Jump to content


Photo

My solid state drive has little space left on it


  • This topic is locked This topic is locked
11 replies to this topic

#1 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 01 January 2017 - 07:07 PM

Here is a link too the old post: http://www.spywarein...id-state-drive/

 

My solid state drive has only 21.7 GB free of 419 GB.  It's a 500 gb drive.

 

I don't know why it's filled up so much.

 

Below is Malwarebytes log: 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/1/2017
Scan Time: 4:55 PM
Logfile: MalwarebytesScan 1-1-2017.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2017.01.01.03
Rootkit Database: v2016.11.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marty
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295444
Time Elapsed: 6 min, 9 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Below is Addition.txt: 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Marty (01-01-2017 17:03:28)
Running from C:\Users\Marty\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-07-14 19:27:34)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2836415364-1053990731-2268990577-500 - Administrator - Disabled)
Guest (S-1-5-21-2836415364-1053990731-2268990577-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2836415364-1053990731-2268990577-1002 - Limited - Enabled)
Marty (S-1-5-21-2836415364-1053990731-2268990577-1000 - Administrator - Enabled) => C:\Users\Marty
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acquisition version 0.5g (HKLM-x32\...\{53E25C0C-0305-47BB-9884-F0F202297AF4}_is1) (Version: 0.5g - )
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASTRO Command Center (HKLM-x32\...\{78FAE775-D963-4031-97CC-75D96FF648EB}) (Version: 1.0.121 - Astro Gaming)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camfrog Video Chat 6.11 (HKLM-x32\...\Camfrog) (Version: 6.11.576 - Camshare, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Creative 3DMIDI Player (HKLM-x32\...\3DMIDI) (Version: 1.11 - Creative Technology Limited)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dasher (HKLM-x32\...\Dasher) (Version:  - Internet Chess Club)
Diablo II (HKLM-x32\...\Diablo II) (Version: 0.0.0.0 - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version:  - Creative Technology Limited)
Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dying Light (HKLM\...\Steam App 239140) (Version:  - Techland)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Far Cry Primal (HKLM\...\Steam App 371660) (Version:  - Ubisoft)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\{b1eb8775-bc01-49f5-9885-9ff3c9b4a7a3}) (Version: 6.5.57 - Grammarly)
Grammarly for Microsoft® Office Suite (Version: 6.5.57 - Grammarly) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_10.0.26.0396) (Version: 10.0.26.0396 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kali II (HKLM-x32\...\Kali II) (Version:  - )
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.6.0 (HKLM-x32\...\ManyCam) (Version: 5.6.0 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MindZoom 2.2.0 Plus (HKLM-x32\...\MindZoom_is1) (Version:  - mindzoom.net)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
NoPing Elite v12 (HKLM\...\{A055C9E5-6AB5-4A7C-8035-828B6B58DE02}) (Version: 12.0.0.1 - 1ncrivel Sistemas)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.6 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenGL Extensions Viewer 4.1 (HKLM-x32\...\GLVIEW3) (Version: 452 - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM-x32\...\{c3768c1f-ad0f-4302-828f-91fbdd3a7bb0}) (Version: 2.5.1.3949 - Grinding Gear Games)
Path of Exile (x32 Version: 2.5.1.3949 - Grinding Gear Games) Hidden
PlayChess  (HKLM\...\PlayChess) (Version:  - ChessBase GmbH)
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skullgirls (HKLM\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Controller Database Client (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\143ba96d0d39f1c2) (Version: 1.0.0.10 - Flaming Zonkey)
Street Fighter V (HKLM\...\Steam App 310950) (Version:  - Capcom)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Hell (HKLM-x32\...\TheHell) (Version: 1.205a - Mordor & TH Team)
Tibia (HKLM-x32\...\Tibia_is1) (Version: 10.00 - CipSoft GmbH)
Tibia (HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Tibia) (Version:  - CipSoft GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TortoiseSVN 1.9.4.27285 (64 bit) (HKLM\...\{62C19AB2-8485-4E18-A9D3-EFA612B8AE74}) (Version: 1.9.27285 - TortoiseSVN)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.7 - Tunngle.net GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wander (HKLM\...\Steam App 293280) (Version:  - Wander MMO)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2836415364-1053990731-2268990577-1000_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Marty\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.5.57\BCD32C3B4FD945EE9439C09346A444AE\GrammarlyShim64.dll (CompanyName)
CustomCLSID: HKU\S-1-5-21-2836415364-1053990731-2268990577-1000_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> c:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2836415364-1053990731-2268990577-1000_Classes\CLSID\{e3765c78-10d8-475e-bd21-3633526f98d2}\InprocServer32 -> c:\windows\system32\dfshim.dll (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04999245-04AC-47DB-84DA-80393FCD2BC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {19D66E5B-29D7-4A15-80D5-8EB83AA2826D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {3D8F6540-8177-4110-85F3-FE0CE056EE9C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {3D978143-B27C-4988-8EB9-C371AA683C6C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {50F401A7-B875-49BE-ACD3-4F346A4EA71B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-14] (Google Inc.)
Task: {563E400C-1BEC-45E5-9939-DE5DC2CC8C19} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {5F415414-5955-4736-9719-01C7339F631D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {6327C253-CBC2-43B2-8EF5-3FDE345DA69A} - System32\Tasks\{858027D7-16CA-478E-A0F3-9F6D4CE1C2A8} => C:\Users\Marty\AppData\Local\Tibia\Tibia.exe [2016-11-29] ()
Task: {6D8F8B7F-4E70-469A-A350-36A81DBC3B69} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {71340D4D-35E3-448B-B396-5E9EAD54D629} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {7920AF27-499E-4287-B301-5CCD4A4F6A10} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {86E3212B-7575-4EF4-B619-65145B5E4B82} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {A8BDE2EC-4292-48F1-956F-A11B1E989B6E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {CF2D1463-2139-4258-8F19-22CEB54E60B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-10-24] (AVAST Software)
Task: {CFFE8AED-E4BE-418D-909C-E895017F9B78} - System32\Tasks\{658D4217-A2C9-47CA-A6CA-91B0BB225D9B} => pcalua.exe -a "C:\Users\Marty\Desktop\Display Driver Uninstaller.exe" -d C:\Users\Marty\Desktop
Task: {EF63793C-F252-40CE-9877-005DE679642E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {FC40276F-D1FA-4A57-954E-363D40CA1426} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Marty\Desktop\The Hell Bat.lnk -> C:\Users\Marty\Documents\the hell mod\hellfire.bat ()
Shortcut: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 4.1\OpenGL Extensions Viewer 4.1 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 4.1\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com
 
ShortcutWithArgument: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-12-11 15:23 - 2016-11-17 05:44 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-24 14:20 - 2016-09-24 14:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-11 15:22 - 2016-12-11 10:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-24 16:07 - 2016-04-24 16:07 - 00094672 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-08-19 00:12 - 2016-08-19 00:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-12-14 20:33 - 2016-12-08 00:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 20:33 - 2016-12-08 00:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-13 03:57 - 2016-12-13 03:57 - 31164504 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer64_24_0_0_186.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2014-10-01 01:23 - 2014-10-01 01:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 01:24 - 2014-10-01 01:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 01:25 - 2014-10-01 01:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 01:24 - 2014-10-01 01:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 01:24 - 2014-10-01 01:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2016-08-11 02:39 - 2016-08-11 02:39 - 06484480 _____ () C:\Program Files (x86)\ManyCam\p2p.dll
2016-08-11 17:02 - 2004-06-12 14:55 - 00274432 _____ () C:\Program Files (x86)\Mindzoom\lame_enc.dll
2016-07-27 18:55 - 2009-02-06 17:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2016-07-27 18:55 - 2009-06-29 09:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2016-11-18 02:41 - 2016-11-18 02:41 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-10-24 20:29 - 2016-09-07 12:42 - 50656768 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2010-07-07 19:33 - 2010-07-07 19:33 - 00002560 _____ () C:\Windows\system32\CTXFIRES.DLL
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2016-12-11 15:23 - 2016-11-17 05:43 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-11 15:23 - 2016-11-17 02:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-11 15:23 - 2016-11-17 02:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-11 15:23 - 2016-11-17 02:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-11 15:23 - 2016-11-17 02:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-11 15:23 - 2016-11-17 02:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-11 15:23 - 2016-11-17 02:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-11 15:23 - 2016-11-17 02:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-24 20:29 - 2016-09-07 12:42 - 50656768 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-10-24 20:29 - 2016-09-07 12:42 - 01874944 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-10-24 20:29 - 2016-09-07 12:42 - 00075264 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-10-24 20:29 - 2016-09-07 12:42 - 01874944 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-10-24 20:29 - 2016-09-07 12:42 - 00075264 _____ () C:\Users\Marty\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-07-14 12:27 - 2016-05-13 00:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-04-05 07:57 - 2016-04-05 07:57 - 00393608 _____ () C:\Users\Marty\AppData\Roaming\Curse Client\Bin\opus.dll
2016-09-29 16:26 - 2016-12-14 09:41 - 00534408 _____ () C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
2016-12-06 12:55 - 2016-12-11 22:50 - 01949064 _____ () C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\ffmpeg.dll
2016-05-02 13:26 - 2016-12-11 22:50 - 02269064 _____ () C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll
2016-05-02 13:26 - 2016-12-11 22:50 - 00086920 _____ () C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\skype.com -> apps.skype.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: camfrog_update_service => 2
MSCONFIG\Services: ReimageRealTimeProtector => 2
MSCONFIG\startupfolder: C:^Users^Marty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: Camfrog => "C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Discord => C:\Users\Marty\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{835010CB-1955-4E06-8DEE-9E34F5817E0C}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7A42C58D-C09B-4D17-BDB4-7B5DC8677993}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{05455D39-8549-468B-91AB-1E69DB4350FA}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE62BC26-439C-45D8-82B2-EFED267AE00C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4C4E1355-43AF-4AFB-9429-74F8E456A563}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1B902381-36BE-43DA-9A74-28962F891401}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A76B303-EAFF-48D2-B757-D7686E8918FB}C:\program files (x86)\steam\steamapps\common\far cry primal\bin\fcprimal.exe] => C:\program files (x86)\steam\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{E1AFE9D9-57FA-4C4D-8A7D-90C16E0A01F0}C:\program files (x86)\steam\steamapps\common\far cry primal\bin\fcprimal.exe] => C:\program files (x86)\steam\steamapps\common\far cry primal\bin\fcprimal.exe
FirewallRules: [{711CF505-652F-4A1C-9228-8129144E14F9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{720E76B1-80FA-4642-9A5F-3239A7E3E65B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50905752-3391-43F1-AC99-1B91A081AE5B}] => C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8BF4FBFD-36E8-4BE3-981F-72C801B23DE1}] => C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{5B063961-2F0F-4085-804C-9BF79696E111}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{670C8B70-49FA-4307-9A15-ED5E114FA76A}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{75CB3E70-BBA0-4D16-928A-FA24630E2A15}C:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe] => C:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{F5AB3DA2-A4D4-421A-B115-45D9A95BFCE5}C:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe] => C:\program files (x86)\steam\steamapps\common\dying light\dyinglightgame.exe
FirewallRules: [{BCE9A73C-9BFB-4680-8CEC-E767243DBB7C}] => C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{E4F3AB17-63C8-4ACD-9C8E-1DC5C2B17E67}] => C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [TCP Query User{ED8E179A-36AC-4850-B69A-177C7AB85B53}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe
FirewallRules: [UDP Query User{92F33162-BC29-43B1-9680-9B827121C9FD}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe
FirewallRules: [{6DFDCE5C-1701-4580-B25F-B57569DF1E83}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{18FF5B93-A35A-4136-A8E6-8311000DA8A6}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C91677C-F94D-4FB0-9CC7-889598BEA287}] => C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{9C3CCABF-39A7-49AB-A47B-7D6C6260322F}] => C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{49611246-E43D-4D81-8D2C-C6CFC5B8BCB7}] => C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{61624C71-F0CA-4AE9-ADDD-CE528956D47E}] => C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{2A7B075A-9EF4-4D1E-A079-26342884342B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{5A532E8E-362A-49B4-AACB-4C490FC9ED64}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{B12A24BC-D4D9-45F3-A87E-178FB6BD0262}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EAD50FCC-DFDE-4A66-B0C3-AD93FA63C7B9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FE35972F-FFCC-4C86-B7F0-1CDE84DC12B3}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{15F40BCB-EEF6-4445-9105-8F277A97C2B5}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{DA3E2DE1-F08C-49A7-B4F3-9D2B71A2CE44}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{B16088EC-C182-4482-A38A-DC8507D015C4}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{6D9553C7-A5EE-4568-819B-D661D16A96B6}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{A9E1329C-67B0-4906-92A5-FD32DC1AA862}] => C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{85EC6A6E-EECB-49FA-B2AC-65D96443CBCD}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{D27A296C-5FA6-4FE7-A5DA-BFB837CD441C}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{6BFB0353-EEA0-4368-B979-CDB4366FC590}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5AED3A60-68DD-4276-AAB7-FF87EA3F60F4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BDF022E7-DE7E-47CC-8E33-BF545AFB1177}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E3FA8D46-70CC-48B3-BE91-EEF194FBA9C8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F42C226A-5A0D-477A-AD88-E79B46E0BE98}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{683E2498-3ED9-429C-B2D0-ED173FC1D585}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99D0FF4D-B315-465D-A166-83FE9A32C9BC}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{64CDCE5C-95AE-4B01-A3EF-785CC26AF468}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01B9A02B-6532-415B-AFFD-F54F54ABE95D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{036A4FD2-B301-4CE2-88AB-AB1B8E105938}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E5C5EB0-68EE-4C7A-8079-11BBB86C72C0}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{89888C86-8C79-49C7-8754-E08A0787409B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1C2B9AB3-93B2-4DEE-9391-C9B7D0A8DC7E}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{68FED6B5-C2DB-447D-A729-EBFE26578D3E}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{570E4E24-881C-4B25-88B6-CADF0884C740}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DEA7208C-FC56-4009-869F-E68721F74312}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{879A4CE1-8ABB-493A-BF87-300EC5AC546C}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C7C68E4B-170C-41A9-AC6F-E168AF5A0D9A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AD72E5E3-1B6C-4FA2-AB02-1619BE78F198}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C895E37-A673-4A0F-92AA-B751327BE684}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A6AB49F-4C53-49F6-B8A0-DD5E520FC91D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F631E471-9DE1-4DD2-854C-48A3DA59EA4D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{60FFD8FD-0275-448A-8D0E-F3B7A6438753}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23030BE2-82B5-407A-8693-59F8A462E3B8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7279D60A-54C1-482A-B662-65A3A21F0D79}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{96EB59B2-EE30-4E24-99F8-825EEA6191C7}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC3C70DB-25A9-48CC-96DD-E635F93C3EC2}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{13070802-F72C-4B5F-B857-A993B12AE623}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EA162A2-5E3D-49F3-A45D-CABFF031EDEE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2FE2AFAA-D90F-48AD-B8E9-48FF19E01438}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DA9E6873-1E5D-471A-BE4D-6DE887850217}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0437E86C-F05B-4FBA-BADE-7D33D293C5B1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8A91900-FF0D-4E4F-B8FB-D46AD2FDA95E}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{47F764E7-4EF5-439E-A436-B3926E2EB220}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CBDF98AD-07F6-4A7F-BA80-66152D1B1F1B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01E2F2F2-0314-4D4F-8E1D-E1C878A23056}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42F0E00F-7D53-48A2-94B7-A965AD06EC42}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A90895C5-66DF-4A65-8BB7-AC53AE289F67}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB211F35-FDB9-43D6-8B7B-B37E02B50AE4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{508E637B-BEAB-47F6-BB1E-BC19C3DDC6A3}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF27E2E2-3DEB-46FB-8D11-1D790EFEB835}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF65AA01-A3B4-4D7E-A686-8AC639062ED8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{40E1A909-DEE1-4D02-8C36-2C5CA7CEAF7C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{21459151-851C-4522-8BEB-ADA685E0EAC7}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6E1A87ED-8CB2-47E0-89A0-F0FC1158B0A6}] => C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{D71E7F1E-5809-4B0D-BF60-AAE88C56251B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C76F3B10-ECE1-4ED9-A427-FE3EEB24D6DF}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20EEC2AA-50E1-429F-8CC0-8D1D6E6731F6}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE6BEBB3-4065-4EAF-8AF5-E0824497695A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{99487BC8-4874-4E48-A411-BCAC77E324AF}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D6289CB-8FAA-402A-B8E9-E61B3B557251}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87CB577E-0065-4BD4-AA39-0FEDABCBCFF4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FD879A69-52DA-43AD-B79D-0159F6FD3E0F}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F88F2A85-8353-4815-9F7D-DE0EDE2E853B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A12992EE-682F-4DDF-BB2E-129F49E8F547}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5B1EFF37-927E-4DCC-A7EC-99691A7398C8}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{63F9858C-DC76-4857-9A35-0D0170D8D354}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{80AB31FB-42C8-46BF-9267-4B6BE978C907}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{078EA983-7B7D-481E-9A3D-36C59101DBF9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{78928FBC-005D-4D8E-8450-A1FF600C5047}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{12375324-EC93-46E2-BBA4-88B4AA3A55B3}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9DC10D6F-BEF7-44BB-94A5-89D338D74013}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4960B3D6-45E4-4A9A-8157-82E9D5DFCFC9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A2174EE-7B70-490D-A38F-C60C3F4EC897}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{349F7269-DDD5-48B6-94A2-085FE3EAA9CA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3C03801E-EB29-4AA6-A372-BAA52A5230FA}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F96C73CA-74F8-42CC-B05B-8C9C2EE28FC3}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F94E78E5-083A-4106-9154-2BE8DFC378DC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{68D64A36-0467-4CCB-9415-CD055B989A32}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3BE17D60-92CA-490E-AEA0-49C0A2DDBECC}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BD242C8A-A916-4D06-931A-D4E2C936B706}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6041CB81-7339-478C-8191-74A9FF792BC4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF43D69D-2004-47B5-8226-95557436C7C9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3C640F51-2C25-42B3-B3B3-8D4164306AB1}] => C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{0C7B8275-DFB9-4234-801D-504B54E9DAF4}] => C:\Program Files (x86)\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{9598660E-40F4-4F33-B600-D0C67EDD233A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CC886A6D-03A0-47D3-857F-4CE91398B00C}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D3D7DBD7-2E6E-48AE-A3CD-3919A264F535}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FA83011-2F02-409E-B7EC-06797F3B73FD}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3D183D11-B20B-498B-8913-C19139AF20E4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{ED2F6458-7A4D-416A-B3F1-81D659372BA5}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{377C53B0-D039-4D82-B4B7-D307653E95DF}] => C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{AEC53BBB-AEAB-46EE-B44D-714B4B21567F}] => C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B80269AA-17A0-4ABB-8FE9-1F23104CC946}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8195D86F-F010-4054-8C28-42709244236A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
 
==================== Restore Points =========================
 
31-12-2016 00:00:00 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/24/2016 05:05:07 AM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (12/24/2016 04:05:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/23/2016 11:46:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 50.1.0.6186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 538
 
Start Time: 01d25c99b0639c7f
 
Termination Time: 293
 
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Report Id: 1b11ff14-c9ad-11e6-9626-10c37b6f461d
 
Error: (12/23/2016 11:05:55 AM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (12/21/2016 02:20:20 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (12/19/2016 10:32:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/19/2016 06:40:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/18/2016 04:10:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PathOfExileSteam.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 28ac
 
Start Time: 01d25983d3304417
 
Termination Time: 558
 
Application Path: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
 
Report Id: 7f121b1e-c57f-11e6-907d-10c37b6f461d
 
Error: (12/17/2016 12:27:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CMW.exe version 1.0.10246.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 170c
 
Start Time: 01d2583ef6c5676d
 
Termination Time: 51
 
Application Path: C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
 
Report Id: b1cf84a4-c432-11e6-907d-10c37b6f461d
 
Error: (12/14/2016 09:36:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (12/28/2016 02:11:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/28/2016 02:11:43 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/27/2016 02:11:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/27/2016 02:11:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/26/2016 02:11:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/26/2016 02:11:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/25/2016 02:11:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/25/2016 02:11:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/24/2016 09:06:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (12/24/2016 09:06:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 49%
Total physical RAM: 16319.83 MB
Available physical RAM: 8233.05 MB
Total Virtual: 16318.02 MB
Available Virtual: 6067.29 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:419.18 GB) (Free:21.81 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 000CE7FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 9116D930)
Partition 1: (Not Active) - (Size=419.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
This last one is RGSA: 
 
Result of Security Analysis by Rocket Grannie (x86) Updated: 17th December, 2016
Running from:C:\Users\Marty\Desktop (17:06:07 - 01/01/2017)
***---------------------------------------------------------***
Microsoft Windows 7 Ultimate X64 Service Pack 1
UAC is Enabled!
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
Kaspersky Total Security (Enabled - Up to Date)
Kaspersky Total Security (Enabled - Up to Date)
Windows Defender (Disabled - Up to Date)
Kaspersky Total Security (Enabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player Plugin (version 24.0.0.186)
Firefox (version 50)
Google Chrome (version 54)
HitmanPro (version 3.7)
Java (version 8.0.1110.14)
Malwarebytes Anti-Malware (version 2.2.1.1043)
 
CCleaner (version 5.24) is *out of Date*
 
***----------------Analysis Complete-------------------------***
 
 
Thanks for the help guys,
 
I wasn't sure if I needed to attach Additions.txt to this topic or just copy and paste it.

Edited by psychicguy, 01 January 2017 - 07:12 PM.


#2 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 04 January 2017 - 06:24 AM

Hello psychicguy and welcome back to SpywareInfo Forum.
I'm Android 8888 and I'll be helping you.

You did not posted the log (FRST.txt) produced by the Farbar tool. Please copy and paste it in your next reply for my review.

In your Addition.txt log I can see that the Active Partition (the bootable partition that contains the Windows Operating System) is located on a drive with a size of 931.5 GB. Also, your 500 GB SSD has only about 21.81 GB of free space which in fact is a small size compared to its total capacity.

Are you also using the 500 GB SSD to store your data files (documents, games, programs, etc)?


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#3 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 04 January 2017 - 07:47 AM

I have two drives..The solid state 500gb i want to run with my games on it if it provides a faster performance.  I want my 1TB drive to store anything extra as long as it gives me fast speeds.  I also have used Over Povisioning on my 500gb solid state drive.

 

I hope I described everything well enough.

 

Thanks! :-)

 

 

FRST Log Below: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Marty (administrator) on MARTY-PC (04-01-2017 05:41:10)
Running from C:\Users\Marty\Desktop
Loaded Profiles: Marty (Available Profiles: Marty)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Mindzoom) C:\Program Files (x86)\Mindzoom\mindzoom.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Marty\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Marty\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(GameplayCrush) C:\Users\Marty\Documents\borderless gaming\WindowedBorderlessGaming_2.1.0.1\WindowedBorderlessGaming.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Macrovision Europe Ltd.) C:\Users\Marty\AppData\Local\Temp\Creative_Audio_Engine_Cleanup.0001
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
(Curse, Inc) C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Curse.exe
(Curse, Inc.) C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Curse, Inc.) C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Curse, Inc.) C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
(Curse, Inc.) C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.34\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.74\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.236\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [Camfrog] => C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe [15970360 2016-12-06] (Camshare, Inc.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [11551248 2016-12-09] (Visicom Media Inc.)
HKU\S-1-5-21-2836415364-1053990731-2268990577-1000\...\MountPoints2: {71ca4d3e-49f7-11e6-9229-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
ShellIconOverlayIdentifiers: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [  Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
Startup: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-12-03]
ShortcutTarget: Curse.lnk -> C:\Users\Marty\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mindzoom.lnk [2016-12-06]
ShortcutTarget: mindzoom.lnk -> C:\Program Files (x86)\Mindzoom\mindzoom.exe (Mindzoom)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9C9A37F5-92A4-435E-A398-A69EB7FA054E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-19] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-19] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\gaijw53w.default-1481027132496 [2017-01-04]
FF NetworkProxy: Mozilla\Firefox\Profiles\gaijw53w.default-1481027132496 -> type", 0
FF Extension: (All Aboard) - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\gaijw53w.default-1481027132496\Extensions\@all-aboard-v1-5 [2016-12-06]
FF Extension: (Adblock Plus) - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\gaijw53w.default-1481027132496\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-10]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-19] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Profile: C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default [2017-01-03]
CHR Extension: (Google Drive) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Adblock Plus) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Excel Viewer, Editor) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpdiahdjhpfaafoffpoaafcmjbcfmaj [2016-07-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14]
CHR Extension: (GAuth Authenticator) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2016-07-14]
CHR Extension: (Gmail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-12-05] (Camshare Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
R3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-07-14] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-11-12] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-09-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-06] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [39464 2016-04-26] (Tunngle.net GmbH)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-03 21:39 - 2017-01-04 05:32 - 00001890 _____ C:\Users\Marty\Desktop\Tibia.lnk
2017-01-03 21:06 - 2017-01-03 21:06 - 00000082 _____ C:\Users\Marty\Desktop\Suicide Squad 2016.txt
2017-01-01 22:34 - 2017-01-01 22:34 - 00000061 _____ C:\Users\Marty\Desktop\ShowSomeSkin.txt
2017-01-01 22:28 - 2017-01-01 22:28 - 00000022 _____ C:\Users\Marty\Downloads\oc5bc9vs30w78l6onb8.zip
2017-01-01 17:47 - 2017-01-01 17:47 - 00000048 _____ C:\Users\Marty\Desktop\choir of the storm lapis amulet.txt
2017-01-01 17:03 - 2017-01-04 05:41 - 00025074 _____ C:\Users\Marty\Desktop\FRST.txt
2017-01-01 17:03 - 2017-01-01 17:03 - 00053646 _____ C:\Users\Marty\Desktop\Addition.txt
2017-01-01 17:02 - 2017-01-01 17:02 - 00001070 _____ C:\Users\Marty\Desktop\MalwarebytesScan 1-1-2017.txt
2017-01-01 16:56 - 2017-01-01 16:56 - 02418176 _____ (Farbar) C:\Users\Marty\Desktop\FRST64.exe
2017-01-01 16:56 - 2017-01-01 16:56 - 00899072 _____ C:\Users\Marty\Desktop\RGSA (1).exe
2016-12-23 10:05 - 2016-12-23 10:05 - 11251352 _____ (Grinding Gear Games) C:\Users\Marty\Desktop\PathOfExileInstaller.exe
2016-12-23 10:05 - 2016-12-23 10:05 - 00002133 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2016-12-23 10:05 - 2016-12-23 10:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-23 10:05 - 2016-12-23 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2016-12-20 21:19 - 2016-12-20 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2016-12-17 16:47 - 2016-12-17 16:47 - 00348516 _____ C:\Users\Marty\Downloads\NeverSink-Filter-4.42.zip
2016-12-17 16:47 - 2016-12-17 16:47 - 00000000 ____D C:\Users\Marty\Desktop\NeverSink-Filter-4.42
2016-12-17 13:24 - 2016-12-17 13:55 - 00000000 ____D C:\Users\Marty\Desktop\steamchivalryimages
2016-12-17 06:46 - 2016-12-17 06:46 - 02267685 _____ C:\Users\Marty\Downloads\Images for chivalry gift.zip
2016-12-17 06:44 - 2016-12-17 06:44 - 02267685 _____ C:\Users\Marty\Desktop\Images for chivalry gift.zip
2016-12-17 06:39 - 2016-12-17 22:42 - 00000025 _____ C:\Users\Marty\Desktop\all images for g2a link.txt
2016-12-14 18:55 - 2016-12-14 18:55 - 00000034 _____ C:\Users\Marty\Desktop\kimmys netflix.txt
2016-12-14 15:34 - 2016-12-14 15:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-14 15:34 - 2016-12-11 10:23 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-14 15:34 - 2016-09-09 10:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-14 15:34 - 2016-09-09 10:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-14 15:34 - 2016-09-09 10:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-14 15:34 - 2016-09-09 10:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-14 15:33 - 2016-12-11 18:37 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 17436808 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 14073400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-14 15:33 - 2016-12-11 18:37 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 10345696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 08753832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 03640376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 03206080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437633.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437633.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 01036224 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00975416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00944184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00896056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00170688 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-14 15:33 - 2016-12-11 18:37 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-13 21:11 - 2016-11-14 15:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-13 21:11 - 2016-11-14 14:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-13 21:11 - 2016-11-12 11:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-13 21:11 - 2016-11-12 11:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-13 21:11 - 2016-11-12 11:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-13 21:11 - 2016-11-12 11:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-13 21:11 - 2016-11-12 11:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-13 21:11 - 2016-11-12 11:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-13 21:11 - 2016-11-12 11:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-13 21:11 - 2016-11-12 11:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-13 21:11 - 2016-11-12 11:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-13 21:11 - 2016-11-12 10:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-13 21:11 - 2016-11-12 10:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-13 21:11 - 2016-11-12 10:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-13 21:11 - 2016-11-12 10:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-13 21:11 - 2016-11-12 10:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-13 21:11 - 2016-11-12 10:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-13 21:11 - 2016-11-12 10:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-13 21:11 - 2016-11-12 10:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-13 21:11 - 2016-11-12 10:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-13 21:11 - 2016-11-12 10:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-13 21:11 - 2016-11-12 10:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-13 21:11 - 2016-11-12 10:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-13 21:11 - 2016-11-12 10:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-13 21:11 - 2016-11-12 10:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-13 21:11 - 2016-11-12 10:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-13 21:11 - 2016-11-12 10:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-13 21:11 - 2016-11-12 10:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-13 21:11 - 2016-11-12 10:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-13 21:11 - 2016-11-12 10:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-13 21:11 - 2016-11-12 10:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-13 21:11 - 2016-11-12 10:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-13 21:11 - 2016-11-12 09:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-13 21:11 - 2016-11-12 09:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-13 21:11 - 2016-11-12 09:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-13 21:11 - 2016-11-12 09:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-13 21:11 - 2016-11-12 09:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-13 21:11 - 2016-11-12 09:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-13 21:11 - 2016-11-12 09:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-13 21:11 - 2016-11-12 09:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-13 21:11 - 2016-11-12 09:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-13 21:11 - 2016-11-12 09:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-13 21:11 - 2016-11-12 09:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-13 21:11 - 2016-11-12 09:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-13 21:11 - 2016-11-12 09:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-13 21:11 - 2016-11-12 09:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-13 21:11 - 2016-11-12 09:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-13 21:11 - 2016-11-12 09:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-13 21:11 - 2016-11-12 09:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-13 21:10 - 2016-11-21 10:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-13 21:10 - 2016-11-21 10:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-13 21:10 - 2016-11-21 10:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-13 21:10 - 2016-11-21 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-13 21:10 - 2016-11-20 08:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-13 21:10 - 2016-11-20 08:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-13 21:10 - 2016-11-20 08:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-13 21:10 - 2016-11-20 08:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-13 21:10 - 2016-11-20 08:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-13 21:10 - 2016-11-20 08:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-13 21:10 - 2016-11-20 08:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-13 21:10 - 2016-11-20 07:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-13 21:10 - 2016-11-20 07:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-13 21:10 - 2016-11-20 07:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-13 21:10 - 2016-11-20 07:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-13 21:10 - 2016-11-20 07:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-13 21:10 - 2016-11-20 07:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-13 21:10 - 2016-11-20 06:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-13 21:10 - 2016-11-17 08:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-13 21:10 - 2016-11-12 11:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-13 21:10 - 2016-11-12 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-13 21:10 - 2016-11-12 11:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-13 21:10 - 2016-11-12 11:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-13 21:10 - 2016-11-12 11:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-13 21:10 - 2016-11-12 11:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-13 21:10 - 2016-11-12 11:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-13 21:10 - 2016-11-12 10:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-13 21:10 - 2016-11-12 10:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-13 21:10 - 2016-11-12 10:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-13 21:10 - 2016-11-12 10:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-13 21:10 - 2016-11-12 10:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-13 21:10 - 2016-11-12 10:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-13 21:10 - 2016-11-12 10:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-13 21:10 - 2016-11-12 10:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-13 21:10 - 2016-11-12 09:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-13 21:10 - 2016-11-12 09:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-13 21:10 - 2016-11-10 08:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-13 21:10 - 2016-11-10 08:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-13 21:10 - 2016-11-09 08:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-13 21:10 - 2016-11-09 08:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-13 21:10 - 2016-11-09 08:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-13 21:10 - 2016-11-09 08:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-13 21:10 - 2016-11-09 08:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-13 21:10 - 2016-11-09 08:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-13 21:10 - 2016-11-09 08:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-13 21:10 - 2016-11-09 08:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-13 21:10 - 2016-11-09 08:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-13 21:10 - 2016-11-09 08:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-13 21:10 - 2016-11-09 08:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-13 21:10 - 2016-11-09 08:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-13 21:10 - 2016-11-09 08:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-13 21:10 - 2016-11-09 07:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-13 21:10 - 2016-11-06 08:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-13 21:10 - 2016-11-06 08:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-13 21:10 - 2016-11-06 08:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-13 21:10 - 2016-11-02 07:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-13 21:10 - 2016-11-02 07:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-13 21:10 - 2016-11-02 07:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-13 21:10 - 2016-11-02 07:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-13 21:10 - 2016-11-02 07:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-13 21:10 - 2016-11-02 07:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-13 21:10 - 2016-11-02 07:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-12-13 21:10 - 2016-11-02 07:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-12-13 21:10 - 2016-11-02 07:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-12-13 21:10 - 2016-11-02 06:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-13 21:10 - 2016-10-27 07:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-13 21:10 - 2016-10-27 07:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-13 21:10 - 2016-10-15 07:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-13 21:10 - 2016-10-15 07:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-13 21:10 - 2016-10-15 07:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-13 21:10 - 2016-10-15 07:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-13 21:10 - 2016-10-11 07:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-13 21:10 - 2016-10-11 07:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-13 21:10 - 2016-10-11 07:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-13 21:10 - 2016-10-11 07:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-13 21:10 - 2016-10-11 07:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-13 21:10 - 2016-10-11 07:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-13 21:10 - 2016-10-11 07:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-13 21:10 - 2016-10-11 07:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-13 21:10 - 2016-10-11 07:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-13 21:10 - 2016-10-11 07:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-13 21:10 - 2016-10-11 07:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-13 21:10 - 2016-10-11 07:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 07:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-13 21:10 - 2016-10-11 07:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-13 21:10 - 2016-10-11 07:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-13 21:10 - 2016-10-11 06:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-13 21:10 - 2016-10-11 06:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-13 21:10 - 2016-10-11 06:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-13 21:10 - 2016-10-11 06:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-13 21:10 - 2016-10-11 06:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-13 21:10 - 2016-10-11 06:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-13 21:10 - 2016-10-11 06:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-13 21:10 - 2016-10-11 06:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-13 21:10 - 2016-10-11 06:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-13 21:10 - 2016-10-11 05:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-12-13 21:10 - 2016-10-11 05:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-13 21:10 - 2016-10-11 05:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-13 21:10 - 2016-10-11 05:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll


#4 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 04 January 2017 - 08:07 AM

The rest of the FRST.exe log:

 

2016-12-13 21:10 - 2016-10-08 05:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-13 21:10 - 2016-10-07 07:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-13 21:10 - 2016-10-07 07:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-13 21:10 - 2016-10-07 07:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-13 21:10 - 2016-10-07 07:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-13 21:10 - 2016-10-07 07:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-13 21:10 - 2016-10-07 07:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-13 21:10 - 2016-10-05 06:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-13 21:10 - 2016-10-04 07:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-13 21:10 - 2016-10-04 07:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-13 21:10 - 2016-10-04 07:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-13 21:10 - 2016-10-04 07:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-13 21:10 - 2016-10-04 07:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-13 21:10 - 2016-10-04 07:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-13 21:10 - 2016-10-04 07:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-13 21:10 - 2016-10-04 07:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 21:10 - 2016-09-15 06:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-13 21:10 - 2016-09-09 10:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-13 21:10 - 2016-09-09 10:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-13 21:10 - 2016-08-22 08:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-12 15:07 - 2016-12-12 15:07 - 00000000 ____D C:\Users\Marty\AppData\Local\Chromium
2016-12-11 17:04 - 2016-12-11 17:04 - 00002954 _____ C:\Windows\System32\Tasks\{858027D7-16CA-478E-A0F3-9F6D4CE1C2A8}
2016-12-11 15:25 - 2016-12-11 15:25 - 00000000 ____D C:\Users\Marty\AppData\Roaming\NVIDIA
2016-12-11 15:23 - 2016-12-14 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-11 15:23 - 2016-12-11 22:50 - 00000000 ____D C:\Users\Marty\AppData\Local\NVIDIA Corporation
2016-12-11 15:23 - 2016-12-11 15:24 - 00000000 ____D C:\Users\Marty\AppData\Local\NVIDIA
2016-12-11 15:23 - 2016-12-11 15:23 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00003770 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00003594 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00003534 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-11 15:23 - 2016-12-11 15:23 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-11 15:23 - 2016-11-17 05:44 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-12-11 15:23 - 2016-11-17 05:44 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-12-11 15:22 - 2017-01-02 18:51 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-11 15:22 - 2016-12-14 15:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-11 15:22 - 2016-12-11 10:47 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-11 15:22 - 2016-12-11 10:47 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-11 15:22 - 2016-12-09 00:52 - 07639617 _____ C:\Windows\system32\nvcoproc.bin
2016-12-11 15:22 - 2016-12-01 11:52 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-12-11 15:22 - 2016-12-01 11:52 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 28138432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 19947472 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 17376896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 14410472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-11 15:21 - 2016-12-11 18:37 - 00041334 _____ C:\Windows\system32\nvinfo.pb
2016-12-11 15:21 - 2016-12-11 15:21 - 00000000 ____D C:\NVIDIA
2016-12-11 15:21 - 2016-12-02 12:42 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-12-11 15:21 - 2016-12-02 12:42 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-12-11 15:21 - 2016-12-02 12:42 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-12-11 15:21 - 2016-12-01 11:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-11 15:21 - 2016-12-01 11:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-11 15:21 - 2016-12-01 11:52 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-12-11 15:21 - 2016-12-01 11:52 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-12-11 15:21 - 2016-11-17 05:44 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-11 15:21 - 2016-11-17 05:44 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-11 15:21 - 2016-11-17 05:44 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-11 15:19 - 2016-12-11 15:20 - 388329504 _____ (NVIDIA Corporation) C:\Users\Marty\Downloads\376.19-desktop-win8-win7-64bit-international-whql.exe
2016-12-11 15:19 - 2016-12-11 15:19 - 00000000 ____D C:\Users\Marty\AppData\Local\realtech_VR
2016-12-11 15:16 - 2016-12-11 15:16 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR
2016-12-11 15:16 - 2016-12-11 15:16 - 00000000 ____D C:\ProgramData\realtech VR
2016-12-11 15:16 - 2016-12-11 15:16 - 00000000 ____D C:\Program Files (x86)\realtech VR
2016-12-11 15:15 - 2016-12-11 15:16 - 07864320 _____ (realtech VR) C:\Users\Marty\Downloads\glview452.exe
2016-12-11 08:00 - 2016-12-11 08:00 - 00000219 _____ C:\Users\Marty\Desktop\Left 4 Dead 2.url
2016-12-11 07:21 - 2016-12-11 07:21 - 05326328 _____ C:\Users\Marty\Downloads\Tibia_Setup.exe
2016-12-11 07:21 - 2016-12-11 07:21 - 00001012 _____ C:\Users\Marty\Desktop\Tibia 11.lnk
2016-12-11 01:40 - 2017-01-02 18:41 - 04747720 ____H C:\Users\Marty\AppData\Local\IconCache.db
2016-12-10 23:16 - 2016-12-11 18:17 - 00005054 _____ C:\Users\Marty\Documents\NoPing.xml
2016-12-10 22:46 - 2016-12-10 22:46 - 00000967 _____ C:\Users\Public\Desktop\tibia 10.lnk
2016-12-10 22:46 - 2016-12-10 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia
2016-12-10 22:46 - 2016-12-10 22:46 - 00000000 ____D C:\Program Files (x86)\Tibia
2016-12-10 18:18 - 2017-01-03 21:39 - 00000000 ____D C:\Users\Marty\AppData\Local\Tibia
2016-12-10 18:18 - 2016-12-10 18:18 - 00001012 _____ C:\Users\Marty\Desktop\New tibia 11 client.lnk
2016-12-10 18:18 - 2016-12-10 18:18 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia
2016-12-10 16:02 - 2016-12-10 16:02 - 00000000 ____D C:\Users\Marty\AppData\Local\CrashRpt
2016-12-10 14:56 - 2016-12-10 22:30 - 37011656 _____ (CipSoft GmbH ) C:\Users\Marty\Desktop\tibia1000.exe
2016-12-09 19:48 - 2016-12-09 20:08 - 00000058 _____ C:\Users\Marty\Documents\items i need for a paladin.txt
2016-12-09 18:29 - 2016-12-09 18:29 - 05235082 _____ C:\Users\Marty\Downloads\flash-with-markers.zip
2016-12-09 18:28 - 2016-12-09 18:28 - 05235082 _____ C:\Users\Marty\Downloads\Flash maps with markers.zip
2016-12-07 16:36 - 2016-12-07 16:36 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2016-12-07 16:36 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-07 16:36 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-07 14:45 - 2016-12-07 14:45 - 00044685 _____ C:\Users\Marty\Desktop\sfcdetails.txt
2016-12-07 08:56 - 2016-12-07 09:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-07 08:56 - 2016-12-07 08:56 - 12827672 _____ (TeamViewer GmbH) C:\Users\Marty\Downloads\TeamViewer_Setup_en.exe
2016-12-07 08:44 - 2016-12-07 08:44 - 00347878 _____ C:\Users\Marty\Downloads\NeverSink-Filter-4.31.zip
2016-12-07 08:08 - 2016-12-07 08:08 - 00347878 _____ C:\Users\Marty\Desktop\NeverSink-Filter-4.31.zip
2016-12-07 08:08 - 2016-12-07 08:08 - 00000000 ____D C:\Users\Marty\Desktop\NeverSink-Filter-4.31
2016-12-07 01:48 - 2016-12-07 02:02 - 00000000 ____D C:\Program Files (x86)\BattlePing
2016-12-06 23:59 - 2016-12-06 23:59 - 00000000 ____D C:\Users\Marty\AppData\Local\AAA_Internet_Publishing,_
2016-12-06 18:31 - 2016-12-07 01:48 - 00000000 __SHD C:\Users\Marty\wc
2016-12-06 18:31 - 2016-12-06 18:31 - 00000038 ___SH C:\Users\Marty\AppData\Local\1754111884ee9ab5277ca00.95260103
2016-12-06 18:31 - 2016-12-06 18:31 - 00000000 __SHD C:\Users\Marty\AppData\Roaming\wyUpdate AU
2016-12-06 18:31 - 2016-12-06 18:31 - 00000000 ____D C:\Users\Marty\AppData\Local\BattlePing
2016-12-06 18:31 - 2014-11-04 12:59 - 00428912 _____ (Network Tunnel Lab) C:\Windows\SysWOW64\networkdlllsp.dll
2016-12-06 14:36 - 2016-12-06 14:39 - 00041233 _____ C:\Users\Marty\Desktop\shacoilluminati.jpg
2016-12-06 05:14 - 2017-01-02 18:41 - 00004883 _____ C:\Windows\setupact.log
2016-12-06 05:14 - 2016-12-14 04:40 - 00286584 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-06 05:14 - 2016-12-07 16:56 - 00000644 _____ C:\Windows\PFRO.log
2016-12-06 05:14 - 2016-12-06 05:14 - 00000000 _____ C:\Windows\setuperr.log
2016-12-06 05:07 - 2016-12-07 12:35 - 00063792 _____ C:\Users\Marty\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-06 04:25 - 2016-12-06 04:25 - 00000000 ____D C:\Users\Marty\Desktop\Old Firefox Data
2016-12-06 04:22 - 2017-01-03 12:36 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-06 04:22 - 2017-01-03 12:36 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-06 04:22 - 2017-01-03 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-06 04:22 - 2017-01-03 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-06 04:22 - 2016-12-06 04:22 - 45281416 _____ C:\Users\Marty\Downloads\Firefox Setup 50.0.2.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-04 05:41 - 2016-11-16 16:09 - 00000000 ____D C:\FRST
2017-01-04 05:36 - 2016-10-25 06:01 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Curse Client
2017-01-04 04:57 - 2016-07-14 13:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-04 04:17 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-04 04:17 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-04 03:57 - 2016-12-03 16:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-03 23:32 - 2016-09-21 11:44 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Skype
2017-01-03 23:27 - 2016-07-14 13:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-03 22:25 - 2016-07-24 15:08 - 00000000 ____D C:\Users\Marty\AppData\Local\ManyCam
2017-01-03 21:43 - 2016-07-14 21:49 - 00000000 ____D C:\Users\Marty\AppData\Local\Ubisoft Game Launcher
2017-01-03 21:07 - 2016-11-18 01:34 - 00000000 ____D C:\Users\Marty\AppData\LocalLow\Mozilla
2017-01-03 19:06 - 2016-07-14 13:26 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Camfrog
2017-01-02 18:58 - 2016-12-03 16:54 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-01-02 18:51 - 2016-11-16 15:47 - 00000000 ____D C:\Users\Marty\AppData\Local\TSVNCache
2017-01-02 18:47 - 2009-07-13 21:13 - 00914830 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-02 18:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-01-02 18:41 - 2016-10-09 12:35 - 00062068 _____ C:\Windows\system32\BMXState-{00000005-00000000-00000000-00001102-0000000B-00431102}.rfx
2017-01-02 18:41 - 2016-10-09 12:35 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2017-01-02 18:41 - 2016-10-09 12:35 - 00001080 _____ C:\Windows\system32\settings.sfm
2017-01-02 18:41 - 2016-10-09 12:35 - 00000820 _____ C:\Windows\system32\DVCState-{00000005-00000000-00000000-00001102-0000000B-00431102}.rfx
2017-01-02 18:41 - 2016-08-08 12:58 - 00062068 _____ C:\Windows\system32\BMXStateBkp-{00000005-00000000-00000000-00001102-0000000B-00431102}.rfx
2017-01-02 18:41 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-01 17:06 - 2016-11-16 16:11 - 00000940 _____ C:\Users\Marty\Desktop\SALog.txt
2017-01-01 16:54 - 2016-07-14 17:07 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-01 14:38 - 2016-10-22 08:03 - 00000000 ____D C:\Program Files (x86)\Diablo II
2017-01-01 14:32 - 2016-07-14 14:03 - 00000000 ____D C:\Users\Marty\AppData\Local\Jagex
2017-01-01 14:32 - 2016-07-14 14:03 - 00000000 ____D C:\ProgramData\Jagex
2016-12-31 16:49 - 2016-07-14 13:10 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-29 04:07 - 2016-11-11 03:46 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{22af6d21-a804-11e6-9243-10c37b6f461d}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 10:05 - 2016-07-14 11:55 - 00000000 __SHD C:\Windows\Installer
2016-12-23 10:05 - 2009-07-13 19:20 - 00000000 ___HD C:\ProgramData
2016-12-23 10:03 - 2016-07-14 13:11 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-20 21:19 - 2016-10-27 12:13 - 67816856 _____ (Visicom Media Inc.) C:\Users\Marty\Desktop\ManyCamWebInstaller.exe
2016-12-20 21:19 - 2016-07-24 15:08 - 00000995 _____ C:\Users\Public\Desktop\ManyCam.lnk
2016-12-20 21:19 - 2016-07-24 15:07 - 00000000 ____D C:\Users\Marty\AppData\Roaming\ManyCam
2016-12-20 21:19 - 2016-07-24 15:07 - 00000000 ____D C:\Program Files (x86)\ManyCam
2016-12-17 13:56 - 2016-07-14 11:27 - 00000000 ____D C:\Users\Marty\AppData\Local\Microsoft
2016-12-16 14:33 - 2016-07-14 12:13 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 14:33 - 2016-07-14 12:13 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 14:33 - 2009-07-13 19:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-16 14:33 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Tasks
2016-12-14 21:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-14 20:33 - 2016-07-14 12:14 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 20:33 - 2016-07-14 12:14 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 17:32 - 2016-08-28 18:40 - 00000000 ____D C:\Users\Marty\AppData\Local\CrashDumps
2016-12-14 15:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-14 15:33 - 2016-07-14 11:27 - 00000282 ___SH C:\Users\Marty\Desktop\desktop.ini
2016-12-14 15:33 - 2009-07-13 20:54 - 00000174 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-14 05:25 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2016-12-14 05:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-14 05:09 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\assembly
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\winsxs
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migration
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\migration
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\config\TxR
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-14 04:40 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 04:40 - 2009-07-13 18:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-13 23:39 - 2016-07-15 15:47 - 00000000 ____D C:\Windows\system32\MRT
2016-12-13 23:38 - 2016-07-15 15:47 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-13 23:38 - 2009-07-13 20:45 - 00000000 ____D C:\Windows\debug
2016-12-13 23:37 - 2016-07-14 12:38 - 00906952 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 21:08 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-13 03:57 - 2016-07-14 13:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 03:57 - 2016-07-14 13:10 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 03:57 - 2016-07-14 13:10 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-13 03:57 - 2016-07-14 13:10 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 03:57 - 2016-07-14 13:10 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 03:57 - 2016-07-14 13:10 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 15:07 - 2016-07-14 13:04 - 00000000 ____D C:\Users\Marty\AppData\Local\Steam
2016-12-11 17:04 - 2016-07-19 02:09 - 00000000 ____D C:\Users\Marty\AppData\Local\Diagnostics
2016-12-11 15:25 - 2016-07-14 11:27 - 00000000 ____D C:\Users\Marty\AppData\Roaming
2016-12-11 15:23 - 2016-09-28 04:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-11 15:23 - 2016-09-27 22:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-11 15:23 - 2009-07-13 19:20 - 00000000 ___RD C:\Users\Public\Pictures
2016-12-11 15:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2016-12-11 15:16 - 2016-07-14 11:27 - 00000000 ___RD C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-10 23:33 - 2016-11-29 18:46 - 00000000 ____D C:\Program Files\NoPing Elite v12
2016-12-10 23:16 - 2016-07-14 11:27 - 00000000 ___RD C:\Users\Marty\Documents
2016-12-10 22:49 - 2016-07-23 22:28 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Tibia
2016-12-10 18:17 - 2016-07-27 15:24 - 05326328 _____ C:\Users\Marty\Desktop\Tibia_Setup.exe
2016-12-10 16:06 - 2016-07-14 13:26 - 00002187 _____ C:\Users\Marty\Desktop\Camfrog Video Chat.lnk
2016-12-07 16:51 - 2010-11-20 23:16 - 00000000 ____D C:\Windows\ShellNew
2016-12-07 16:51 - 2009-07-13 19:20 - 00000000 ___RD C:\Program Files
2016-12-07 16:36 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Logs
2016-12-07 15:10 - 2016-10-05 22:46 - 00027790 _____ C:\Users\Marty\Desktop\10649788_857832447561468_4964204845030012159_n.jpg
2016-12-07 14:35 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-12-07 09:35 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Fonts
2016-12-07 08:56 - 2016-08-26 18:06 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TeamViewer
2016-12-07 01:59 - 2016-07-21 09:26 - 00000000 ____D C:\Users\Marty\Documents\Malware removal tools
2016-12-06 18:31 - 2016-07-14 11:27 - 00000000 ____D C:\Users\Marty
2016-12-06 04:14 - 2016-09-18 20:33 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TS3Client
2016-12-06 03:57 - 2016-12-03 16:53 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-06 03:57 - 2016-09-12 23:03 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 03:57 - 2016-09-12 23:03 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys

==================== Files in the root of some directories =======

2016-11-29 18:50 - 2016-11-29 18:50 - 0000020 _____ () C:\Users\Marty\AppData\Roaming\system.xml
2016-12-06 18:31 - 2016-12-06 18:31 - 0000038 ___SH () C:\Users\Marty\AppData\Local\1754111884ee9ab5277ca00.95260103
2016-07-21 20:08 - 2016-07-22 09:37 - 0000600 _____ () C:\Users\Marty\AppData\Local\PUTTY.RND
2016-07-14 13:48 - 2016-07-14 13:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marty\AppData\Local\Temp\nvStInst.exe
C:\Users\Marty\AppData\Local\Temp\Tibia_Setup_a2cc-bb80-7001-30c0.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-03 00:27

==================== End of FRST.txt ============================



#5 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 04 January 2017 - 12:08 PM

Hi psychicguy.
 

NOTICE: The following script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.
 

Press the Windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and click the OK button.
Please copy the entire contents of the code box below. To do this highlight the contents inside the box and right click on it and select Copy.
Paste this into the open Notepad.
 

Start

CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKLM-x32\...\Run: [] => [X]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Extension: (Chrome Media Router) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marty\AppData\Local\Temp\nvStInst.exe
C:\Users\Marty\AppData\Local\Temp\Tibia_Setup_a2cc-bb80-7001-30c0.exe

End


Save the files as fixlist.txt in to the same folder as FRST64
Run FRST64 and click Fix only once and wait.
When finished FRST64 will generate a log on the Desktop (fixlog.txt). Please post it to your reply.

NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.



Please scan your computer with ESET Online Scanner.

  • Click on this link to open ESET Online Scanner in a new window.
    • Click on the Scan Now button to download the esetonlinescanner_enu.exe file. Save it to your Desktop.
    • Close all your programs and browsers.
    • Please disable your Kaspersky Total Security Antivirus program to avoid potential conflicts, improve the performance and speed up the scan.
    • Double click on esetonlinescanner_enu.exe to start ESET Online Scanner. It will open a window with the Terms of Use.
  • Check mark Download latest version of ESET Online Scanner and click the Accept button.
  • Click Yes to accept any security warnings that may appear.
  • Under Computer scan settings, check mark Enable detection of potentially unwanted applications.
  • Then click Advanced settings and check mark the following options:
    • Enable detection of potentially unsafe applications
    • Clean threats automatically
  • Click the Scan button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats.
  • Click Export, and save the file to your Desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Note: If nothing is found, it will not produce a log.

Please re-enable your Kaspersky Total Security Antivirus program.


In your next reply please post the fixlog.txt produced by the Farbar Recovery Scan Tool and the ESET log (if it produced one).

How is the computer running?


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#6 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 04 January 2017 - 03:11 PM

Below is my fixlist.txt log:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Marty (04-01-2017 12:20:58) Run:2
Running from C:\Users\Marty\Desktop
Loaded Profiles: Marty (Available Profiles: Marty)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKLM-x32\...\Run: [] => [X]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Extension: (Chrome Media Router) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marty\AppData\Local\Temp\nvStInst.exe
C:\Users\Marty\AppData\Local\Temp\Tibia_Setup_a2cc-bb80-7001-30c0.exe

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x64\widevinecdmadapter.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => not found.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI.dll => moved successfully
C:\Users\Marty\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully
C:\Users\Marty\AppData\Local\Temp\nvStInst.exe => moved successfully
C:\Users\Marty\AppData\Local\Temp\Tibia_Setup_a2cc-bb80-7001-30c0.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11047749 B
Java, Flash, Steam htmlcache => 226893782 B
Windows/system/drivers => 20556632 B
Edge => 0 B
Chrome => 552245019 B
Firefox => 381207973 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Marty => 1141602835 B

RecycleBin => 33935 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:21:13 ====

 

 

Below is my ESETScan:

 

C:\Users\Marty\Desktop\office_free_2013.exe    a variant of Win32/KingSoft.D potentially unwanted application    
C:\Users\Marty\Documents\Malware removal tools\ManyCamWebInstaller.exe    a variant of Win32/Toolbar.Visicom.F potentially unwanted application    
C:\Users\Marty\Documents\tibia\ccsetup520.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
C:\Users\Marty\Documents\tibia\ManyCamWebInstaller.exe    a variant of Win32/Toolbar.Visicom.F potentially unwanted application    
C:\Users\Marty\Downloads\ManyCamWebInstaller.exe    a variant of Win32/Toolbar.Visicom.F potentially unwanted application    
 



#7 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 04 January 2017 - 05:03 PM

Hello psychicguy.

 

ESET found some threats known by Potentially Unwanted Applications (PUA) which are not considered malware by themselves. So your computer appears to be free of malware.

Regarding the little free space on the disk, the script of the FRST removed temporary files and freed about of 2.2 GB of space.

Please let me know how is the computer running and what issues still remains.


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#8 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 04 January 2017 - 05:16 PM

Seems to be good now. I will let you know how it's running once I've played some games on it and see how my computer functions.

 

Thanks for your help!

 

Much appreciated!

 

:-)



#9 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 10 January 2017 - 02:10 PM

Are you still with me psychicguy?


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#10 psychicguy

psychicguy

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 126 posts

Posted 24 January 2017 - 08:36 PM

It works great now.

 

Thanks for the help! :-)

 

Sorry for the late reply.

 

 

 



#11 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 25 January 2017 - 05:56 AM

You're welcome. :)

 

 

If all is well...

To help keep malware off your system below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please consider using these ideas to help secure your computer.

Keep Windows updated at Windows Update. I cannot stress enough how important this is.

Keep your Kaspersky Total Security AntiVirus up-to-date.

Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Keep Malwarebytes (MB) update and perform a regular scan to your system as it will make it harder for malware to reside on your computer.
A tutorial on using MB can be found here
Please Note: Only the paid for version has real time capabilities.

A free non-resident utility to prevent the installation of ActiveX-based malware is JavaCool's SpywareBlaster, available here

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Another most feared threat at the moment is an infection by a Ransomware. A Ransomware infection is a program that ransoms the data or functionality of your computer until you perform an action. This action is typically to pay a ransom in the form of Bitcoins or another payment method. I advise you to read more info on this terrible threat here and here.

Please keep your programs up to date. This applies to Adobe Flash Player, Java and all your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.
Run a program like Personal Software Inspector (PSI) or FileHippo Update Checker to see what programs need to be updated.


Be careful with flash drives, as they can spread infections. See this post on USB/flash drive safety.

Stay away from P2P software; even with a clean P2P program, their networks are often riddled with malware.

Don't click on attachments or links in e-mail, and read your e-mail in text-only mode for the highest safety.

Don't click on links received in instant message programs.

A HOSTS file will prevent Internet Explorer from communicating with sites known to be associated with adware or spyware. A good regularly updated HOST file is MVPS HOSTS File, available here

For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.

Happy surfing and stay safe. :thumbup:

Android 8888.


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#12 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,120 posts

Posted 28 January 2017 - 08:07 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else, please begin a new topic.


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button