Jump to content


Photo

I saw a trojan download and install itself


  • Please log in to reply
6 replies to this topic

#1 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 114 posts

Posted 21 July 2016 - 12:34 PM

Hi,

 

I think I might have a trojan horse because my kaspersky internet security had told me one wasdetected and gave me the option to delte it.

 

I ran a full updated malwarebytes scan and nothing came up;;meaning it was clean.

 

 with kaspersky..

 

Below are my logs, i'd like to see if my computer is still clean or not: 

 

Result of Security Analysis by Rocket Grannie (x86) Updated: 17th July 2016
Running from:C:\Users\Marty\Documents\Malware removal tools (10:32:07 - 07/21/2016)
***---------------------------------------------------------***
Microsoft Windows 7 Ultimate X64 Service Pack 1
UAC is Enabled!
Internet Explorer 11
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
***-----------------Anti-Virus - Firewall-------------------***
Kaspersky Total Security (Enabled - Up to Date)
Windows Firewall is Enabled!
Searching for any other Firewall
Kaspersky Total Security
***----------------AntiSpyware - Miscellaneous---------------***
Adobe Flash Player Plugin is not installed
Java (version 8.91.15)
Google Chrome (version 51)
HitmanPro (version 3)
Malwarebytes Anti-Malware (version 2.2.1.1043)
 
***----------------Analysis Complete-------------------------***
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by Marty (administrator) on MARTY-PC (21-07-2016 10:33:26)
Running from C:\Users\Marty\Documents\Malware removal tools
Loaded Profiles: Marty (Available Profiles: Marty)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\Kingsoft Office\10.1.0.5652\wtoolex\wpsupdatesvr.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Camshare, Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Camfrog] => C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe [15710776 2016-05-18] (Camshare, Inc.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.4\kpm.exe [8087880 2015-12-11] (AO Kaspersky Lab)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\MountPoints2: {71ca4d3e-49f7-11e6-9229-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
Startup: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2016-07-16]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9C9A37F5-92A4-435E-A398-A69EB7FA054E}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-07-14] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-14] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-04-29]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Adblock Plus) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-14]
CHR Extension: (Excel Viewer, Editor) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpdiahdjhpfaafoffpoaafcmjbcfmaj [2016-07-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14]
CHR Extension: (GAuth Authenticator) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2016-07-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-07-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
CHR Extension: (Gmail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-03-14] (Camshare Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-07-21] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\Kingsoft Office\10.1.0.5652\wtoolex\wpsupdatesvr.exe [133376 2016-07-21] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\Kingsoft Office\wpscloudsvr.exe [162048 2016-07-21] (Zhuhai Kingsoft Office Software Co.,Ltd)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236976 2016-04-29] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-07-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [997808 2016-04-29] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-21 10:33 - 2016-07-21 10:33 - 00000000 ____D C:\FRST
2016-07-21 10:26 - 2016-07-21 10:33 - 00000000 ____D C:\Users\Marty\Documents\Malware removal tools
2016-07-21 10:05 - 2016-07-21 10:05 - 00001296 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-07-21 10:05 - 2016-07-21 10:05 - 00000000 ____D C:\Users\Marty\AppData\Local\Kaspersky Lab
2016-07-21 10:05 - 2016-07-21 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-07-21 10:04 - 2016-07-21 10:04 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-07-21 09:56 - 2016-07-21 09:56 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-07-21 09:56 - 2016-07-21 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-07-21 09:15 - 2016-07-21 10:32 - 00000410 _____ C:\Windows\Tasks\WpsExternal_20160721091517.job
2016-07-21 09:15 - 2016-07-21 09:58 - 00000388 _____ C:\Windows\Tasks\WpsUpdateTask_Marty.job
2016-07-21 09:15 - 2016-07-21 09:15 - 00003390 _____ C:\Windows\System32\Tasks\WpsExternal_20160721091517
2016-07-21 09:15 - 2016-07-21 09:15 - 00003372 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Marty
2016-07-21 09:15 - 2016-07-21 09:15 - 00002349 _____ C:\Users\Public\Desktop\WPS Writer.lnk
2016-07-21 09:15 - 2016-07-21 09:15 - 00002347 _____ C:\Users\Public\Desktop\WPS Presentation.lnk
2016-07-21 09:15 - 2016-07-21 09:15 - 00002331 _____ C:\Users\Public\Desktop\WPS Spreadsheets.lnk
2016-07-21 09:15 - 2016-07-21 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2016-07-21 09:15 - 2016-07-21 09:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-21 09:14 - 2016-07-21 10:12 - 00000704 _____ C:\Windows\Tasks\WpsKtpcntrQingTask_Marty.job
2016-07-21 09:14 - 2016-07-21 09:14 - 00003620 _____ C:\Windows\System32\Tasks\WpsKtpcntrQingTask_Marty
2016-07-21 09:14 - 2016-07-21 09:14 - 00000000 ____D C:\ProgramData\Kingsoft
2016-07-21 08:33 - 2016-07-21 08:33 - 00000222 _____ C:\Users\Marty\Desktop\Middle-earth Shadow of Mordor.url
2016-07-21 02:27 - 2016-07-21 02:27 - 00024151 _____ C:\Users\Marty\Desktop\Advanced.vdffz
2016-07-21 02:27 - 2016-07-21 02:27 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flaming Zonkey
2016-07-21 02:26 - 2016-07-21 02:26 - 00005820 _____ C:\Users\Marty\Desktop\SteamControllerDBClient.application
2016-07-20 16:59 - 2016-07-20 16:59 - 00000073 _____ C:\Users\Marty\Desktop\merching information 7-20-2016.txt
2016-07-20 16:22 - 2016-07-20 16:22 - 00000000 ____D C:\Users\Marty\Documents\borderless gaming
2016-07-20 13:48 - 2016-07-20 13:48 - 00597504 _____ (RAD Game Tools, Inc.) C:\Windows\system32\mss64.dll
2016-07-20 13:47 - 2016-07-20 13:47 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\IEShims.dll
2016-07-20 13:45 - 2016-07-20 13:45 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-07-20 13:44 - 2016-07-20 13:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-winrt-string-l1-1-0.dll
2016-07-20 13:43 - 2016-07-20 13:43 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-winrt-robuffer-l1-1-0.dll
2016-07-20 12:56 - 2016-07-20 12:56 - 00000029 _____ C:\Users\Marty\Desktop\ALISTAR FROM LAST GAME.txt
2016-07-19 20:38 - 2016-07-19 20:38 - 01676464 _____ C:\Windows\Minidump\071916-11965-01.dmp
2016-07-19 16:39 - 2016-07-21 02:40 - 00000000 ____D C:\Users\Marty\AppData\Local\CrashDumps
2016-07-19 09:31 - 2016-07-19 09:31 - 00000000 ____D C:\Users\Marty\AppData\Local\PAYDAY 2
2016-07-19 09:30 - 2016-07-19 09:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-19 04:17 - 2016-07-19 04:17 - 00000222 _____ C:\Users\Marty\Desktop\PAYDAY 2.url
2016-07-19 03:19 - 2016-07-19 03:20 - 14786752 _____ (Adobe Systems, Inc.) C:\Users\Marty\Desktop\flashplayer_22_sa.exe
2016-07-18 23:01 - 2016-07-18 23:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-07-18 23:01 - 2016-07-18 23:01 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-18 22:34 - 2016-07-18 22:34 - 00000000 ____D C:\782371daa6b6b8e823
2016-07-18 21:31 - 2016-07-18 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-07-18 21:31 - 2016-07-18 21:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-07-18 21:29 - 2016-07-18 21:29 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-18 21:09 - 2016-07-18 21:09 - 07878008 _____ (Microsoft Corporation) C:\Users\Marty\Desktop\Xbox360_64Eng.exe
2016-07-18 20:55 - 2016-07-18 20:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2016-07-18 20:53 - 2016-07-18 20:53 - 00000000 ____D C:\Program Files (x86)\XBox 360 Controller for Windows Software
2016-07-18 19:53 - 2016-07-18 19:55 - 00000000 ____D C:\Users\Marty\AppData\Roaming\DarkSoulsIII
2016-07-18 19:29 - 2016-07-18 19:29 - 00000222 _____ C:\Users\Marty\Desktop\DARK SOULS III.url
2016-07-18 17:38 - 2016-07-18 21:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\4819709F.sys
2016-07-18 14:51 - 2016-06-25 17:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-18 14:51 - 2016-06-25 17:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-18 14:51 - 2016-06-22 06:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-18 14:51 - 2016-06-10 23:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-18 14:51 - 2016-06-10 21:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-18 14:51 - 2016-06-10 14:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-18 14:51 - 2016-06-10 14:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-18 14:51 - 2016-06-10 14:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-18 14:51 - 2016-06-10 14:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-18 14:51 - 2016-06-10 14:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-18 14:51 - 2016-06-10 14:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-18 14:51 - 2016-06-10 14:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-18 14:51 - 2016-06-10 14:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-18 14:51 - 2016-06-10 14:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-18 14:51 - 2016-06-10 14:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-18 14:51 - 2016-06-10 14:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-18 14:51 - 2016-06-10 14:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-18 14:51 - 2016-06-10 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-18 14:51 - 2016-06-10 14:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-18 14:51 - 2016-06-10 14:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-18 14:51 - 2016-06-10 14:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-18 14:51 - 2016-06-10 13:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-18 14:51 - 2016-06-10 13:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-18 14:51 - 2016-06-10 13:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-18 14:51 - 2016-06-10 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-18 14:51 - 2016-06-10 13:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-18 14:51 - 2016-06-10 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-18 14:51 - 2016-06-10 13:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-18 14:51 - 2016-06-10 13:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-18 14:51 - 2016-06-10 13:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-18 14:51 - 2016-06-10 13:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-18 14:51 - 2016-06-10 13:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-18 14:51 - 2016-06-10 13:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-18 14:51 - 2016-06-10 13:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-18 14:51 - 2016-06-10 13:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-18 14:51 - 2016-06-10 12:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-18 14:51 - 2016-06-10 12:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-18 14:51 - 2016-06-10 12:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-18 14:51 - 2016-06-10 12:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-18 14:51 - 2016-06-10 12:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-18 14:51 - 2016-06-10 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-18 14:51 - 2016-06-10 11:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-18 14:51 - 2016-06-10 11:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-18 14:51 - 2016-06-10 11:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-18 14:51 - 2016-06-10 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-18 14:51 - 2016-06-10 11:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-18 14:51 - 2016-06-10 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-18 14:51 - 2016-06-10 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-18 14:51 - 2016-06-10 11:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-18 14:51 - 2016-06-10 11:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-18 14:51 - 2016-06-10 11:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-18 14:51 - 2016-06-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-18 14:51 - 2016-06-10 11:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-18 14:51 - 2016-06-10 11:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-18 14:51 - 2016-06-10 11:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-18 14:51 - 2016-06-10 11:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-18 14:51 - 2016-06-10 11:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-18 14:51 - 2016-06-10 11:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-18 14:51 - 2016-06-10 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-18 14:51 - 2016-06-10 11:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-18 14:51 - 2016-06-10 11:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-18 14:51 - 2016-06-10 11:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-18 14:51 - 2016-06-10 10:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-18 14:51 - 2016-06-10 10:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-18 14:51 - 2016-06-10 10:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-18 14:51 - 2016-06-10 10:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-18 14:51 - 2016-03-23 15:40 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-07-18 14:51 - 2015-11-10 11:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-18 14:51 - 2015-11-10 11:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-18 14:51 - 2015-11-10 11:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-07-18 14:51 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-07-18 14:51 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-07-18 14:51 - 2011-03-10 23:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2016-07-18 14:51 - 2011-03-10 23:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-07-18 14:51 - 2011-03-10 23:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2016-07-18 14:51 - 2011-03-10 22:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-07-18 14:51 - 2011-03-10 22:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2016-07-18 14:50 - 2016-04-14 06:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-07-18 14:50 - 2016-04-14 06:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-07-18 14:50 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-18 14:50 - 2016-04-08 20:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-18 14:50 - 2015-12-08 14:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-07-18 14:50 - 2015-12-08 12:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-18 14:50 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-07-18 14:50 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-07-18 14:50 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-07-18 14:50 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-07-18 07:55 - 2016-07-18 07:55 - 00000000 ____D C:\Users\Marty\AppData\Local\GWX
2016-07-17 22:27 - 2016-07-19 20:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-17 22:27 - 2016-07-19 20:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-17 22:27 - 2016-07-17 22:27 - 00000000 ____D C:\Windows\EOONotify
2016-07-17 22:10 - 2016-07-17 22:10 - 00000222 _____ C:\Users\Marty\Desktop\Insurgency.url
2016-07-17 21:23 - 2016-07-17 21:23 - 00053818 _____ C:\Users\Marty\Desktop\(New) Runescape Merchanting spreadsheet.xlsx
2016-07-17 21:22 - 2016-07-17 21:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2016-07-17 14:52 - 2016-07-21 09:14 - 00000000 ____D C:\Users\Marty\AppData\Local\Kingsoft
2016-07-17 14:51 - 2016-07-21 09:14 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Kingsoft
2016-07-17 14:51 - 2016-07-17 14:51 - 00000000 ____D C:\Program Files (x86)\Kingsoft
2016-07-17 14:48 - 2016-07-17 14:51 - 47755504 _____ (Kingsoft Corp. Ltd.) C:\Users\Marty\Desktop\office_free_2013.exe
2016-07-17 14:42 - 2016-07-17 14:44 - 140783556 _____ C:\Users\Marty\Desktop\Apache_OpenOffice_4.1.2_Win_x86_install_en-US.exe
2016-07-17 14:24 - 2016-07-17 15:22 - 00069329 _____ C:\Users\Marty\Desktop\Excel Runescape Flipping Spreadsheet.xlsx
2016-07-17 14:13 - 2016-07-17 14:13 - 00031280 _____ C:\Users\Marty\Desktop\Matt's Merchanting.xls.xlsx
2016-07-16 23:05 - 2016-07-16 23:05 - 00000000 ____D C:\Users\Marty\AppData\Local\StreetFighterV
2016-07-16 20:05 - 2016-07-16 20:05 - 00000222 _____ C:\Users\Marty\Desktop\Street Fighter V.url
2016-07-16 10:05 - 2016-07-16 10:05 - 00000000 _____ C:\Users\Marty\Desktop\movie to watch (wanted).txt
2016-07-16 07:46 - 2016-07-16 07:46 - 00000233 _____ C:\Users\Marty\Desktop\Tom Clancy's The Division.url
2016-07-16 07:46 - 2016-07-16 07:46 - 00000233 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's The Division.url
2016-07-16 06:31 - 2016-07-16 06:33 - 00000000 ____D C:\Users\Marty\Documents\Overwatch
2016-07-16 00:25 - 2016-07-19 20:38 - 549038625 _____ C:\Windows\MEMORY.DMP
2016-07-16 00:25 - 2016-07-19 20:38 - 00000000 ____D C:\Windows\Minidump
2016-07-15 16:47 - 2016-07-15 16:50 - 00000000 ____D C:\Windows\system32\MRT
2016-07-15 16:47 - 2016-07-15 16:47 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-15 15:19 - 2016-07-21 09:34 - 00456042 _____ C:\Windows\ntbtlog.txt
2016-07-15 11:37 - 2015-01-08 16:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2016-07-15 11:37 - 2015-01-08 16:43 - 00419936 _____ C:\Windows\system32\locale.nls
2016-07-15 11:23 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-15 11:23 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-15 11:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-07-15 11:17 - 2016-07-15 11:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-07-15 11:17 - 2016-07-15 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-07-15 11:17 - 2016-07-15 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-07-15 11:17 - 2016-07-15 11:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-07-15 11:17 - 2016-07-15 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-15 11:11 - 2016-07-15 11:11 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-07-15 10:15 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-07-15 10:15 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-07-15 10:15 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-07-15 10:15 - 2012-06-02 07:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-07-15 10:07 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-07-15 10:07 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-07-15 10:07 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-07-15 10:03 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-07-15 10:03 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-07-15 10:03 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-07-15 10:03 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-07-15 10:03 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-07-15 10:03 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-07-15 10:03 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-07-15 10:03 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-07-15 04:15 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-07-15 04:14 - 2016-03-17 15:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-15 04:14 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-15 04:14 - 2016-03-16 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-07-15 04:14 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-07-15 04:14 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-07-15 04:14 - 2016-03-06 11:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-15 04:14 - 2016-03-06 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-07-15 04:14 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-15 04:14 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-07-15 04:14 - 2016-02-02 11:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-07-15 04:14 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-07-15 04:14 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-07-15 04:14 - 2015-11-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-07-15 04:14 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-07-15 04:14 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-07-15 04:14 - 2015-11-13 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-07-15 04:14 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-07-15 04:14 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-07-15 04:14 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-07-15 04:14 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-07-15 04:14 - 2015-07-10 10:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-07-15 04:14 - 2015-07-10 10:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-07-15 04:14 - 2015-07-10 10:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-07-15 04:14 - 2015-07-10 10:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-07-15 04:14 - 2015-07-10 10:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-07-15 04:14 - 2015-07-10 10:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-07-15 04:14 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-07-15 04:14 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-07-15 04:14 - 2015-05-25 11:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-07-15 04:14 - 2015-05-25 11:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-07-15 04:14 - 2015-05-25 11:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-07-15 04:14 - 2015-05-25 11:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-07-15 04:14 - 2015-05-25 11:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-07-15 04:14 - 2015-05-25 11:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-07-15 04:14 - 2015-05-25 11:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-07-15 04:14 - 2015-05-25 11:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-07-15 04:14 - 2015-05-25 11:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-07-15 04:14 - 2015-05-25 11:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-07-15 04:14 - 2015-05-25 11:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-07-15 04:14 - 2015-05-25 11:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-07-15 04:14 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-07-15 04:14 - 2014-12-11 10:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-07-15 04:14 - 2014-08-11 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-07-15 04:14 - 2014-08-11 18:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-07-15 04:14 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-07-15 04:14 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-07-15 04:14 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-07-15 04:14 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-07-15 04:14 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-07-15 04:14 - 2012-11-28 15:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-07-15 04:14 - 2012-11-28 15:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-07-15 04:14 - 2012-11-28 15:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-07-15 04:14 - 2012-10-09 11:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-07-15 04:14 - 2012-10-09 11:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-07-15 04:14 - 2012-10-09 10:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-07-15 04:14 - 2012-10-09 10:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-07-15 04:14 - 2011-06-15 22:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2016-07-15 04:14 - 2011-06-15 21:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2016-07-15 04:14 - 2011-06-15 03:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2016-07-15 04:14 - 2011-06-15 03:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2016-07-15 04:14 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2016-07-15 04:14 - 2011-06-15 03:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2016-07-15 04:14 - 2011-06-15 01:55 - 00319488 _____ (Microsoft Corporation) C:\W

#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,165 posts

Posted 22 July 2016 - 07:05 AM

Hello, Welcome to SpywareInfo
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

No malicious malware was found. This is a suggested cleanup.

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 

start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingc...best-practices/


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 114 posts

Posted 29 July 2016 - 02:38 PM

Now that I've done what you have said.  I have this strange error message at startup.  It goes away if i hit ok on it.

 

attached below is a small pic of the image (I hope its okay for me to attach it as I don't want people thinking its malware)

 

 

Thanks for your help!

Attached Thumbnails

  • errormsg.jpg


#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,165 posts

Posted 30 July 2016 - 06:51 AM

Run the Farbar tool one more time.
This time post the FRST and the Addition.txt files that will be created.

I suspect some Startup entry is causing this.
It's nothing to worry about other then being a nuisance.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 114 posts

Posted 31 July 2016 - 02:08 AM

FRST: 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Marty (administrator) on MARTY-PC (31-07-2016 00:08:06)
Running from C:\Users\Marty\Documents\Malware removal tools
Loaded Profiles: Marty (Available Profiles: Marty)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Camshare, Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(NVIDIA Corporation) C:\Users\Marty\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Marty\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Marty\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Macrovision Europe Ltd.) C:\Users\Marty\AppData\Local\Temp\Creative_Audio_Engine_Cleanup.0001
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-07-07] (Razer Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Camfrog] => C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe [15710776 2016-05-18] (Camshare, Inc.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.4\kpm.exe [8087880 2015-12-11] (AO Kaspersky Lab)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10174288 2016-06-05] (Visicom Media Inc.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\MountPoints2: {71ca4d3e-49f7-11e6-9229-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9C9A37F5-92A4-435E-A398-A69EB7FA054E}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-04-29]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Adblock Plus) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-14]
CHR Extension: (Excel Viewer, Editor) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpdiahdjhpfaafoffpoaafcmjbcfmaj [2016-07-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14]
CHR Extension: (GAuth Authenticator) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2016-07-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-07-14]
CHR Extension: (Gmail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-03-14] (Camshare Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
R3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-07-21] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236976 2016-04-29] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-07-31] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [997808 2016-04-29] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-28 16:32 - 2016-07-28 16:32 - 00000000 _____ C:\Users\Marty\Desktop\malcom's new address.txt
2016-07-28 00:29 - 2016-07-28 00:29 - 00000000 ____D C:\Users\Marty\AppData\Local\CrashRpt
2016-07-27 22:49 - 2016-07-27 22:49 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-07-27 22:49 - 2016-07-27 22:49 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-07-27 19:57 - 2016-07-30 16:03 - 00062068 _____ C:\Windows\system32\BMXState-{0000000B-00000000-00000000-00001102-0000000B-00431102}.rfx
2016-07-27 19:57 - 2016-07-30 16:03 - 00000820 _____ C:\Windows\system32\DVCState-{0000000B-00000000-00000000-00001102-0000000B-00431102}.rfx
2016-07-27 19:55 - 2016-07-27 19:56 - 00000159 ___RH C:\Windows\ctfile.rfc
2016-07-27 19:55 - 2009-06-29 10:56 - 00212992 _____ C:\Windows\system32\APOMgr64.DLL
2016-07-27 19:55 - 2009-06-29 10:54 - 00164864 _____ C:\Windows\SysWOW64\APOMngr.DLL
2016-07-27 19:55 - 2009-02-17 17:33 - 00113152 _____ (Creative Technology Ltd) C:\Windows\system32\cttele64.dll
2016-07-27 19:55 - 2009-02-17 17:33 - 00106496 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll
2016-07-27 19:55 - 2009-02-06 18:53 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2016-07-27 19:55 - 2009-02-06 18:52 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2016-07-27 17:52 - 2016-07-27 17:52 - 00000133 _____ C:\Users\Marty\Documents\merchanting atm.txt
2016-07-27 16:24 - 2016-07-27 16:24 - 05655712 _____ C:\Users\Marty\Desktop\Tibia_Setup.exe
2016-07-27 16:24 - 2016-07-27 16:24 - 00001012 _____ C:\Users\Marty\Desktop\Tibia.lnk
2016-07-27 16:24 - 2016-07-27 16:24 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia
2016-07-27 16:24 - 2016-07-27 16:24 - 00000000 ____D C:\Users\Marty\AppData\Local\Tibia
2016-07-26 17:26 - 2016-07-26 17:26 - 05087850 _____ C:\Users\Marty\Desktop\Flash maps with markers.zip
2016-07-26 17:26 - 2016-07-26 17:26 - 00000000 ____D C:\Users\Marty\Desktop\Flash maps with markers
2016-07-26 17:25 - 2016-07-26 17:25 - 03488041 _____ C:\Users\Marty\Desktop\Automap-with-markers.zip
2016-07-26 17:25 - 2016-07-26 17:25 - 00000000 ____D C:\Users\Marty\Desktop\Automap-with-markers
2016-07-25 14:33 - 2016-07-25 14:33 - 49838592 _____ (Creative Technology Ltd) C:\Users\Marty\Desktop\XFTI_PCDRV_LB_2_17_0008 (1).exe
2016-07-25 13:58 - 2016-07-25 13:58 - 49838592 _____ (Creative Technology Ltd) C:\Users\Marty\Downloads\XFTI_PCDRV_LB_2_17_0008.exe
2016-07-25 03:17 - 2016-07-30 16:03 - 00062068 _____ C:\Windows\system32\BMXStateBkp-{0000000B-00000000-00000000-00001102-0000000B-00431102}.rfx
2016-07-25 03:15 - 2016-07-25 03:15 - 00221426 _____ C:\Users\Marty\Desktop\cc_20160725_031507.reg
2016-07-25 03:14 - 2016-07-25 03:14 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-25 03:14 - 2016-07-25 03:14 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-25 03:14 - 2016-07-25 03:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-25 03:14 - 2016-07-25 03:14 - 00000000 ____D C:\Program Files\CCleaner
2016-07-25 03:04 - 2016-07-25 03:04 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-25 03:04 - 2016-07-10 15:36 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-25 03:04 - 2016-05-03 19:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-25 03:04 - 2016-05-03 19:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-07-25 03:04 - 2016-05-03 19:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-07-25 03:04 - 2016-05-03 19:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-24 17:03 - 2016-07-24 17:04 - 00000007 _____ C:\Users\Marty\Desktop\wanted 2008 movie timer at.txt
2016-07-24 16:08 - 2016-07-24 20:43 - 00000000 ____D C:\Users\Marty\AppData\Local\ManyCam
2016-07-24 16:08 - 2016-07-24 16:08 - 00000995 _____ C:\Users\Public\Desktop\ManyCam.lnk
2016-07-24 16:08 - 2016-07-24 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-07-24 16:08 - 2016-07-24 16:08 - 00000000 ____D C:\ProgramData\ManyCam
2016-07-24 16:07 - 2016-07-24 16:08 - 00000000 ____D C:\Users\Marty\AppData\Roaming\ManyCam
2016-07-24 16:07 - 2016-07-24 16:08 - 00000000 ____D C:\Program Files (x86)\ManyCam
2016-07-24 03:43 - 2016-07-24 03:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzkeypadendpt_01009.Wdf
2016-07-23 23:28 - 2016-07-30 08:22 - 00000000 ____D C:\Users\Marty\Documents\tibia
2016-07-23 23:28 - 2016-07-26 17:24 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Tibia
2016-07-23 20:15 - 2016-07-23 20:15 - 00000041 _____ C:\Users\Marty\Desktop\crafting exp.txt
2016-07-23 17:44 - 2015-12-14 14:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-07-23 17:44 - 2015-09-22 14:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-07-23 17:43 - 2016-07-23 17:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2016-07-23 17:42 - 2016-07-23 17:44 - 00000000 ____D C:\Users\Marty\AppData\Local\Razer
2016-07-23 17:42 - 2016-07-23 17:44 - 00000000 ____D C:\ProgramData\Razer
2016-07-23 17:42 - 2016-07-23 17:44 - 00000000 ____D C:\Program Files (x86)\Razer
2016-07-23 17:42 - 2016-07-23 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-07-23 17:41 - 2016-07-23 17:41 - 22723088 _____ (Razer Inc.) C:\Users\Marty\Desktop\Razer_Synapse_Framework_V2.20.15.707.exe
2016-07-23 17:07 - 2016-07-23 17:07 - 00000222 _____ C:\Users\Marty\Desktop\Path of Exile.url
2016-07-22 10:09 - 2016-07-30 06:57 - 00000400 __RSH C:\ProgramData\ntuser.pol
2016-07-22 10:09 - 2016-07-22 10:09 - 00937080 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Marty\Desktop\rufus-2.10.exe
2016-07-22 09:39 - 2016-07-22 09:43 - 313646408 _____ C:\Users\Marty\Downloads\pfSense-CE-memstick-2.3.1-RELEASE-amd64.img.gz
2016-07-21 21:33 - 2016-07-21 21:33 - 12290974 _____ (ImageWriter Developers ) C:\Users\Marty\Desktop\Win32DiskImager-0.9.5-install.exe
2016-07-21 21:33 - 2016-07-21 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-07-21 21:33 - 2016-07-21 21:33 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-07-21 21:21 - 2016-07-21 21:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-07-21 21:18 - 2016-07-21 21:18 - 04713984 _____ (Geza Kovacs) C:\Users\Marty\Desktop\unetbootin-windows-625.exe
2016-07-21 21:17 - 2016-07-21 21:17 - 01378550 _____ (Igor Pavlov) C:\Users\Marty\Desktop\7z1602-x64.exe
2016-07-21 21:17 - 2016-07-21 21:17 - 00000000 ____D C:\Users\Marty\Desktop\pfSense-CE-memstick-2.3.1-RELEASE-amd64 (1).img
2016-07-21 21:17 - 2016-07-21 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-07-21 21:17 - 2016-07-21 21:17 - 00000000 ____D C:\Program Files\7-Zip
2016-07-21 21:17 - 2016-05-17 17:59 - 684548096 _____ C:\Users\Marty\Desktop\pfSense-CE-memstick-2.3.1-RELEASE-amd64.img
2016-07-21 21:13 - 2016-07-21 21:15 - 313646408 _____ C:\Users\Marty\Desktop\pfSense-CE-memstick-2.3.1-RELEASE-amd64 (1).img.gz
2016-07-21 21:08 - 2016-07-22 10:37 - 00000600 _____ C:\Users\Marty\AppData\Local\PUTTY.RND
2016-07-21 21:07 - 2016-07-21 21:07 - 00531368 _____ (Simon Tatham) C:\Users\Marty\Desktop\putty.exe
2016-07-21 21:06 - 2016-07-21 21:08 - 313646408 _____ C:\Users\Marty\Desktop\pfSense-CE-memstick-2.3.1-RELEASE-amd64.img.gz
2016-07-21 12:48 - 2016-07-21 12:48 - 00000000 ____D C:\Users\Marty\Documents\WB Games
2016-07-21 10:33 - 2016-07-31 00:08 - 00000000 ____D C:\FRST
2016-07-21 10:26 - 2016-07-31 00:08 - 00000000 ____D C:\Users\Marty\Documents\Malware removal tools
2016-07-21 10:05 - 2016-07-21 10:05 - 00001296 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-07-21 10:05 - 2016-07-21 10:05 - 00000000 ____D C:\Users\Marty\AppData\Local\Kaspersky Lab
2016-07-21 10:05 - 2016-07-21 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-07-21 09:56 - 2016-07-21 09:56 - 00001897 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-07-21 09:56 - 2016-07-21 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-07-21 09:15 - 2016-07-21 09:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-21 09:14 - 2016-07-21 09:14 - 00000000 ____D C:\ProgramData\Kingsoft
2016-07-21 08:33 - 2016-07-21 08:33 - 00000222 _____ C:\Users\Marty\Desktop\Middle-earth Shadow of Mordor.url
2016-07-21 02:27 - 2016-07-21 02:27 - 00024151 _____ C:\Users\Marty\Desktop\Advanced.vdffz
2016-07-21 02:27 - 2016-07-21 02:27 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flaming Zonkey
2016-07-21 02:26 - 2016-07-21 02:26 - 00005820 _____ C:\Users\Marty\Desktop\SteamControllerDBClient.application
2016-07-20 16:59 - 2016-07-20 16:59 - 00000073 _____ C:\Users\Marty\Desktop\merching information 7-20-2016.txt
2016-07-20 16:22 - 2016-07-20 16:22 - 00000000 ____D C:\Users\Marty\Documents\borderless gaming
2016-07-20 13:48 - 2016-07-20 13:48 - 00597504 _____ (RAD Game Tools, Inc.) C:\Windows\system32\mss64.dll
2016-07-20 13:47 - 2016-07-20 13:47 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\IEShims.dll
2016-07-20 13:45 - 2016-07-20 13:45 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-07-20 13:44 - 2016-07-20 13:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-winrt-string-l1-1-0.dll
2016-07-20 13:43 - 2016-07-20 13:43 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-winrt-robuffer-l1-1-0.dll
2016-07-20 12:56 - 2016-07-20 12:56 - 00000029 _____ C:\Users\Marty\Desktop\ALISTAR FROM LAST GAME.txt
2016-07-19 16:39 - 2016-07-28 18:07 - 00000000 ____D C:\Users\Marty\AppData\Local\CrashDumps
2016-07-19 09:31 - 2016-07-21 17:37 - 00000000 ____D C:\Users\Marty\AppData\Local\PAYDAY 2
2016-07-19 04:17 - 2016-07-19 04:17 - 00000222 _____ C:\Users\Marty\Desktop\PAYDAY 2.url
2016-07-19 03:19 - 2016-07-19 03:20 - 14786752 _____ (Adobe Systems, Inc.) C:\Users\Marty\Desktop\flashplayer_22_sa.exe
2016-07-18 23:01 - 2016-07-18 23:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-07-18 23:01 - 2016-07-18 23:01 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-18 22:34 - 2016-07-18 22:34 - 00000000 ____D C:\782371daa6b6b8e823
2016-07-18 21:31 - 2016-07-18 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-07-18 21:31 - 2016-07-18 21:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2016-07-18 21:29 - 2016-07-18 21:29 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-18 21:09 - 2016-07-18 21:09 - 07878008 _____ (Microsoft Corporation) C:\Users\Marty\Desktop\Xbox360_64Eng.exe
2016-07-18 20:55 - 2016-07-18 20:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2016-07-18 20:53 - 2016-07-18 20:53 - 00000000 ____D C:\Program Files (x86)\XBox 360 Controller for Windows Software
2016-07-18 19:53 - 2016-07-18 19:55 - 00000000 ____D C:\Users\Marty\AppData\Roaming\DarkSoulsIII
2016-07-18 19:29 - 2016-07-18 19:29 - 00000222 _____ C:\Users\Marty\Desktop\DARK SOULS III.url
2016-07-18 17:38 - 2016-07-18 21:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\4819709F.sys
2016-07-18 14:51 - 2016-06-25 17:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-18 14:51 - 2016-06-25 17:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-18 14:51 - 2016-06-22 06:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-18 14:51 - 2016-06-17 11:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-18 14:51 - 2016-06-10 23:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-18 14:51 - 2016-06-10 21:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-18 14:51 - 2016-06-10 14:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-18 14:51 - 2016-06-10 14:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-18 14:51 - 2016-06-10 14:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-18 14:51 - 2016-06-10 14:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-18 14:51 - 2016-06-10 14:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-18 14:51 - 2016-06-10 14:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-18 14:51 - 2016-06-10 14:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-18 14:51 - 2016-06-10 14:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-18 14:51 - 2016-06-10 14:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-18 14:51 - 2016-06-10 14:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-18 14:51 - 2016-06-10 14:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-18 14:51 - 2016-06-10 14:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-18 14:51 - 2016-06-10 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-18 14:51 - 2016-06-10 14:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-18 14:51 - 2016-06-10 14:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-18 14:51 - 2016-06-10 14:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-18 14:51 - 2016-06-10 13:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-18 14:51 - 2016-06-10 13:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-18 14:51 - 2016-06-10 13:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-18 14:51 - 2016-06-10 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-18 14:51 - 2016-06-10 13:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-18 14:51 - 2016-06-10 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-18 14:51 - 2016-06-10 13:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-18 14:51 - 2016-06-10 13:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-18 14:51 - 2016-06-10 13:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-18 14:51 - 2016-06-10 13:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-18 14:51 - 2016-06-10 13:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-18 14:51 - 2016-06-10 13:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-18 14:51 - 2016-06-10 13:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-18 14:51 - 2016-06-10 13:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-18 14:51 - 2016-06-10 12:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-18 14:51 - 2016-06-10 12:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-18 14:51 - 2016-06-10 12:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-18 14:51 - 2016-06-10 12:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-18 14:51 - 2016-06-10 12:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-18 14:51 - 2016-06-10 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-18 14:51 - 2016-06-10 11:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-18 14:51 - 2016-06-10 11:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-18 14:51 - 2016-06-10 11:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-18 14:51 - 2016-06-10 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-18 14:51 - 2016-06-10 11:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-18 14:51 - 2016-06-10 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-18 14:51 - 2016-06-10 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-18 14:51 - 2016-06-10 11:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-18 14:51 - 2016-06-10 11:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-18 14:51 - 2016-06-10 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-18 14:51 - 2016-06-10 11:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-18 14:51 - 2016-06-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-18 14:51 - 2016-06-10 11:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-18 14:51 - 2016-06-10 11:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-18 14:51 - 2016-06-10 11:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-18 14:51 - 2016-06-10 11:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-18 14:51 - 2016-06-10 11:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-18 14:51 - 2016-06-10 11:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-18 14:51 - 2016-06-10 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-18 14:51 - 2016-06-10 11:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-18 14:51 - 2016-06-10 11:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-18 14:51 - 2016-06-10 11:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-18 14:51 - 2016-06-10 10:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-18 14:51 - 2016-06-10 10:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-18 14:51 - 2016-06-10 10:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-18 14:51 - 2016-06-10 10:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-18 14:51 - 2016-03-23 15:40 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-07-18 14:51 - 2015-11-10 11:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-07-18 14:51 - 2015-11-10 11:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-07-18 14:51 - 2015-11-10 11:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-07-18 14:51 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-07-18 14:51 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-07-18 14:51 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-07-18 14:51 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-07-18 14:51 - 2011-03-10 23:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-07-18 14:51 - 2011-03-10 23:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2016-07-18 14:51 - 2011-03-10 23:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-07-18 14:51 - 2011-03-10 23:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2016-07-18 14:51 - 2011-03-10 22:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-07-18 14:51 - 2011-03-10 22:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2016-07-18 14:50 - 2016-04-14 06:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-07-18 14:50 - 2016-04-14 06:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-07-18 14:50 - 2016-04-08 21:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-07-18 14:50 - 2016-04-08 20:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-07-18 14:50 - 2015-12-08 14:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-07-18 14:50 - 2015-12-08 12:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-18 14:50 - 2015-07-30 11:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-07-18 14:50 - 2015-07-30 10:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-07-18 14:50 - 2015-02-03 20:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-07-18 14:50 - 2015-02-03 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-07-18 07:55 - 2016-07-18 07:55 - 00000000 ____D C:\Users\Marty\AppData\Local\GWX
2016-07-17 22:27 - 2016-07-19 20:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-17 22:27 - 2016-07-19 20:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-17 22:27 - 2016-07-17 22:27 - 00000000 ____D C:\Windows\EOONotify
2016-07-17 22:10 - 2016-07-17 22:10 - 00000222 _____ C:\Users\Marty\Desktop\Insurgency.url
2016-07-17 21:23 - 2016-07-17 21:23 - 00053818 _____ C:\Users\Marty\Desktop\(New) Runescape Merchanting spreadsheet.xlsx
2016-07-17 21:22 - 2016-07-17 21:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2016-07-17 14:52 - 2016-07-21 13:36 - 00000000 ____D C:\Users\Marty\AppData\Local\Kingsoft
2016-07-17 14:51 - 2016-07-21 09:14 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Kingsoft
2016-07-17 14:51 - 2016-07-17 14:51 - 00000000 ____D C:\Program Files (x86)\Kingsoft
2016-07-17 14:48 - 2016-07-17 14:51 - 47755504 _____ (Kingsoft Corp. Ltd.) C:\Users\Marty\Desktop\office_free_2013.exe
2016-07-17 14:42 - 2016-07-17 14:44 - 140783556 _____ C:\Users\Marty\Desktop\Apache_OpenOffice_4.1.2_Win_x86_install_en-US.exe
2016-07-17 14:24 - 2016-07-17 15:22 - 00069329 _____ C:\Users\Marty\Desktop\Excel Runescape Flipping Spreadsheet.xlsx
2016-07-17 14:13 - 2016-07-17 14:13 - 00031280 _____ C:\Users\Marty\Desktop\Matt's Merchanting.xls.xlsx
2016-07-16 23:05 - 2016-07-16 23:05 - 00000000 ____D C:\Users\Marty\AppData\Local\StreetFighterV
2016-07-16 20:05 - 2016-07-16 20:05 - 00000222 _____ C:\Users\Marty\Desktop\Street Fighter V.url
2016-07-16 10:05 - 2016-07-16 10:05 - 00000000 _____ C:\Users\Marty\Desktop\movie to watch (wanted).txt
2016-07-16 07:46 - 2016-07-16 07:46 - 00000233 _____ C:\Users\Marty\Desktop\Tom Clancy's The Division.url
2016-07-16 07:46 - 2016-07-16 07:46 - 00000233 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's The Division.url
2016-07-16 06:31 - 2016-07-16 06:33 - 00000000 ____D C:\Users\Marty\Documents\Overwatch
2016-07-16 00:25 - 2016-07-25 03:14 - 00000000 ____D C:\Windows\Minidump
2016-07-15 16:47 - 2016-07-15 16:50 - 00000000 ____D C:\Windows\system32\MRT
2016-07-15 16:47 - 2016-07-15 16:47 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-15 11:37 - 2015-01-08 16:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2016-07-15 11:37 - 2015-01-08 16:43 - 00419936 _____ C:\Windows\system32\locale.nls
2016-07-15 11:23 - 2015-07-30 06:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-15 11:23 - 2015-07-30 06:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-15 11:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-07-15 11:17 - 2016-07-15 11:17 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-07-15 11:17 - 2016-07-15 11:17 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-07-15 11:17 - 2016-07-15 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-07-15 11:17 - 2016-07-15 11:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-07-15 11:17 - 2016-07-15 11:17 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-07-15 11:17 - 2016-07-15 11:17 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-15 11:17 - 2016-07-15 11:17 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-07-15 11:11 - 2016-07-15 11:11 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-07-15 11:11 - 2016-07-15 11:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-07-15 10:15 - 2012-07-25 20:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-07-15 10:15 - 2012-07-25 20:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-07-15 10:15 - 2012-07-25 19:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-07-15 10:15 - 2012-07-25 19:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-07-15 10:15 - 2012-06-02 07:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-07-15 10:07 - 2012-02-29 23:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-07-15 10:07 - 2012-02-29 23:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-07-15 10:07 - 2012-02-29 22:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-07-15 10:03 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-07-15 10:03 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-07-15 10:03 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-07-15 10:03 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-07-15 10:03 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-07-15 10:03 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-07-15 10:03 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-07-15 10:03 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-07-15 04:15 - 2015-01-08 20:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-07-15 04:15 - 2015-01-08 19:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-07-15 04:14 - 2016-03-17 15:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-15 04:14 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-15 04:14 - 2016-03-16 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-07-15 04:14 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-07-15 04:14 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-07-15 04:14 - 2016-03-06 11:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-15 04:14 - 2016-03-06 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-07-15 04:14 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-15 04:14 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-07-15 04:14 - 2016-02-02 11:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-07-15 04:14 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-07-15 04:14 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-07-15 04:14 - 2015-11-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-07-15 04:14 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-07-15 04:14 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-07-15 04:14 - 2015-11-13 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-07-15 04:14 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-07-15 04:14 - 2015-07-15 11:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-07-15 04:14 - 2015-07-15 11:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-07-15 04:14 - 2015-07-15 11:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-07-15 04:14 - 2015-07-10 10:51 -

#6 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 114 posts

Posted 31 July 2016 - 03:14 AM

Sorry, ran out of room in the previous post..Below are the full results of Addition.txt :

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by Marty (2016-07-31 00:08:48)
Running from C:\Users\Marty\Documents\Malware removal tools
Windows 7 Ultimate Service Pack 1 (X64) (2016-07-14 19:27:34)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2836415364-1053990731-2268990577-500 - Administrator - Disabled)
Guest (S-1-5-21-2836415364-1053990731-2268990577-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2836415364-1053990731-2268990577-1002 - Limited - Enabled)
Marty (S-1-5-21-2836415364-1053990731-2268990577-1000 - Administrator - Enabled) => C:\Users\Marty
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASTRO Command Center (HKLM-x32\...\{43D37D7F-1FCC-4B00-ADCF-44C48629C18B}) (Version: 1.0.85 - Astro Gaming)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.549 - Camshare, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Creative 3DMIDI Player (HKLM-x32\...\3DMIDI) (Version: 1.11 - Creative Technology Limited)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version:  - Creative Technology Limited)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Far Cry Primal (HKLM\...\Steam App 371660) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{F46A1003-7E9A-418C-8149-C6AF1EAF6B89}) (Version: 8.0.4.394 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.4.394 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.3.0 (HKLM-x32\...\ManyCam) (Version: 5.3.0 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Controller Database Client (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\143ba96d0d39f1c2) (Version: 1.0.0.10 - Flaming Zonkey)
Street Fighter V (HKLM\...\Steam App 310950) (Version:  - Capcom)
Tibia (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Tibia) (Version:  - CipSoft GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04999245-04AC-47DB-84DA-80393FCD2BC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {19D66E5B-29D7-4A15-80D5-8EB83AA2826D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {3D8F6540-8177-4110-85F3-FE0CE056EE9C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {50F401A7-B875-49BE-ACD3-4F346A4EA71B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {6D8F8B7F-4E70-469A-A350-36A81DBC3B69} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {71340D4D-35E3-448B-B396-5E9EAD54D629} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {D3587EB3-A87E-4EDA-91D1-E8E08B01EED2} - System32\Tasks\ASUS\i-Setup125549 => C:\Windows\Chipset\AsusSetup.exe [2013-08-22] (ASUSTeK Computer Inc.)
Task: {FC40276F-D1FA-4A57-954E-363D40CA1426} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-14 13:39 - 2016-07-10 16:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-11-04 16:11 - 2015-11-04 16:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-14 13:40 - 2016-06-14 13:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-06-14 19:39 - 2016-06-14 19:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-07-14 13:14 - 2016-06-23 06:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-07-14 13:14 - 2016-06-23 06:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
2016-07-14 13:40 - 2016-06-14 13:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-14 14:04 - 2016-04-29 13:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-14 14:04 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-14 14:04 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-14 14:04 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-14 14:04 - 2016-07-08 18:06 - 02317904 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-14 14:04 - 2016-02-08 16:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-14 14:04 - 2016-02-08 16:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-14 14:04 - 2016-02-08 16:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-14 14:04 - 2016-02-08 16:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-14 14:04 - 2016-02-08 16:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-14 14:04 - 2016-07-08 18:06 - 00829520 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-01 02:23 - 2014-10-01 02:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 02:24 - 2014-10-01 02:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 02:25 - 2014-10-01 02:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 02:24 - 2014-10-01 02:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 02:24 - 2014-10-01 02:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2016-07-27 19:55 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2016-07-27 19:55 - 2009-06-29 10:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2016-07-31 00:04 - 2016-07-31 00:04 - 00697884 _____ () C:\Users\Marty\AppData\Local\Temp\Creative_Audio_Engine_Cleanup.0001.dir.0001\~df394b.tmp
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2016-06-22 19:34 - 2016-06-22 19:34 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-07-23 17:44 - 2015-08-27 14:30 - 40622592 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2010-07-07 20:33 - 2010-07-07 20:33 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL
2016-07-14 14:04 - 2016-06-14 12:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-07-23 17:44 - 2015-10-06 12:26 - 50656768 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-07-23 17:44 - 2015-10-06 12:26 - 01874944 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-07-23 17:44 - 2015-10-06 12:26 - 00075264 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-07-23 17:44 - 2015-08-27 14:30 - 00911360 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-07-23 17:44 - 2015-08-27 14:30 - 00134144 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-07-14 13:27 - 2016-05-13 01:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F244379D-9D51-4F97-8B76-2CDD9B61C095}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D5D51C8B-0F8C-4DE4-BD77-CF34288CE785}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{44D400C4-097E-470C-BD5B-A02CF5C04062}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D5B4578C-2DDB-4D76-BAFB-3F7A7F85CE09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FEE06B79-C9E4-4010-B767-E2CBF0BFDE90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B559B322-7786-42BB-B496-77C14BBB31CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{421E3D22-EF20-4C43-9E81-751F9F829CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C2B9976B-EC0D-4495-A55F-77BD918128C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B938A5B6-40CB-41DB-86C1-2724E50325FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B44384B-5E04-4FCD-8E72-985BC0A098BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7A08735B-6A4D-42E2-BF61-5CB9D779BBAE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{99606366-D687-4D51-8C4E-9CC4D8E693AA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F812BD95-0886-49D1-8A24-38A75FBA8348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EC6D51DE-57E3-4464-9E6D-70ED6B4D1F61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3C7892EC-C4FA-4C70-BBF3-C904779E0963}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5C1D3883-5852-4160-A7E5-DE0664BF6890}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{F8E05FBB-76B4-41E7-AC01-AA84CDC21143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{BC1E5F5E-F127-418F-BB5B-5E0141EC0B39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{8BD325F3-13F5-4B94-A470-841646E9339F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{E7866DC3-EAD4-4DDF-AF98-D2D3501C3790}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{F4FC4F81-7248-487E-AFA8-49A1C385627C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{6BCFD232-A14D-4439-8F65-9048B11ECB61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{FBFF976E-4455-4B66-B191-C08716A62B7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{CB5557A7-B4AD-4BC3-92C2-37EBAC2C9513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3528BD83-705E-47DD-BCF9-EF8CDBECD89F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{B4BEE518-0F78-465E-A138-73314A8F0049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{B3B9A405-DF94-418D-9BB8-094A6C4C2E80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{5E794FDB-5E11-4F9F-A3F6-D68E7076B56B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BDB6D104-ADB1-4C35-BD77-5463E7BD365F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BF25BCC0-612F-4970-A559-597D9EA55F03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{29925493-1838-4D5D-8A4E-C063942C0FF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
 
==================== Restore Points =========================
 
27-07-2016 19:31:39 Removed DTS Connect Pack
27-07-2016 19:36:59 Removed Creative Audio Control Panel
27-07-2016 19:38:09 Installed Creative Audio Control Panel
27-07-2016 19:38:33 Installed Creative Software AutoUpdate
27-07-2016 19:41:15 Installed Creative Audio Control Panel
27-07-2016 19:41:54 Installed Creative Software AutoUpdate
27-07-2016 19:48:47 Installed Creative Audio Control Panel
27-07-2016 19:49:25 Installed Creative Software AutoUpdate
27-07-2016 19:56:41 Installed Creative Audio Control Panel
27-07-2016 19:57:27 Installed Creative Software AutoUpdate
29-07-2016 07:00:55 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: HID-compliant game controller
Description: HID-compliant game controller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: HID-compliant game controller
Description: HID-compliant game controller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/31/2016 12:06:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/30/2016 06:58:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/29/2016 09:07:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/29/2016 04:14:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/28/2016 06:07:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DarkSoulsIII.exe, version: 1.6.0.0, time stamp: 0x5784ea2e
Faulting module name: ntdll.dll, version: 6.1.7601.23418, time stamp: 0x5708a857
Exception code: 0xc0000005
Fault offset: 0x0000000000048d84
Faulting process id: 0x59fc
Faulting application start time: 0xDarkSoulsIII.exe0
Faulting application path: DarkSoulsIII.exe1
Faulting module path: DarkSoulsIII.exe2
Report Id: DarkSoulsIII.exe3
 
Error: (07/28/2016 06:01:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/28/2016 12:30:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/27/2016 11:04:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/27/2016 11:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kpm.exe, version: 8.0.4.394, time stamp: 0x566aef81
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a7e4
Exception code: 0x42849fd0
Fault offset: 0x0000c54f
Faulting process id: 0x113c
Faulting application start time: 0xkpm.exe0
Faulting application path: kpm.exe1
Faulting module path: kpm.exe2
Report Id: kpm.exe3
 
Error: (07/27/2016 10:35:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2554
 
Start Time: 01d1e891d70958fc
 
Termination Time: 5
 
Application Path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
 
Report Id: 1f3ef1a4-5485-11e6-82fe-10c37b6f461d
 
 
System errors:
=============
Error: (07/31/2016 12:04:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (07/30/2016 04:03:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (07/30/2016 06:57:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (07/29/2016 11:02:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (07/29/2016 09:05:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (07/29/2016 04:12:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (07/29/2016 04:12:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:17:46 PM on ‎7/‎29/‎2016 was unexpected.
 
Error: (07/28/2016 05:59:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (07/28/2016 12:50:31 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (07/28/2016 12:28:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 69%
Total physical RAM: 4031 MB
Available physical RAM: 1220.17 MB
Total Virtual: 8060.19 MB
Available Virtual: 4706.22 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:419.18 GB) (Free:145.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000CE7FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 9116D930)
Partition 1: (Not Active) - (Size=419.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,165 posts

Posted 31 July 2016 - 08:12 AM


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
CloseProcesses:

Task: {D3587EB3-A87E-4EDA-91D1-E8E08B01EED2} - System32\Tasks\ASUS\i-Setup125549 => C:\Windows\Chipset\AsusSetup.exe [2013-08-22] (ASUSTeK Computer Inc.)

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Is the problem persisting?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!