)
R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [1102848 2012-03-26] (Atheros Communications, Inc.) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-25] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-25] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [File not signed]
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [307928 2013-11-11] ()
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S3 WsDrvInst; "D:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Alpham1; C:\WINDOWS\System32\drivers\Alpham164.sys [52992 2016-10-12] (Ideazon Corporation)
R3 Alpham2; C:\WINDOWS\System32\drivers\Alpham264.sys [21760 2016-10-12] (Ideazon Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-04] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-04] (AVAST Software)
R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R3 automap; C:\WINDOWS\system32\DRIVERS\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
R3 camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [139264 2012-10-17] (Guillemot Corporation)
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2818168 2016-06-22] (C-Media Inc)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-16] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\system32\DRIVERS\dtliteusbbus.sys [47672 2017-01-16] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-10-12] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2017-06-08] (hxxp://libusb-win32.sourceforge.net)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-02] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-02] (Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 OM0530; C:\WINDOWS\System32\Drivers\ov530vx.sys [172928 2012-10-17] (OmniVision Technology Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45896 2017-05-10] (SteelSeries ApS)
S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-11-25] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-04-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-04-08] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

[HenrikNoVirus]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 15:18 - 2017-07-02 15:19 - 00030525 _____ C:\Users\Henrik\Desktop\FRST.txt
2017-07-02 15:18 - 2017-07-02 15:18 - 02440704 _____ (Farbar) C:\Users\Henrik\Desktop\FRST64.exe
2017-07-02 15:18 - 2017-07-02 15:18 - 00000000 ____D C:\Users\Henrik\Desktop\FRST-OlderVersion
2017-07-02 15:18 - 2017-07-02 15:18 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-02 15:06 - 2017-06-15 23:12 - 00002256 _____ C:\Users\Henrik\Desktop\Discord.lnk
2017-07-01 17:10 - 2017-07-01 18:11 - 00003138 _____ C:\Users\Henrik\AppData\Roaming\SpeedRunnersLog.txt
2017-07-01 16:04 - 2017-07-01 16:04 - 00000000 _____ C:\Users\Henrik\Desktop\Do Not Disturb.txt
2017-07-01 14:31 - 2017-07-01 14:31 - 00000000 ____D C:\WINDOWS\Panther
2017-07-01 13:29 - 2017-07-01 13:29 - 01663672 _____ (Malwarebytes) C:\Users\Henrik\Downloads\JRT (1).exe
2017-07-01 13:23 - 2017-07-01 13:23 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\22344623.sys
2017-07-01 13:17 - 2017-07-01 13:17 - 04110280 _____ C:\Users\Henrik\Downloads\AdwCleaner.exe
2017-07-01 13:06 - 2017-07-01 13:07 - 65033984 _____ (Malwarebytes ) C:\Users\Henrik\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-01 12:33 - 2017-07-01 12:33 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-07-01 12:31 - 2017-07-01 13:05 - 00000000 ____D C:\ProgramData\RogueKiller
2017-07-01 12:31 - 2017-07-01 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-07-01 12:31 - 2017-07-01 12:31 - 00000000 ____D C:\Program Files\RogueKiller
2017-07-01 12:30 - 2017-07-01 12:31 - 35489760 _____ (Adlice Software ) C:\Users\Henrik\Downloads\RogueKiller_setup_ref3.exe
2017-07-01 12:01 - 2017-07-01 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2017-06-30 15:07 - 2017-06-30 15:07 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign948d63795dfd4d29
2017-06-30 14:53 - 2017-06-30 14:53 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign9a304240bec838d5
2017-06-30 14:27 - 2017-06-30 14:27 - 00150937 _____ C:\Users\Henrik\Downloads\SC BANNER TEMPLATE.rar
2017-06-30 14:23 - 2017-06-30 14:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsignd7c39f2bafba4e4c
2017-06-30 14:23 - 2017-06-30 14:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign47d2e83e48042a91
2017-06-30 14:23 - 2017-06-30 14:18 - 00001085 _____ C:\Users\Henrik\Desktop\Adobe Photoshop CC 2017.lnk
2017-06-30 14:18 - 2017-06-30 14:18 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-06-30 13:55 - 2017-06-30 14:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-06-30 13:46 - 2017-06-30 13:46 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-29 23:12 - 2017-06-29 23:12 - 00000000 ____D C:\Users\Henrik\Documents\SavedGames
2017-06-29 23:12 - 2017-06-29 23:12 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\discordsdk
2017-06-29 23:11 - 2017-06-29 23:11 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-06-29 22:16 - 2017-06-29 22:16 - 00000222 _____ C:\Users\Henrik\Desktop\SpeedRunners.url
2017-06-29 15:20 - 2017-06-29 15:20 - 03468653 _____ C:\Users\Henrik\Downloads\Adobe Photoshop CC 2017.rar
2017-06-28 18:59 - 2017-06-28 18:59 - 00294868 _____ C:\Users\Henrik\Desktop\rainymood.flp
2017-06-28 14:36 - 2017-06-29 22:13 - 02727228 _____ C:\Users\Henrik\Desktop\space.flp
2017-06-28 00:54 - 2017-06-28 00:54 - 00047291 _____ C:\WINDOWS\Cmicnfgp.ini.cfl
2017-06-28 00:54 - 2017-06-28 00:54 - 00000937 _____ C:\WINDOWS\Cmicnfgp.ini.imi
2017-06-28 00:54 - 2017-06-28 00:54 - 00000876 _____ C:\WINDOWS\system\Cmicnfgp.ini
2017-06-28 00:54 - 2017-06-28 00:54 - 00000132 _____ C:\WINDOWS\system\Dlap.pfx
2017-06-28 00:54 - 2017-06-28 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNi Xonar Audio
2017-06-28 00:54 - 2017-01-25 14:36 - 00005601 ____N C:\WINDOWS\Cmicnfgp.ini.cfg
2017-06-28 00:54 - 2016-06-29 15:10 - 08048640 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CmiCnfgp.dll
2017-06-28 00:54 - 2016-06-22 10:39 - 02818168 _____ (C-Media Inc) C:\WINDOWS\system32\Drivers\cmudaxp.sys
2017-06-28 00:54 - 2016-06-22 10:39 - 00315392 _____ (C-Media Electronics Inc.) C:\WINDOWS\SysWOW64\CmiFltr.dll
2017-06-28 00:54 - 2016-06-22 10:39 - 00315392 _____ (C-Media Electronics Inc.) C:\WINDOWS\system\CmiFltr.dll
2017-06-28 00:54 - 2016-06-22 10:39 - 00032768 _____ (C-Media Electronics Inc.) C:\WINDOWS\system32\cmudaxp.dll
2017-06-28 00:54 - 2016-05-31 14:37 - 00197120 ____N C:\WINDOWS\SysWOW64\Recorder.exe
2017-06-28 00:54 - 2015-09-28 00:21 - 00007756 ____N C:\WINDOWS\cmudaxp_STXII.ini
2017-06-28 00:54 - 2015-09-28 00:21 - 00007756 ____N C:\WINDOWS\cmudaxp.ini
2017-06-28 00:54 - 2015-08-25 08:36 - 00835072 ____N C:\WINDOWS\system32\Cmeauoxy.exe
2017-06-28 00:54 - 2013-10-16 10:55 - 00143360 ____N C:\WINDOWS\SysWOW64\VmixP8.dll
2017-06-28 00:54 - 2012-10-05 09:37 - 00465408 ____N (C-Media Electronics Inc.) C:\WINDOWS\system32\cmasiopx.dll
2017-06-28 00:54 - 2012-10-05 09:37 - 00303104 ____N (C-Media Electronics Inc.) C:\WINDOWS\SysWOW64\cmasiop.dll
2017-06-28 00:54 - 2012-09-16 22:23 - 00293376 ____N C:\WINDOWS\system32\CmiCnfgP.cpl
2017-06-28 00:54 - 2012-01-06 09:30 - 00212992 ____N (C-Media Electronics Inc.) C:\WINDOWS\SysWOW64\HsSrv2.dll
2017-06-28 00:54 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\WINDOWS\system\HsSrv642.dll
2017-06-28 00:54 - 2012-01-06 09:30 - 00122880 ____N (C-Media Electronics Inc.) C:\WINDOWS\system\HsSrv64.dll
2017-06-28 00:54 - 2010-07-15 16:12 - 00000062 ____N C:\WINDOWS\system32\cmasiopx.ini
2017-06-28 00:54 - 2010-07-15 16:12 - 00000057 ____N C:\WINDOWS\SysWOW64\cmasiop.ini
2017-06-28 00:54 - 2008-07-11 15:04 - 00200704 ____N C:\WINDOWS\SysWOW64\HsMgr.exe
2017-06-28 00:54 - 2008-07-11 15:03 - 00282112 ____N C:\WINDOWS\system\HsMgr64.exe
2017-06-28 00:54 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\WINDOWS\SysWOW64\Cm_Oal.dll
2017-06-28 00:54 - 2007-12-13 17:12 - 00122880 ____N (CMedia Electronics Inc.) C:\WINDOWS\system32\Cm_Oal.dll
2017-06-28 00:54 - 2006-09-13 10:21 - 00200704 ____N (C-Media) C:\WINDOWS\SysWOW64\Cmpaoxy.dll
2017-06-27 22:53 - 2017-06-27 22:53 - 00003276 _____ C:\WINDOWS\System32\Tasks\{FABCE8F1-8E41-4840-92EB-4030CCDC30E5}
2017-06-27 22:53 - 2017-06-27 22:53 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2017-06-27 22:42 - 2017-06-27 22:43 - 08468608 _____ (CarvedInside ) C:\Users\Henrik\Downloads\UNi-Xonar-W10-1825-v1.81a-r2.exe
2017-06-27 22:40 - 2017-06-27 22:41 - 22808626 _____ C:\Users\Henrik\Downloads\Xonar_D2-PM81731_RC01_XP_beta.zip
2017-06-27 16:49 - 2017-06-29 15:38 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Comodo
2017-06-27 16:34 - 2017-06-27 16:34 - 00000000 ____D C:\Users\Henrik\AppData\Local\AdAwareDesktop
2017-06-27 16:28 - 2017-06-27 16:28 - 00000000 ____D C:\Users\Henrik\AppData\Local\AdAwareUpdater
2017-06-27 16:27 - 2017-06-27 16:44 - 04110280 _____ C:\Users\Henrik\Downloads\adwcleaner_6.047 (1).exe
2017-06-27 16:27 - 2017-06-27 16:27 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-06-27 16:25 - 2017-06-27 16:26 - 02558896 _____ C:\Users\Henrik\Downloads\Adaware_Installer.exe
2017-06-27 16:10 - 2017-06-30 09:11 - 00257064 _____ (COMODO) C:\WINDOWS\system32\iseguard64.dll
2017-06-27 16:10 - 2017-06-30 09:11 - 00206048 _____ (COMODO) C:\WINDOWS\SysWOW64\iseguard32.dll
2017-06-27 16:10 - 2017-03-29 23:49 - 00062208 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-06-27 16:06 - 2017-06-29 15:39 - 00000000 ____D C:\Program Files (x86)\Comodo
2017-06-27 16:06 - 2017-06-27 16:06 - 00000000 ____D C:\Users\Henrik\AppData\Local\Comodo
2017-06-27 16:04 - 2017-06-27 16:23 - 03146880 _____ (ESET) C:\Users\Henrik\Downloads\eset_internet_security_live_installer.exe
2017-06-27 16:02 - 2017-06-27 16:13 - 00380928 _____ C:\Users\Henrik\Downloads\lg6yt776.exe
2017-06-27 15:47 - 2017-07-01 12:01 - 00000000 ____D C:\ProgramData\Comodo
2017-06-27 15:15 - 2017-06-27 15:15 - 00068268 _____ C:\Users\Henrik\Downloads\Addition.txt
2017-06-27 15:14 - 2017-07-02 15:18 - 00000000 ____D C:\FRST
2017-06-27 15:14 - 2017-06-27 15:15 - 00068826 _____ C:\Users\Henrik\Downloads\FRST.txt
2017-06-27 01:29 - 2017-06-27 01:30 - 35489760 _____ (Adlice Software ) C:\Users\Henrik\Downloads\RogueKiller_setup.exe
2017-06-27 01:28 - 2017-06-27 15:47 - 05365336 _____ (COMODO) C:\Users\Henrik\Downloads\cispremium_installer.exe
2017-06-27 01:28 - 2017-06-27 15:14 - 02441216 _____ (Farbar) C:\Users\Henrik\Downloads\FRST64.exe
2017-06-26 22:04 - 2017-06-27 00:22 - 00000000 ____D C:\Users\Henrik\Documents\ProfileCache
2017-06-26 22:04 - 2017-06-27 00:10 - 00000000 ____D C:\Users\Henrik\Documents\The Crew
2017-06-26 22:01 - 2017-06-26 22:01 - 00000000 ____D C:\Users\Henrik\AppData\Local\Ubisoft
2017-06-26 20:32 - 2017-06-27 01:52 - 00000000 ____D C:\Users\Henrik\Desktop\SLAM_v1.5.0
2017-06-26 20:32 - 2017-06-26 20:32 - 00428153 _____ C:\Users\Henrik\Downloads\SLAM_v1.5.0.zip
2017-06-26 20:17 - 2017-06-26 20:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsigned95b6f2d1b211c2
2017-06-26 19:56 - 2017-06-26 19:56 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsignc2e65c25b1a84bb4
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsigna191f7155c7d6bd2
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign678c5de269c56621
2017-06-26 19:20 - 2017-06-26 19:20 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign181fb23a8a2d00b6
2017-06-26 00:05 - 2017-06-26 00:05 - 03089601 _____ C:\Users\Henrik\Downloads\soundeffects.zip
2017-06-25 19:41 - 2017-06-25 19:41 - 00000222 _____ C:\Users\Henrik\Desktop\The Crew.url
2017-06-25 19:10 - 2017-06-25 19:10 - 54854408 _____ (Electronic Arts) C:\Users\Henrik\Downloads\OriginThinSetup (1).exe
2017-06-25 16:45 - 2017-06-25 16:45 - 00014184 _____ C:\Users\Henrik\Downloads\The Emotions - Best of My Love - Part_2.wav
2017-06-25 16:41 - 2017-06-25 16:41 - 00048960 _____ C:\Users\Henrik\Downloads\The Emotions - Best of My Love - Part_1.wav
2017-06-25 00:23 - 2017-06-25 00:32 - 690662708 _____ C:\Users\Henrik\Downloads\CSS_Content_Addon_(Dec2013).rar
2017-06-24 23:54 - 2017-06-24 23:54 - 00000220 _____ C:\Users\Henrik\Desktop\Garry's Mod.url
2017-06-24 15:46 - 2017-06-24 15:46 - 00037830 _____ C:\Users\Henrik\Downloads\mod_chatBubbles-1.0.1c_for_1.10.0.litemod
2017-06-24 15:46 - 2017-06-24 15:46 - 00037830 _____ C:\Users\Henrik\Downloads\mod_chatBubbles-1.0.1c_for_1.10.0 (1).litemod
2017-06-24 15:43 - 2017-06-24 15:43 - 00093431 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.11.2_00_lite_mc1.11.2.litemod
2017-06-24 15:43 - 2017-06-24 15:43 - 00093406 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.10_00_lite_mc1.10 (1).litemod
2017-06-24 15:42 - 2017-06-24 15:43 - 03999694 _____ () C:\Users\Henrik\Downloads\liteloader-installer-1.10.2-00 (1).exe
2017-06-24 15:26 - 2017-06-24 15:26 - 04612343 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2185-installer-win (1).exe
2017-06-24 15:23 - 2017-06-24 15:23 - 01464826 _____ C:\Users\Henrik\Downloads\worldedit-forge-mc1.10.2-6.1.4-dist (1).jar
2017-06-23 13:53 - 2017-06-23 13:53 - 03999694 _____ () C:\Users\Henrik\Downloads\liteloader-installer-1.10.2-00.exe
2017-06-23 13:50 - 2017-06-23 13:50 - 00093406 _____ C:\Users\Henrik\Downloads\mod_worldeditcui_1.10_00_lite_mc1.10.litemod
2017-06-23 13:03 - 2017-06-23 13:03 - 01464826 _____ C:\Users\Henrik\Downloads\worldedit-forge-mc1.10.2-6.1.4-dist.jar
2017-06-22 20:48 - 2017-06-22 20:48 - 00000219 _____ C:\Users\Henrik\Desktop\Counter-Strike Global Offensive.url
2017-06-22 15:54 - 2017-06-22 15:54 - 04175190 _____ C:\Users\Henrik\Downloads\Bro Beatz - Free Midi & Drumkit.zip
2017-06-21 21:14 - 2017-06-21 21:36 - 00000000 ____D C:\Users\Henrik\Desktop\test
2017-06-21 20:44 - 2017-06-21 20:44 - 05614948 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.8.1-1.10.2.zip
2017-06-21 20:12 - 2017-06-21 20:12 - 04601566 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2254-installer.jar
2017-06-21 20:09 - 2017-06-21 20:09 - 00011256 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.3.0 (1).jar
2017-06-21 20:08 - 2017-06-21 20:08 - 17669841 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2254-5.2.0-BETA-2241.jar
2017-06-21 20:04 - 2017-06-21 20:06 - 192107834 _____ C:\Users\Henrik\Downloads\FTBBeyondServer_1.2.1.zip
2017-06-21 20:00 - 2017-06-21 20:02 - 67424751 _____ C:\Users\Henrik\Downloads\libraries.zip
2017-06-21 20:00 - 2017-06-21 20:00 - 10514583 _____ C:\Users\Henrik\Downloads\Thermos-1.7.10-1614-server.jar
2017-06-21 19:42 - 2017-06-21 19:42 - 05252896 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.4.2-1.10.2 (1).zip
2017-06-21 19:00 - 2017-06-21 19:00 - 04607192 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2281-installer.jar
2017-06-21 18:59 - 2017-06-21 18:59 - 04464494 _____ C:\Users\Henrik\Downloads\forge-1.11.2-13.20.0.2228-installer-win.exe
2017-06-21 18:21 - 2017-06-21 18:21 - 04612343 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2017-06-21 18:20 - 2017-06-21 18:20 - 17687869 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2401 (1).jar
2017-06-21 17:28 - 2017-06-21 17:28 - 00000000 ____D C:\WINDOWS\system32\libraries
2017-06-21 00:11 - 2017-06-21 00:11 - 00011252 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.2.0 (1).jar
2017-06-20 22:38 - 2017-06-20 22:38 - 07082664 _____ (Tim Kosse) C:\Users\Henrik\Downloads\FileZilla_3.26.2_win64-setup_bundled2.exe
2017-06-20 22:18 - 2017-06-20 22:18 - 04615458 _____ C:\Users\Henrik\Downloads\forge-1.10.2-12.18.3.2316-installer.jar
2017-06-20 22:15 - 2017-06-20 22:15 - 00011256 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.3.0.jar
2017-06-20 22:11 - 2017-06-20 22:11 - 00011252 _____ C:\Users\Henrik\Downloads\SpongeBootstrap-0.2.0.jar
2017-06-20 22:08 - 2017-06-20 22:10 - 17687869 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2401.jar
2017-06-20 22:02 - 2017-06-20 22:04 - 209193509 _____ C:\Users\Henrik\Downloads\FTBBeyondServer_1.9.0.zip
2017-06-20 21:57 - 2017-06-20 21:57 - 06030951 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.9.0-1.10.2.zip
2017-06-20 21:55 - 2017-06-20 21:55 - 17687055 _____ C:\Users\Henrik\Downloads\spongeforge-1.10.2-2281-5.2.0-BETA-2394.jar
2017-06-20 21:49 - 2017-07-02 15:05 - 00000000 ____D C:\Users\Henrik\AppData\Local\LogMeIn Hamachi
2017-06-20 21:49 - 2017-06-20 21:49 - 05252896 _____ C:\Users\Henrik\Downloads\FTBBeyond-1.4.2-1.10.2.zip
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\Users\Henrik\AppData\Local\LogMeIn
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\ProgramData\LogMeIn
2017-06-20 21:49 - 2017-06-20 21:49 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-06-20 21:48 - 2017-07-02 14:36 - 00000176 _____ C:\Users\Henrik\BullseyeCoverageError.txt
2017-06-20 21:48 - 2017-06-20 21:48 - 10412032 _____ C:\Users\Henrik\Downloads\hamachi.msi
2017-06-20 16:51 - 2017-06-20 17:21 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\streamlabels
2017-06-20 16:51 - 2017-06-20 16:51 - 65472440 _____ (Streamlabs) C:\Users\Henrik\Downloads\streamlabels+setup.exe
2017-06-20 16:51 - 2017-06-20 16:51 - 00002392 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk
2017-06-20 16:51 - 2017-06-20 16:51 - 00002384 _____ C:\Users\Henrik\Desktop\StreamLabels.lnk
2017-06-20 16:01 - 2017-06-20 16:01 - 09025046 _____ C:\Users\Henrik\Downloads\ezgif.com-video-to-gif.mp4
2017-06-20 15:17 - 2017-06-20 15:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign371eb794bd092be1
2017-06-20 15:17 - 2017-06-20 15:17 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign0feb01170e6e6ee9
2017-06-20 15:05 - 2017-06-20 15:05 - 50246985 _____ C:\Users\Henrik\Downloads\Filthy Frank Its time to stop full template.mp4
2017-06-20 14:43 - 2017-06-20 14:46 - 90894256 _____ C:\Users\Henrik\Downloads\OBS-Studio-0.14.1-With-Browser-Installer.exe
2017-06-20 14:03 - 2017-06-20 14:03 - 00000000 ____D C:\Users\Henrik\EyeToy64
2017-06-20 14:01 - 2017-06-20 14:01 - 03624130 _____ C:\Users\Henrik\Downloads\Eyetoy Logitech and Namti Drivers x64 Windows 7.zip
2017-06-20 14:01 - 2017-06-20 14:01 - 00305917 _____ C:\Users\Henrik\Downloads\EyeToy64.zip
2017-06-20 14:01 - 2017-06-20 14:01 - 00305917 _____ C:\Users\Henrik\Downloads\EyeToy64 (1).zip
2017-06-20 13:44 - 2017-06-20 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2017-06-20 13:41 - 2017-06-20 13:41 - 67807452 _____ C:\Users\Henrik\Downloads\ManyCam_5.5+Crack.rar
2017-06-19 18:54 - 2017-06-19 18:54 - 00137113 _____ C:\Users\Henrik\Downloads\Orientering om retten til å klage på karakterer.pdf
2017-06-18 20:50 - 2017-06-18 20:50 - 06504360 _____ (SosVirus) C:\Users\Henrik\Downloads\adsfix_4_18.06.17.5.exe
2017-06-18 20:48 - 2017-07-01 14:31 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-18 20:47 - 2017-07-02 14:18 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-18 20:47 - 2017-07-01 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-18 20:47 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-18 20:47 - 2017-06-18 20:47 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-18 20:46 - 2017-06-18 20:47 - 64232976 _____ (Malwarebytes ) C:\Users\Henrik\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-18 20:39 - 2017-06-18 21:05 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Henrik\Downloads\rkill_2.8.4.0.exe
2017-06-18 20:38 - 2017-06-18 20:38 - 04110280 _____ C:\Users\Henrik\Downloads\adwcleaner_6.047.exe
2017-06-15 23:27 - 2017-06-15 23:33 - 10451640 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\HitmanPro x86.exe
2017-06-15 23:26 - 2017-06-15 23:32 - 13310864 _____ (MEGA Limited) C:\Users\Henrik\Downloads\MEGAsyncSetup.exe
2017-06-15 23:21 - 2017-06-15 23:21 - 11584088 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\HitmanPro_x64 (2).exe
2017-06-15 23:14 - 2017-06-15 23:15 - 11584088 _____ (SurfRight B.V.) C:\Users\Henrik\Downloads\hitmanpro_x64 (1).exe
2017-06-15 14:44 - 2017-06-15 14:45 - 53019913 _____ C:\Users\Henrik\Downloads\SnailsHousePixelGalaxy DTRemake.zip
2017-06-13 17:31 - 2017-06-13 17:31 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3 (2)
2017-06-13 17:31 - 2017-06-13 17:31 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3 (1)
2017-06-10 18:24 - 2017-06-10 18:24 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsignf8d9d52e7cb458e8
2017-06-10 18:24 - 2017-06-10 18:24 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign2ba83088af4b2ab9
2017-06-10 18:23 - 2017-06-10 18:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\Tempzxpsign2405b4dd70ca57a1
2017-06-10 02:23 - 2017-07-01 03:00 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\obs-studio
2017-06-10 02:23 - 2017-06-15 23:12 - 00001279 _____ C:\Users\Henrik\Desktop\OBS Studio.lnk
2017-06-10 02:23 - 2017-06-10 02:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-10 02:22 - 2017-06-10 02:22 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-06-10 02:21 - 2017-06-10 02:22 - 113227632 _____ (obsproject.com) C:\Users\Henrik\Downloads\OBS-Studio-19.0.2-Full-Installer.exe
2017-06-08 23:28 - 2017-06-08 23:28 - 00962440 _____ C:\Users\Henrik\Downloads\Cinematic and Emotional Background Music For Documentaries - Part_2.wav
2017-06-08 23:28 - 2017-06-08 23:28 - 00962440 _____ C:\Users\Henrik\Downloads\Cinematic and Emotional Background Music For Documentaries - Part_1.wav
2017-06-08 20:19 - 2017-06-08 20:20 - 201330037 _____ C:\Users\Henrik\Downloads\SAY LESS_grouped stems.zip
2017-06-08 17:23 - 2017-06-08 17:23 - 00000000 ____D C:\Users\Henrik\AppData\Local\PoolNationFX
2017-06-08 16:48 - 2017-06-08 16:48 - 00000222 _____ C:\Users\Henrik\Desktop\Pool Nation FX.url
2017-06-08 15:16 - 2017-06-08 15:16 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusbK.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusbK.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
2017-06-08 15:16 - 2017-06-08 15:16 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusbK.sys
2017-06-08 15:12 - 2017-06-08 15:12 - 50449456 _____ (Microsoft Corporation) C:\Users\Henrik\Downloads\dotNetFx40_Full_x86_x64.exe
2017-06-07 16:46 - 2017-06-07 16:46 - 00003362 _____ C:\WINDOWS\System32\Tasks\{5236BE84-80C8-4CD2-9A99-5D86B2299762}
2017-06-07 16:45 - 2017-06-07 16:45 - 04895872 _____ C:\Users\Henrik\Downloads\cnltf_a380_12510928.zip
2017-06-07 16:44 - 2017-06-07 16:44 - 02458632 _____ (Megaify Software ) C:\Users\Henrik\Downloads\DriverToolkitInstaller (4).exe
2017-06-07 16:29 - 2017-06-07 16:30 - 00420644 _____ (Novation DMS Ltd. ) C:\Users\Henrik\Downloads\novation-usb-driver-2.7.exe
2017-06-07 16:17 - 2017-06-07 16:17 - 00452243 _____ (Novation DMS Ltd. ) C:\Users\Henrik\Downloads\novation-usb-driver-2.6 (1).exe
2017-06-07 16:02 - 2017-06-07 16:02 - 01633664 _____ (Novation ) C:\Users\Henrik\Downloads\bassstation-2.1.exe
2017-06-07 16:01 - 2017-06-07 16:03 - 28531792 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\Henrik\Downloads\automap4-4.10 (2).exe
2017-06-07 15:57 - 2017-06-07 16:06 - 922233412 _____ C:\Users\Henrik\Downloads\Unconfirmed 509119.crdownload
2017-06-06 19:52 - 2017-06-06 19:52 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 14:07 - 2017-06-06 14:07 - 00257632 _____ C:\Users\Henrik\Downloads\avslutning-vg3
2017-06-05 01:55 - 2017-06-05 01:57 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-06-05 01:55 - 2017-06-05 01:55 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-06-05 01:55 - 2016-09-22 14:55 - 02839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2017-06-05 01:54 - 2017-06-05 01:54 - 217553063 _____ (Realtek Semiconductor Corp.) C:\Users\Henrik\Downloads\0008-64bit_Win7_Win8_Win81_Win10_R281.exe
2017-06-04 15:29 - 2017-06-04 15:29 - 00001088 _____ C:\Users\Henrik\Downloads\Progressive House 2.fxp
2017-06-04 15:29 - 2017-06-04 15:29 - 00001088 _____ C:\Users\Henrik\Downloads\Progressive House 1.fxp
2017-06-04 14:27 - 2017-06-04 14:27 - 00806116 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_3.wav
2017-06-04 14:18 - 2017-06-04 14:18 - 04856508 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_2.wav
2017-06-04 14:04 - 2017-06-04 14:04 - 01605732 _____ C:\Users\Henrik\Downloads\Bee Gees - How Deep Is Your Love (1977) - Part_1.wav
2017-06-04 13:18 - 2017-06-04 13:18 - 01716800 _____ C:\Users\Henrik\Downloads\outro part.wav
2017-06-03 18:17 - 2017-06-03 18:17 - 01487492 _____ C:\Users\Henrik\Downloads\Tony Yayo & Danny Brown - Roll Up - Part_1.wav
2017-06-03 18:16 - 2017-06-03 18:16 - 00576820 _____ C:\Users\Henrik\Downloads\is it the strength - Part_1.wav
2017-06-03 18:08 - 2017-06-03 18:08 - 07498840 _____ C:\Users\Henrik\Downloads\is it the strength.wav
2017-06-02 18:26 - 2017-06-02 18:26 - 02091860 _____ C:\Users\Henrik\Downloads\Heart - Alone - Part_2.wav
2017-06-02 16:48 - 2017-06-02 16:48 - 00243036 _____ C:\Users\Henrik\Downloads\Heart - Alone - Part_1.wav

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 15:18 - 2017-04-08 13:40 - 00097298 _____ C:\WINDOWS\ZAM.krnl.trace
2017-07-02 15:18 - 2017-04-08 13:40 - 00062459 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-07-02 15:17 - 2016-10-12 22:38 - 00000000 ____D C:\Users\Henrik\AppData\Local\CrashDumps
2017-07-02 15:02 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-02 14:51 - 2016-10-12 21:28 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Spotify
2017-07-02 14:37 - 2016-10-12 21:16 - 00000000 ____D C:\Users\Henrik\AppData\Local\Adobe
2017-07-02 14:36 - 2016-11-11 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-02 14:36 - 2016-11-11 13:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-02 14:36 - 2016-10-12 22:14 - 00000000 __SHD C:\Users\Henrik\IntelGraphicsProfiles
2017-07-02 14:36 - 2016-10-12 21:28 - 00000000 ____D C:\Users\Henrik\AppData\Local\Spotify
2017-07-02 14:36 - 2016-10-12 21:25 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-02 14:31 - 2016-10-28 15:06 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-02 14:24 - 2016-10-12 20:15 - 02696782 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-02 14:18 - 2016-11-11 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-02 14:18 - 2016-10-28 15:06 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-02 14:18 - 2016-10-28 15:06 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-02 14:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-02 03:14 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-01 22:33 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-01 13:23 - 2016-11-11 13:04 - 00000000 ____D C:\Users\Henrik
2017-07-01 13:23 - 2016-10-30 16:33 - 00000000 ____D C:\AdwCleaner
2017-07-01 03:12 - 2016-10-15 15:12 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\vlc
2017-06-30 20:09 - 2016-10-12 21:27 - 00000000 ____D C:\ProgramData\Skype
2017-06-30 14:18 - 2016-10-26 21:44 - 00000000 ____D C:\Users\Henrik\Documents\Adobe
2017-06-30 14:00 - 2016-10-12 21:16 - 00000000 ____D C:\ProgramData\Adobe
2017-06-30 13:53 - 2017-02-02 17:44 - 00000000 ____D C:\Program Files\Adobe
2017-06-30 13:47 - 2016-10-12 20:40 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Adobe
2017-06-30 13:46 - 2016-10-12 21:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-29 22:16 - 2016-10-13 17:58 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-29 19:45 - 2016-10-12 21:25 - 00000000 ____D C:\Users\Henrik\AppData\Local\Greenshot
2017-06-29 15:36 - 2016-10-12 21:01 - 00000000 ____D C:\temp
2017-06-28 20:40 - 2016-10-30 16:29 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-28 00:54 - 2016-12-27 23:22 - 00000000 ____D C:\Program Files\UNi Xonar Audio
2017-06-28 00:54 - 2016-10-12 21:21 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-06-28 00:54 - 2016-10-12 21:21 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-06-28 00:54 - 2016-10-12 21:21 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-06-28 00:54 - 2016-10-12 21:21 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-06-28 00:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2017-06-28 00:54 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-27 23:09 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-27 22:54 - 2017-01-23 17:38 - 00000000 ____D C:\Users\Henrik\AppData\Local\ElevatedDiagnostics
2017-06-27 22:39 - 2017-03-15 01:33 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\discord
2017-06-27 17:31 - 2016-10-12 21:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-27 17:21 - 2017-05-06 12:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2017-06-27 04:28 - 2016-11-10 13:08 - 00000000 ____D C:\Users\Henrik\AppData\Local\Ubisoft Game Launcher
2017-06-26 22:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-26 20:32 - 2017-05-28 01:24 - 00000000 ____D C:\Users\Henrik\AppData\Local\SLAM
2017-06-26 02:06 - 2017-01-16 00:54 - 00000000 ____D C:\Users\Henrik\AppData\Local\Spectrasonics
2017-06-25 20:09 - 2016-10-18 19:42 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Origin
2017-06-25 20:09 - 2016-10-18 19:39 - 00000000 ____D C:\ProgramData\Origin
2017-06-25 19:12 - 2016-10-18 19:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-25 16:57 - 2016-10-23 23:53 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Audacity
2017-06-24 16:04 - 2016-10-13 16:19 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\.minecraft
2017-06-24 04:42 - 2017-03-18 13:57 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Curse Client
2017-06-23 13:05 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 13:03 - 2016-11-21 20:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-21 02:24 - 2016-10-15 03:02 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\FileZilla
2017-06-20 22:16 - 2016-10-15 03:07 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Notepad++
2017-06-20 17:15 - 2017-02-09 22:55 - 00000000 ____D C:\Users\Henrik\AppData\Local\ManyCam
2017-06-20 15:42 - 2016-10-26 21:36 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-20 13:45 - 2017-02-09 22:53 - 00000000 ____D C:\Program Files (x86)\ManyCam
2017-06-20 13:43 - 2017-02-09 22:53 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\ManyCam
2017-06-18 20:47 - 2016-10-12 21:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-18 14:16 - 2017-03-02 00:34 - 00000000 ____D C:\Users\Henrik\AppData\Local\Arma 3 Launcher
2017-06-18 13:47 - 2017-03-02 00:34 - 00000000 ____D C:\Users\Henrik\AppData\Local\Arma 3
2017-06-15 23:13 - 2017-05-03 15:57 - 00002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-15 23:13 - 2017-02-08 19:03 - 00000759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2017-06-15 23:13 - 2017-01-13 22:07 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-06-15 23:13 - 2016-11-21 20:20 - 00002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-06-15 23:13 - 2016-11-11 13:06 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-15 23:13 - 2016-10-13 19:08 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-15 23:13 - 2016-10-13 19:07 - 00002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-06-15 23:13 - 2016-10-12 21:34 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-06-15 23:13 - 2016-10-12 21:31 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-06-15 23:13 - 2016-10-12 21:26 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-06-15 23:12 - 2017-04-11 20:24 - 00001005 _____ C:\Users\Henrik\Desktop\Twitch.lnk
2017-06-15 23:12 - 2017-04-11 20:24 - 00000991 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-06-15 23:12 - 2017-03-18 16:54 - 00000633 _____ C:\Users\Henrik\Desktop\Overwatch.lnk
2017-06-15 23:12 - 2017-03-18 16:22 - 00000565 _____ C:\Users\Henrik\Desktop\Battle.net.lnk
2017-06-15 23:12 - 2017-01-13 22:07 - 00001052 _____ C:\Users\Henrik\Desktop\TeamSpeak 3 Client.lnk
2017-06-15 23:12 - 2016-11-06 05:07 - 00000671 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Lite.lnk
2017-06-15 23:12 - 2016-10-30 16:29 - 00002254 _____ C:\Users\Henrik\Desktop\Google Chrome.lnk
2017-06-15 23:12 - 2016-10-18 19:41 - 00001066 _____ C:\Users\Henrik\Desktop\Origin.lnk
2017-06-15 23:12 - 2016-10-13 19:07 - 00002011 _____ C:\Users\Henrik\Desktop\Avast Free Antivirus.lnk
2017-06-15 23:12 - 2016-10-13 16:19 - 00000785 _____ C:\Users\Henrik\Desktop\Minecraft.lnk
2017-06-15 23:12 - 2016-10-13 01:35 - 00002643 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-06-15 23:12 - 2016-10-13 01:13 - 00000996 _____ C:\Users\Henrik\Desktop\FL Studio 12.lnk
2017-06-15 23:12 - 2016-10-12 22:30 - 00001051 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-06-15 23:12 - 2016-10-12 21:28 - 00001855 _____ C:\Users\Henrik\Desktop\Spotify.lnk
2017-06-15 23:12 - 2016-10-12 21:28 - 00001841 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-06-15 23:12 - 2016-10-12 21:25 - 00001036 _____ C:\Users\Henrik\Desktop\Steam.lnk
2017-06-15 23:12 - 2016-10-12 20:42 - 00002370 _____ C:\Users\Henrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-15 15:49 - 2016-10-12 22:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-15 15:47 - 2016-10-12 22:51 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-13 22:21 - 2016-12-06 17:21 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-13 22:21 - 2016-10-12 20:42 - 00000000 ___RD C:\Users\Henrik\OneDrive
2017-06-10 17:37 - 2016-10-12 22:15 - 00000000 ____D C:\Users\Henrik\AppData\Roaming\Skype
2017-06-10 00:39 - 2017-03-15 20:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 00:23 - 2017-03-18 16:22 - 00000000 ____D C:\Users\Henrik\AppData\Local\Battle.net
2017-06-08 15:16 - 2016-11-06 05:08 - 00000398 __RSH C:\ProgramData\ntuser.pol
2017-06-05 01:55 - 2016-10-12 21:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-03 17:02 - 2016-11-10 16:12 - 00697384 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-10-12 21:29 - 2016-10-12 21:29 - 0000000 _____ () C:\Program Files (x86)\ASUS Xonar D2 Audio
2016-11-07 21:45 - 2017-02-05 16:29 - 0000033 _____ () C:\Users\Henrik\AppData\Roaming\AdobeWLCMCache.dat
2017-07-01 17:10 - 2017-07-01 18:11 - 0003138 _____ () C:\Users\Henrik\AppData\Roaming\SpeedRunnersLog.txt
2016-11-26 07:18 - 2016-12-01 20:58 - 0004014 _____ () C:\Users\Henrik\AppData\Roaming\VoiceMeeterDefault.xml
2016-12-15 13:51 - 2017-03-18 19:09 - 0009275 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 13:51 - 2017-03-16 19:05 - 0006884 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-06-20 21:48 - 2017-06-20 21:48 - 0008720 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-06-20 21:49 - 2017-06-20 21:49 - 0012080 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-x64-3.dll
2017-06-20 21:49 - 2017-06-20 21:49 - 0010520 _____ () C:\Users\Henrik\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-07-01 12:31 - 2016-11-11 12:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Henrik\AppData\Local\Temp\dllnt_dump.dll
2017-07-01 12:00 - 2017-07-01 12:01 - 4109176 _____ (COMODO) C:\Users\Henrik\AppData\Local\Temp\ise_installer.exe
2017-06-21 20:32 - 2017-06-21 20:32 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1071075392364444971.dll
2017-06-21 21:25 - 2017-06-21 21:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1153001586639308607.dll
2017-06-21 18:54 - 2017-06-21 18:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1260291970132728421.dll
2017-05-07 13:59 - 2017-05-07 13:59 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-1363634836949659710.dll
2017-06-21 20:33 - 2017-06-21 20:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2186400338576564517.dll
2017-05-12 20:03 - 2017-05-12 20:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2290271135544366362.dll
2017-06-21 18:34 - 2017-06-21 18:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2469749168740701734.dll
2017-06-21 18:24 - 2017-06-21 18:24 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2728434572421372818.dll
2017-06-21 19:03 - 2017-06-21 19:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2855344790019296826.dll
2017-06-21 21:34 - 2017-06-21 21:34 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-2917035292047346074.dll
2017-05-12 20:03 - 2017-05-12 20:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3215167825315777799.dll
2017-06-21 20:14 - 2017-06-21 20:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3277872538019738130.dll
2017-06-20 22:50 - 2017-06-20 22:50 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3282594619801589884.dll
2017-06-21 18:48 - 2017-06-21 18:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3305238220643517183.dll
2017-06-21 00:07 - 2017-06-21 00:07 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3353997431882390676.dll
2017-06-21 18:30 - 2017-06-21 18:30 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3355681635270746290.dll
2017-06-23 13:16 - 2017-06-23 13:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3589258148788507051.dll
2017-06-20 23:25 - 2017-06-20 23:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3627287089634379371.dll
2017-06-21 18:33 - 2017-06-21 18:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3719675648887146509.dll
2017-06-20 23:41 - 2017-06-20 23:41 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-3837546123523305305.dll
2017-05-28 04:02 - 2017-05-28 04:02 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-4216179287273088663.dll
2017-06-20 23:22 - 2017-06-20 23:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-4235778254976684987.dll
2017-06-21 20:47 - 2017-06-21 20:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5038764882999847846.dll
2017-06-24 15:45 - 2017-06-24 15:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5460312811184151518.dll
2017-06-21 21:38 - 2017-06-21 21:38 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-5581777625304781288.dll
2017-06-24 15:29 - 2017-06-24 15:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-6368812674826841464.dll
2017-06-21 19:22 - 2017-06-21 19:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-6761491517736766672.dll
2017-06-20 22:44 - 2017-06-20 22:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7062560105360448856.dll
2017-06-21 18:57 - 2017-06-21 18:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7176761637998703884.dll
2017-06-21 19:01 - 2017-06-21 19:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7261807896661401354.dll
2017-06-24 15:29 - 2017-06-24 15:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7367500199629893132.dll
2017-06-20 22:20 - 2017-06-20 22:20 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7496619433307775273.dll
2017-06-21 19:01 - 2017-06-21 19:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-7518563292777661402.dll
2017-06-21 19:22 - 2017-06-21 19:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8366214386157331703.dll
2017-06-20 23:16 - 2017-06-20 23:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8663732862190852744.dll
2017-06-21 21:12 - 2017-06-21 21:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-8929307440126607196.dll
2017-06-21 00:17 - 2017-06-21 00:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-92277662226697748.dll
2017-05-28 03:54 - 2017-05-28 03:54 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Henrik\AppData\Local\Temp\jansi-64-946592660185118486.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-28 14:19

==================== End of FRST.txt ============================

 

[HenrikNoVirus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Henrik (02-07-2017 15:19:21)
Running from C:\Users\Henrik\Desktop
Windows 10 Enterprise Version 1607 (X64) (2016-11-11 11:11:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2799272097-1707510344-1613828314-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2799272097-1707510344-1613828314-503 - Limited - Disabled)
Guest (S-1-5-21-2799272097-1707510344-1613828314-501 - Limited - Disabled)
Henrik (S-1-5-21-2799272097-1707510344-1613828314-1001 - Administrator - Enabled) => C:\Users\Henrik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Ableton Live 9 Lite (HKLM\...\{F32EA031-9333-44DD-AE45-31B9C4DBF398}) (Version: 9.0.0.0 - Ableton)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Altiverb 7 Uninstaller (HKLM\...\{367662CA-394A-4095-9549-973FC3807B9B}_is1) (Version: 7.2 - Audio Ease BV)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.95 - NVIDIA Corporation) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Apowersoft Phone Manager version 2.8.6 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.6 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Apple-programvaresupport (32-bits) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple-programvaresupport (64-bits) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Automap 4.10 (HKLM\...\Automap Universal_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Automap ReWire 1.0 (HKLM-x32\...\Automap Universal ReWire_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version: - The Behemoth)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Discord (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive®)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Infected Mushroom - Manipulator version 0.904 (HKLM\...\{25772CF9-4EEE-4D1A-9FE7-29A4B91B3422}_is1) (Version: 0.904 - Polyverse Music, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.421501.88 - Comodo)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\{E59194A0-A215-4C44-8B92-40780387EBE0}) (Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
ManyCam 5.5.0 (HKLM-x32\...\ManyCam) (Version: 5.5.0 - Visicom Media Inc.)
Microsoft Office 365 ProPlus - nb-no (HKLM\...\O365ProPlusRetail - nb-no) (Version: 16.0.7766.2092 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 2.2.0.1 - NETGEAR)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2092 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0414-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
Pool Nation FX (HKLM\...\Steam App 314000) (Version: - Cherry Pop Games)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
RogueKiller version 12.11.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.4.0 - Adlice Software)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
SafeZone Stable 3.55.2393.607 (HKLM-x32\...\SafeZone 3.55.2393.607) (Version: 3.55.2393.607 - Avast Software) Hidden
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
SnookerWorld (HKLM\...\Steam App 522660) (Version: - Ouyang zhengyu)
SNOW (HKLM\...\Steam App 244930) (Version: - Poppermost Productions)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.9.12 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.12 - SteelSeries ApS)
STEEP (HKLM-x32\...\Uplay Install 3445) (Version: - Ubisoft)
StreamLabels 0.2.2 (only current user) (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.2 - Streamlabs)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (HKLM\...\Steam App 241560) (Version: - Ivory Tower in collaboration with Ubisoft Reflections)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
UNi Xonar Audio -Run only while playing audio! (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.1 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\...\WinDirStat) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Yooka-Laylee (HKLM\...\Steam App 360830) (Version: - Playtonic Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3F8F9E874C70}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2799272097-1707510344-1613828314-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016765C3-A442-41B8-A87E-1D8DF15A6FE1} - System32\Tasks\{A2A997F5-7490-4189-BAC3-73B6EAA97EB1} => pcalua.exe -a "D:\Program Files (x86)\Wondershare\TunesGo\unins000.exe" -c /WAF
Task: {1BFF60FE-1871-4029-A15E-71CA2FB51CDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-10] (Microsoft Corporation)
Task: {239B2907-C427-42B2-979B-786B2294DED2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Henrik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {23F64AE5-CA22-4D70-9816-22F375E0B184} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {2C3CB134-3E9F-4206-95EC-F4A6002D84A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-04] (Microsoft Corporation)
Task: {2D95B74B-ED50-4A1C-A700-E9D84623E367} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-10] (Microsoft Corporation)
Task: {408C4510-3292-4D8B-BAC0-73A70CAF3244} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ciizify@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {4A1FD6A3-49E6-40E8-BA53-BB53D3EC6A3C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {56BF966E-0760-4CA9-8470-07CF26015AAE} - System32\Tasks\SafeZone scheduled Autoupdate 1476378490 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {59105636-5EAF-4BD0-B994-975622AE7F65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-10] (Microsoft Corporation)
Task: {5E6BAC3B-D95E-4FB7-9F88-26528BD801A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-04] (Microsoft Corporation)
Task: {62F55296-757C-4D82-9008-E359053C7651} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {6D16567C-7600-4687-8DAF-3BC4751C5B4A} - \Uzuydarient -> No File <==== ATTENTION
Task: {79C8EFC1-77CA-46D0-875D-6C11059F0F61} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {837C9067-D7F1-4777-A0F1-0A522677960B} - System32\Tasks\{5236BE84-80C8-4CD2-9A99-5D86B2299762} => pcalua.exe -a "C:\Users\Henrik\Desktop\drake tut.logicx\lsl\SetUpDrv.exe" -d "C:\Users\Henrik\Desktop\drake tut.logicx\lsl"
Task: {998C8012-A509-473A-BB1B-39603D200776} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-21] (AVAST Software)
Task: {A58BAC3B-7CB2-4069-8C15-A733625CFBFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30] (Google Inc.)
Task: {A740A3E8-E785-466D-A81C-1A7AAA69B9DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30] (Google Inc.)
Task: {AD3E476E-5F2E-4860-88B7-E1DE4F86D326} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-04] (AVAST Software)
Task: {BA626151-0E64-4972-AD34-A13AAD4D5AF1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {C7E8AC70-8490-450A-AF42-3B68C8BBAFB6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {CEB28B00-C355-4399-A862-2995DDB17B10} - System32\Tasks\updater => D:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions)
Task: {F50B3BAC-F0EA-4029-AA9A-DB10B47EBF99} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {F7367877-6F17-44BE-9B47-9B049DD3AA0D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {F93EC86C-9377-4999-A96A-B05D139C8696} - System32\Tasks\{FABCE8F1-8E41-4840-92EB-4030CCDC30E5} => pcalua.exe -a "C:\Program Files (x86)\COMODO\COMODO Secure Shopping\un_inst.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70216a91c23d8320\mau5 - Chrome.lnk -> C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70216a91c23d8320 ()
Shortcut: C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\mau5 - Chrome.lnk -> C:\Users\Henrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9 ()

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 14:33 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-15 19:04 - 2017-03-15 19:04 - 00309760 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\e02f07b40299b7750946b12ee5fb9064\ReactiveSockets.ni.dll
2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () D:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2016-10-12 21:57 - 2017-02-23 20:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-12 21:57 - 2017-02-23 20:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-12 21:08 - 2013-11-11 15:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2017-06-20 21:49 - 2017-06-20 21:49 - 00012080 _____ () C:\WINDOWS\TEMP\BullseyeCoverage-x64-3.dll
2017-06-18 20:47 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-11-11 13:03 - 2016-12-29 14:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 00492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-11-11 21:57 - 2016-11-11 21:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 22:34 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 14:13 - 2017-06-21 14:14 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 14:13 - 2017-06-21 14:14 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-27 12:20 - 2017-03-27 12:20 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-10-12 21:08 - 2014-01-02 13:13 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-06-28 20:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-28 20:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-04-12 14:33 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-14 22:34 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 21:08 - 2013-10-15 09:29 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2016-10-18 19:41 - 2017-06-25 19:11 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-04 17:45 - 2017-05-04 17:45 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-06-28 00:54 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-10-12 21:57 - 2017-02-23 20:34 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-12 22:20 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-12 22:20 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-10-12 22:20 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-12 22:20 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-27 16:30 - 2017-06-22 14:59 - 00189040 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 67117168 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libcef.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 02253424 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libglesv2.dll
2016-10-12 21:28 - 2017-06-22 14:59 - 00086640 _____ () C:\Users\Henrik\AppData\Roaming\Spotify\libegl.dll
2016-12-13 00:55 - 2017-05-08 21:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 12:32 - 2017-05-17 03:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-10-12 22:20 - 2017-06-08 07:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-10-12 21:08 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2017-06-12 19:48 - 2017-06-12 19:48 - 00048296 _____ () D:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-04 07:43 - 2017-06-04 07:43 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-03-18 17:02 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-03-15 01:33 - 2017-03-15 01:33 - 01082880 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-03-15 01:33 - 2017-03-15 01:33 - 03750400 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-03-15 01:33 - 2017-03-15 01:33 - 00914432 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-03-15 01:33 - 2017-03-15 01:33 - 01127424 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-03-18 17:02 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-03-18 17:02 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Henrik\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-07-02 15:06 - 2017-07-02 15:06 - 00148992 _____ () \\?\C:\Users\Henrik\AppData\Local\Temp\3245.tmp.node
2017-03-15 01:33 - 2017-04-29 16:57 - 02658296 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-03-15 01:36 - 2017-03-22 20:25 - 02665976 _____ () \\?\C:\Users\Henrik\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2799272097-1707510344-1613828314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Henrik\Desktop\577446813c7af1c0a38459f06c9629d3.jpg
DNS Servers: 109.247.114.4 - 92.220.228.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==