Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups redirecting me to reduxmediia.com


  • This topic is locked This topic is locked
9 replies to this topic

#1 Fire First Jay

Fire First Jay

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 23 May 2015 - 04:25 AM

I have recurring popups that lead me to assorted ad sites such as reduxmediia.com as well as asking me to upgrade java and other apps.  It just automatically downloaded a setup.exe on it's own.   I'm somewhat alarmed because the popups appear to be increasing in frequency.  I have run scans with avast and malwarebytes but they have both failed to fix the problem.   You're my only hope now!
 
FRST logs follow:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Jay (administrator) on JAY-PC on 23-05-2015 01:58:41
Running from C:\Users\Jay\Downloads
Loaded Profiles: Jay &  (Available Profiles: Jay)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Games Bot Inc.) C:\Program Files (x86)\Games Bot\GamesBotSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Games Bot Inc.) C:\Program Files (x86)\Games Bot\GamesBotSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Games Bot Inc.) C:\Program Files (x86)\Games Bot\GamesBotSvc.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dxtory Software) C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
() C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
(Mixesoft Project) C:\Users\Jay\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(MovieDea) C:\Program Files (x86)\MovieDea\MovieDea.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(The Chromium Authors) C:\Users\Jay\AppData\Local\Games Bot\Explore\Explore.exe
(The Chromium Authors) C:\Users\Jay\AppData\Local\Games Bot\Explore\Explore.exe
(The Chromium Authors) C:\Users\Jay\AppData\Local\Games Bot\Explore\Explore.exe
(The Chromium Authors) C:\Users\Jay\AppData\Local\Games Bot\Explore\Explore.exe
(The Chromium Authors) C:\Users\Jay\AppData\Local\Games Bot\Explore\Explore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-05-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [A6210] => C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE [6214488 2015-01-21] (NETGEAR)
HKLM-x32\...\Run: [WinCheck] => C:\Users\Jay\AppData\Local\03AA02FC-1432253120-057A-4D06-250700080009\bnsp144E.exe [337408 2015-05-21] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3183616 2015-04-22] (MovieDea)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-22] (Avast Software s.r.o.)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31340128 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] ()
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Run: [appnhost] => C:\Users\Jay\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31340128 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe [7342080 2013-07-03] ()
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [appnhost] => C:\Users\Jay\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk [2015-04-11]
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-13]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-05-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-04] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1611889982-3250800483-796148715-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-06] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-22] (Avast Software s.r.o.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-22] (Avast Software s.r.o.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Jay\AppData\Roaming\raidcall\plugins\nprcplugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-22]
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331210&octid=EB_ORIGINAL_CTID&ISID=M0D3BB0D9-E6A4-43C9-8E51-ECD5CA7C4B98&SearchSource=55&CUI=&UM=8&UP=SP1E31FB40-63E8-415E-B6AB-36FF22108D94&D=052115&SSPV=SP22340TB_sp_ch"
CHR Profile: C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-08]
CHR Extension: (No Name) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-08]
CHR Extension: (Poper Blocker) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2015-05-22]
CHR Extension: (No Name) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-08]
CHR Extension: (Click&Clean) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-05-22]
CHR Extension: (AdBlock) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-10]
CHR Extension: (Avast Online Security) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnlmhbanaiddolfmcklggjmhliepiki [2015-05-10]
CHR Extension: (Google Wallet) - C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-22]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-22] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-03-31] ()
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 GamesBotService; C:\Program Files (x86)\Games Bot\GamesBotSvc.exe [53352 2015-04-22] (Games Bot Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation)
R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [399120 2015-01-30] (Hauppauge Computer Works, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NetgearSwitchUSB; C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe [210648 2014-05-13] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-27] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) []
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-05-22] (Enigma Software Group USA, LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 A6210; C:\Windows\System32\DRIVERS\A6210.sys [2208984 2014-06-20] (Ralink Technology Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-22] ()
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-05-22] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-05-22] ()
R3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [972376 2014-12-16] (Hauppauge Computer Work, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-06] (REALiX™)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2015-05-06] (Qualcomm Atheros, Inc.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-22] (Avast Software)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S4 avgntflt; system32\DRIVERS\avgntflt.sys [X]
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 cpuz134; \??\C:\Users\Jay\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 01:58 - 2015-05-23 01:58 - 00024303 _____ () C:\Users\Jay\Downloads\FRST.txt
2015-05-23 01:56 - 2015-05-23 01:58 - 00000000 ____D () C:\FRST
2015-05-23 01:55 - 2015-05-23 01:55 - 02108416 _____ (Farbar) C:\Users\Jay\Downloads\FRST64.exe
2015-05-23 01:53 - 2015-05-23 01:53 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2015-05-22 23:08 - 2015-05-22 23:08 - 00003268 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1611889982-3250800483-796148715-1000
2015-05-22 16:52 - 2015-05-22 16:52 - 00243344 _____ () C:\Users\Jay\Downloads\Unconfirmed 631930.crdownload
2015-05-22 13:25 - 2015-05-22 13:25 - 00243344 _____ () C:\Users\Jay\Downloads\Unconfirmed 868884.crdownload
2015-05-22 13:25 - 2015-05-22 13:25 - 00243344 _____ () C:\Users\Jay\Downloads\Unconfirmed 384901.crdownload
2015-05-22 13:12 - 2015-05-22 13:12 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-22 13:10 - 2015-05-22 13:12 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Dropbox
2015-05-22 12:58 - 2015-05-22 12:58 - 00344504 _____ () C:\Windows\Minidump\052215-20935-01.dmp
2015-05-22 04:49 - 2015-05-22 04:49 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\AVAST Software
2015-05-22 04:48 - 2015-05-22 04:48 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-22 04:48 - 2015-05-22 04:48 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-22 04:48 - 2015-05-22 04:48 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-22 04:48 - 2015-05-22 04:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-22 04:47 - 2015-05-22 04:47 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-22 04:47 - 2015-05-22 04:47 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-22 04:47 - 2015-05-22 04:47 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-22 04:47 - 2015-05-22 04:47 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-22 04:45 - 2015-05-22 04:45 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-22 04:44 - 2015-05-22 04:44 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Jay\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-05-22 04:44 - 2015-05-22 04:44 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-22 03:58 - 2015-05-22 04:24 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Enigma Software Group
2015-05-22 03:58 - 2015-05-22 03:58 - 00003314 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-05-22 03:58 - 2015-05-22 03:58 - 00000000 ____D () C:\sh4ldr
2015-05-22 03:58 - 2015-05-22 03:58 - 00000000 _____ () C:\autoexec.bat
2015-05-22 03:57 - 2015-05-22 03:57 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-22 03:57 - 2015-05-22 03:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-22 03:56 - 2015-05-22 03:57 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Jay\Downloads\sh-remover.exe
2015-05-22 03:44 - 2015-05-22 03:44 - 00003422 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-05-22 03:43 - 2015-05-22 04:24 - 00000000 ____D () C:\rei
2015-05-22 03:43 - 2015-05-22 04:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-05-22 03:43 - 2015-05-22 03:44 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-05-22 03:43 - 2015-05-22 03:43 - 00004266 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-05-22 03:43 - 2015-05-22 03:43 - 00000000 ____D () C:\Program Files\Reimage
2015-05-22 03:42 - 2015-05-22 03:44 - 00000165 _____ () C:\Windows\Reimage.ini
2015-05-22 03:42 - 2015-05-22 03:42 - 00768512 _____ (Reimage®) C:\Users\Jay\Downloads\ReimageRepair.exe
2015-05-22 03:21 - 2015-05-22 03:22 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jay\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-22 03:11 - 2015-05-22 03:12 - 00665741 _____ () C:\Users\Jay\Downloads\MacKeeper.pkg
2015-05-22 03:02 - 2015-05-22 03:02 - 00282624 _____ () C:\Users\Jay\Downloads\appnhost.msi
2015-05-22 03:02 - 2015-05-22 03:02 - 00000000 ____D () C:\Users\Jay\AppData\Local\Mixesoft
2015-05-22 02:56 - 2015-05-22 03:31 - 00000112 _____ () C:\ProgramData\86L467.dat
2015-05-22 02:27 - 2015-05-22 02:27 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieUserList
2015-05-22 02:27 - 2015-05-22 02:27 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieSiteList
2015-05-22 02:27 - 2015-05-22 02:27 - 00000000 __SHD () C:\Users\Jay\AppData\Local\EmieBrowserModeList
2015-05-22 00:45 - 2015-05-22 00:45 - 00000000 ____D () C:\Users\Jay\AppData\Local\SafeGuard
2015-05-22 00:44 - 2015-05-22 00:44 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-22 00:40 - 2015-05-22 04:24 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-05-22 00:35 - 2015-05-22 04:50 - 00000000 ____D () C:\Program Files (x86)\MaxComputerCleaner_v17.507
2015-05-22 00:35 - 2015-05-22 00:48 - 00000000 ____D () C:\Users\Jay\Documents\MaxComputerCleaner
2015-05-22 00:35 - 2015-05-22 00:35 - 00003212 _____ () C:\Windows\System32\Tasks\MaxComputerCleaner_Start
2015-05-22 00:35 - 2015-05-22 00:35 - 00000000 ____D () C:\Users\Jay\AppData\Local\Max_Computer_Cleaner
2015-05-22 00:35 - 2015-05-22 00:35 - 00000000 ____D () C:\Program Files (x86)\MaxComputerCleaner
2015-05-22 00:21 - 2015-05-22 02:34 - 00000000 ____D () C:\Program Files (x86)\MovieDea
2015-05-22 00:21 - 2015-05-22 00:21 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MovieDea
2015-05-22 00:20 - 2015-05-22 00:20 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Itibiti
2015-05-22 00:20 - 2015-05-22 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR
2015-05-22 00:20 - 2015-05-22 00:20 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone
2015-05-22 00:18 - 2015-05-22 00:18 - 00003740 _____ () C:\Windows\System32\Tasks\Convertor
2015-05-22 00:18 - 2015-05-22 00:18 - 00003264 _____ () C:\Windows\System32\Tasks\Winsta Update
2015-05-22 00:18 - 2015-05-22 00:18 - 00003220 _____ () C:\Windows\System32\Tasks\WinKit
2015-05-22 00:18 - 2015-05-22 00:18 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\PDFConvert
2015-05-22 00:18 - 2015-05-22 00:18 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter
2015-05-22 00:18 - 2015-05-22 00:18 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\DocToPDFConverter
2015-05-22 00:18 - 2015-05-22 00:18 - 00000000 ____D () C:\Program Files (x86)\Winsta
2015-05-22 00:18 - 2015-05-22 00:18 - 00000000 ____D () C:\Program Files (x86)\Convertor
2015-05-22 00:17 - 2015-05-22 00:18 - 00000000 ____D () C:\Users\Jay\AppData\Local\Games Bot
2015-05-22 00:17 - 2015-05-22 00:17 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games Bot
2015-05-22 00:17 - 2015-05-22 00:17 - 00000000 ____D () C:\Program Files (x86)\Games Bot
2015-05-22 00:05 - 2015-05-22 00:05 - 00000000 ____D () C:\Users\Jay\AppData\Local\03AA02FC-1432253120-057A-4D06-250700080009
2015-05-22 00:05 - 2015-05-07 23:10 - 00001993 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-21 14:04 - 2015-05-22 12:59 - 00000314 _____ () C:\Windows\Tasks\IMGGZHDX1.job
2015-05-21 14:04 - 2015-05-22 03:39 - 00000000 ____D () C:\ProgramData\82b7754b066349da9bd954654865a124
2015-05-21 14:04 - 2015-05-22 03:16 - 00000005 _____ () C:\end
2015-05-21 14:04 - 2015-05-21 14:04 - 00003546 _____ () C:\Windows\System32\Tasks\DXBLVIVAZX
2015-05-21 14:04 - 2015-05-21 14:04 - 00002836 _____ () C:\Windows\System32\Tasks\IMGGZHDX1
2015-05-21 14:04 - 2015-05-21 14:04 - 00000000 ____D () C:\ProgramData\2acd4cb5c435461892520f3241ad43b9
2015-05-21 13:46 - 2015-05-21 13:46 - 00000000 ____D () C:\Program Files (x86)\DriverRestore
2015-05-21 13:45 - 2015-05-22 00:50 - 00000000 ____D () C:\Program Files (x86)\CompuClever
2015-05-21 13:45 - 2015-05-21 13:45 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\CompuClever
2015-05-21 13:45 - 2015-05-21 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-05-21 13:45 - 2015-05-21 13:45 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-05-21 13:44 - 2015-05-21 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipDownloader
2015-05-21 13:44 - 2015-05-21 13:44 - 00000000 ____D () C:\Program Files (x86)\ZipDownloader
2015-05-21 03:23 - 2015-05-22 04:24 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-05-21 03:23 - 2015-05-21 03:23 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-21 03:23 - 2015-05-21 03:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-21 03:23 - 2015-05-21 03:23 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-21 03:23 - 2015-05-21 03:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-20 03:09 - 2015-05-21 03:31 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Adobe
2015-05-20 03:09 - 2015-05-21 03:26 - 00000000 ____D () C:\Users\Jay\AppData\Local\Adobe
2015-05-20 03:09 - 2015-05-21 03:26 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-20 03:09 - 2015-05-20 03:09 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Macromedia
2015-05-19 03:07 - 2015-05-19 03:07 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\WinRAR
2015-05-19 03:03 - 2015-05-19 03:04 - 77313488 _____ () C:\Users\Jay\Downloads\Program.zip
2015-05-19 00:01 - 2015-05-21 02:00 - 00000000 ____D () C:\Users\Jay\Documents\The Witcher 3
2015-05-17 22:57 - 2015-05-17 22:57 - 04467928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-17 22:57 - 2015-05-17 22:57 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 02846424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 02531544 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 02014958 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-17 22:57 - 2015-05-17 22:57 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-05-17 22:57 - 2015-05-17 22:57 - 00000000 ____D () C:\Program Files\Realtek
2015-05-17 16:45 - 2015-05-17 16:45 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Tera_Awesomium
2015-05-15 02:05 - 2015-05-22 02:27 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\TS3Client
2015-05-13 03:00 - 2015-05-01 06:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 03:00 - 2015-05-01 06:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:22 - 2015-05-12 23:54 - 2196202794 _____ () C:\Users\Jay\Documents\Dead space 2-  Chapter 1 part 1- I jus wanted coffee.mp4
2015-05-12 23:22 - 2015-05-04 18:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 23:22 - 2015-05-04 18:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 23:22 - 2015-04-21 19:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 23:22 - 2015-04-21 18:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 23:22 - 2015-04-21 10:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 23:22 - 2015-04-21 10:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 23:22 - 2015-04-21 10:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 23:22 - 2015-04-21 09:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 23:22 - 2015-04-21 09:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 23:22 - 2015-04-21 09:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 23:22 - 2015-04-21 09:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 23:22 - 2015-04-21 09:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 23:22 - 2015-04-21 09:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 23:22 - 2015-04-21 09:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 23:22 - 2015-04-21 09:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 23:22 - 2015-04-21 09:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 23:22 - 2015-04-21 09:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 23:22 - 2015-04-21 09:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 23:22 - 2015-04-21 09:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 23:22 - 2015-04-21 09:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 23:22 - 2015-04-21 09:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 23:22 - 2015-04-21 09:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 23:22 - 2015-04-21 09:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 23:22 - 2015-04-21 09:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 23:22 - 2015-04-21 09:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 23:22 - 2015-04-21 09:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 23:22 - 2015-04-21 09:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 23:22 - 2015-04-21 09:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 23:22 - 2015-04-21 09:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 23:22 - 2015-04-21 09:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 23:22 - 2015-04-21 09:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 23:22 - 2015-04-21 09:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 23:22 - 2015-04-21 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 23:22 - 2015-04-21 09:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 23:22 - 2015-04-21 09:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 23:22 - 2015-04-21 09:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 23:22 - 2015-04-21 09:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 23:22 - 2015-04-21 09:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 23:22 - 2015-04-21 08:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 23:22 - 2015-04-21 08:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 23:22 - 2015-04-21 08:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 23:22 - 2015-04-21 08:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 23:22 - 2015-04-21 08:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 23:22 - 2015-04-21 08:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 23:22 - 2015-04-21 08:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 23:22 - 2015-04-21 08:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 23:22 - 2015-04-21 08:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 23:22 - 2015-04-21 08:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 23:22 - 2015-04-21 08:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 23:22 - 2015-04-21 08:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 23:22 - 2015-04-21 08:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 23:22 - 2015-04-21 08:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 23:22 - 2015-04-21 08:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 23:22 - 2015-04-21 08:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 23:22 - 2015-04-21 08:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 23:22 - 2015-04-21 08:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 23:22 - 2015-04-21 08:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 23:22 - 2015-04-21 08:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 23:22 - 2015-04-21 08:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 23:22 - 2015-04-21 08:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 23:22 - 2015-04-21 07:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 23:22 - 2015-04-21 07:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 23:22 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 23:22 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 23:21 - 2015-04-27 12:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 23:21 - 2015-04-27 12:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 23:21 - 2015-04-27 12:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 23:21 - 2015-04-27 12:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 23:21 - 2015-04-27 12:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 23:21 - 2015-04-27 12:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 23:21 - 2015-04-27 12:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 23:21 - 2015-04-27 12:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 23:21 - 2015-04-27 12:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 23:21 - 2015-04-27 12:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 12:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 23:21 - 2015-04-27 12:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 23:21 - 2015-04-27 12:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 23:21 - 2015-04-27 12:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 23:21 - 2015-04-27 12:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 23:21 - 2015-04-27 12:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 23:21 - 2015-04-27 12:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 23:21 - 2015-04-27 12:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 23:21 - 2015-04-27 12:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 23:21 - 2015-04-27 12:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 23:21 - 2015-04-27 12:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 23:21 - 2015-04-27 12:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 23:21 - 2015-04-27 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 23:21 - 2015-04-27 12:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 23:21 - 2015-04-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 23:21 - 2015-04-27 12:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 23:21 - 2015-04-27 12:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 23:21 - 2015-04-27 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 23:21 - 2015-04-27 12:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 23:21 - 2015-04-27 12:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 11:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 23:21 - 2015-04-27 10:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 23:21 - 2015-04-27 10:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 23:21 - 2015-04-27 10:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 10:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 10:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 23:21 - 2015-04-27 10:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 23:21 - 2015-04-19 20:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 23:21 - 2015-04-19 20:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 23:21 - 2015-04-19 19:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 23:21 - 2015-04-19 19:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 23:21 - 2015-04-12 20:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 23:21 - 2015-04-07 20:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 23:21 - 2015-04-07 20:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 23:21 - 2015-04-07 20:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 23:21 - 2015-03-03 21:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 23:21 - 2015-03-03 21:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 23:21 - 2015-03-03 21:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 23:21 - 2015-03-03 21:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 23:21 - 2015-03-03 21:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 23:21 - 2015-03-03 21:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 23:21 - 2015-03-03 21:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 23:21 - 2015-02-18 00:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 23:21 - 2015-02-18 00:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 23:21 - 2015-01-28 20:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 23:21 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-11 05:42 - 2015-05-15 01:12 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-05-11 01:38 - 2015-05-11 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xb1usb_01011.Wdf
2015-05-10 17:07 - 2015-05-10 17:07 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\MAXON
2015-05-10 00:23 - 2015-05-10 00:23 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-10 00:12 - 2015-05-10 00:20 - 00000000 ____D () C:\Jay
2015-05-09 16:55 - 2015-05-09 16:55 - 00000000 ____D () C:\Users\Jay\AppData\Local\Skype
2015-05-09 05:09 - 2015-05-17 16:44 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-09 05:09 - 2015-05-09 05:09 - 00000000 ____D () C:\Users\Jay\AppData\Local\TERA
2015-05-09 00:17 - 2015-05-09 00:17 - 00000000 ____D () C:\Users\Jay\Documents\EA Games
2015-05-09 00:15 - 2015-05-09 00:15 - 00000000 ____D () C:\Users\Jay\Documents\My Games
2015-05-09 00:15 - 2015-05-09 00:15 - 00000000 ____D () C:\Users\Jay\AppData\Local\EA Games
2015-05-09 00:01 - 2015-05-09 00:01 - 00000184 _____ () C:\Users\Jay\Downloads\DxtoryLicenceFile (1).dxtorylic
2015-05-09 00:01 - 2015-05-09 00:01 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\DivX
2015-05-08 23:51 - 2015-05-08 23:51 - 00000184 _____ () C:\Users\Jay\Downloads\DxtoryLicenceFile.dxtorylic
2015-05-08 23:48 - 2015-05-08 23:48 - 03299282 _____ () C:\Users\Jay\Downloads\Dxtory_2.0.127_A4_.zip
2015-05-08 23:48 - 2015-05-08 23:48 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\DVDVideoSoft
2015-05-08 23:48 - 2015-05-08 23:48 - 00000000 ____D () C:\Users\Jay\A
2015-05-08 23:30 - 2015-05-08 23:31 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\NVIDIA
2015-05-08 23:30 - 2015-05-08 23:30 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Publish Providers
2015-05-08 23:27 - 2015-05-12 23:19 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Sony
2015-05-08 23:27 - 2015-05-08 23:27 - 00000000 ____D () C:\Users\Jay\AppData\Local\Sony
2015-05-08 23:16 - 2015-05-08 23:16 - 00061192 _____ () C:\Users\Jay\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-08 23:16 - 2015-05-08 23:16 - 00000020 ___SH () C:\Users\Jay\ntuser.ini
2015-05-08 05:12 - 2015-05-08 05:12 - 00000000 ____D () C:\Users\Jay\AppData\Local\IsolatedStorage
2015-05-08 03:32 - 2015-05-08 03:32 - 00664247 _____ () C:\Users\Jay\Downloads\SSDTweaker (1).zip
2015-05-08 03:29 - 2015-05-08 03:29 - 00664247 _____ () C:\Users\Jay\Downloads\SSDTweaker.zip
2015-05-08 00:20 - 2015-05-08 00:20 - 00000000 ____D () C:\ProgramData\Solidshield
2015-05-07 02:28 - 2015-05-07 02:28 - 00000560 _____ () C:\Windows\wmsetup.log
2015-05-06 13:36 - 2015-05-06 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-06 13:35 - 2015-05-17 22:57 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-06 13:35 - 2015-05-06 13:35 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-06 13:35 - 2015-05-06 13:35 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-05-06 13:35 - 2015-05-06 13:35 - 05615552 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-06 13:35 - 2015-05-06 13:35 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01360640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00837776 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00654480 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00544400 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-05-06 13:35 - 2015-05-06 13:35 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00435344 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00096568 _____ () C:\Windows\system32\audioLibVc.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-06 13:35 - 2015-05-06 13:35 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-06 13:31 - 2015-05-06 13:31 - 00460048 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2015-05-06 13:29 - 2015-05-06 13:29 - 00129200 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\e22w7x64.sys
2015-05-06 13:27 - 2015-05-08 00:17 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Jay
2015-05-06 13:27 - 2015-05-06 13:27 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-05-06 13:27 - 2015-05-06 13:27 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-05-06 13:26 - 2015-05-17 22:52 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-06 13:25 - 2015-05-22 03:15 - 00002866 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Jay)
2015-05-06 13:25 - 2015-05-17 22:52 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\IObit
2015-05-06 13:25 - 2015-05-08 23:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-05-06 13:25 - 2015-05-08 00:17 - 00000000 ____D () C:\ProgramData\IObit
2015-05-06 13:25 - 2015-05-06 13:25 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-05-06 13:25 - 2015-05-06 13:25 - 00003224 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-05-06 13:25 - 2015-05-06 13:25 - 00003168 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-05-06 13:25 - 2015-05-06 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-05-06 13:18 - 2015-05-20 13:18 - 00000322 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2015-05-06 13:18 - 2015-05-07 23:11 - 00003196 _____ () C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup
2015-05-06 13:18 - 2015-05-06 13:18 - 00003056 _____ () C:\Windows\System32\Tasks\SuperEasyDriverUpdater_UPDATES
2015-05-06 13:18 - 2015-05-06 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 01:58 - 2015-03-14 16:34 - 00000000 ____D () C:\Users\Jay\AppData\Roaming\Skype
2015-05-23 01:49 - 2015-03-14 15:33 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-23 01:49 - 2015-03-14 15:33 - 00000000 ____D () C:\ProgramData\Avira
2015-05-23 01:49 - 2015-03-14 15:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-23 01:49 - 2015-03-13 15:17 - 01312063 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 01:33 - 2015-03-14 15:28 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 23:07 - 2015-04-07 12:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 15:33 - 2015-03-14 15:28 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 13:06 - 2009-07-13 21:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 13:06 - 2009-07-13 21:45 - 00028528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 13:04 - 2009-07-13 22:13 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 12:58 - 2015-03-25 15:04 - 00000000 ____D () C:\Windows\Minidump
2015-05-22 12:58 - 2015-03-14 23:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-22 12:58 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 12:58 - 2009-07-13 21:51 - 00067826 _____ () C:\Windows\setupact.log
2015-05-22 06:09 - 2010-11-20 20:47 - 00371238 _____ () C:\Windows\PFRO.log
2015-05-22 04:24 - 2015-03-14 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2015-05-22 04:24 - 2015-03-13 15:17 - 00000000 ____D () C:\Users\Jay
2015-05-22 04:24 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-22 04:20 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-22 03:23 - 2015-04-07 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 03:23 - 2015-04-07 12:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-21 13:46 - 2015-03-14 16:29 - 00003732 _____ () C:\Windows\System32\Tasks\DriverRestore_ScheduledScan
2015-05-21 13:46 - 2015-03-14 16:29 - 00003584 _____ () C:\Windows\System32\Tasks\DriverRestore_DailyScan
2015-05-19 14:11 - 2015-04-04 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 14:11 - 2015-04-04 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-17 04:21 - 2015-04-11 23:23 - 00000000 ____D () C:\Users\Public\Hauppauge Capture
2015-05-14 00:46 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-13 07:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2015-05-13 07:26 - 2011-04-12 01:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 07:26 - 2009-07-13 21:45 - 00274664 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 07:26 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 03:01 - 2015-03-14 23:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 03:00 - 2015-03-14 23:42 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 01:56 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-08 23:32 - 2015-03-14 16:33 - 00000000 ____D () C:\ProgramData\Skype
2015-05-08 23:18 - 2015-03-18 01:17 - 00000000 ____D () C:\Users\Jay\AppData\Local\NVIDIA Corporation
2015-05-08 03:24 - 2015-03-15 23:30 - 00000000 ____D () C:\ExKode
2015-05-08 03:23 - 2015-03-15 00:59 - 00000000 ____D () C:\Users\Jay\AppData\Local\NVIDIA
2015-05-08 03:22 - 2015-03-15 23:30 - 00000000 ____D () C:\Users\Jay\AppData\Local\Dxtory Software
2015-05-08 03:22 - 2015-03-14 15:28 - 00000000 ____D () C:\Users\Jay\AppData\Local\Google
2015-05-08 03:20 - 2015-03-14 23:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-08 03:19 - 2015-04-01 01:24 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-05-08 03:19 - 2015-03-14 18:00 - 00000000 ____D () C:\Program Files (x86)\Hauppauge
2015-05-08 03:19 - 2015-03-14 16:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-08 03:19 - 2015-03-14 15:28 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-08 00:20 - 2015-03-14 21:04 - 00097802 _____ () C:\Windows\DirectX.log
2015-05-07 13:23 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-05-06 05:07 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-29 23:15 - 2009-07-13 22:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2015-05-22 02:56 - 2015-05-22 03:31 - 0000112 _____ () C:\ProgramData\86L467.dat
2015-05-06 13:36 - 2015-05-06 13:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-23 01:53 - 2015-05-23 01:53 - 0000000 _____ () C:\ProgramData\rebootpending.txt
 
Files to move or delete:
====================
C:\ProgramData\86L467.dat
 
 
Some files in TEMP:
====================
C:\Users\Jay\AppData\Local\Temp\avgnt.exe
C:\Users\Jay\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Jay\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Jay\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwq1vmq.dll
C:\Users\Jay\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Jay\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jay\AppData\Local\Temp\ReiSysUpdate.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 04:31
 
==================== End of log ============================

 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:30 PM

Posted 23 May 2015 - 05:47 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

The Addition.txt is missing.

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Fire First Jay

Fire First Jay
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 23 May 2015 - 08:28 AM

This is the additional txt. thanks for helping!
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Jay at 2015-05-23 01:58:56
Running from C:\Users\Jay\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1611889982-3250800483-796148715-500 - Administrator - Disabled)
Guest (S-1-5-21-1611889982-3250800483-796148715-501 - Limited - Disabled)
Jay (S-1-5-21-1611889982-3250800483-796148715-1000 - Administrator - Enabled) => C:\Users\Jay
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
AnySend (HKLM-x32\...\ASPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION!
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
DocToPDFConverter (HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)
DocToPDFConverter (HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
DriverRestore (HKLM\...\DriverRestore) (Version: 1.0 - 383 Media, Inc.)
Dropbox (HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dxtory version 2.0.128 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.128 - ExKode Co. Ltd.)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Free YouTube Uploader version 4.0.24.324 (HKLM-x32\...\Free YouTube Uploader_is1) (Version: 4.0.24.324 - DVDVideoSoft Ltd.)
From The Depths (HKLM-x32\...\Steam App 268650) (Version:  - Brilliant Skies Ltd.)
Games Bot (HKLM-x32\...\Games Bot) (Version: 161.0.0.578 - CLICK YES BELOW LP)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gradient Bold Italic (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Gradient Bold Italic)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.33057 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.3.33029 - Hauppauge Computer Works, Inc.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
K-Lite Codec Pack 11.0.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
KNCTR (HKLM-x32\...\Itibiti_is1) (Version:  - Itibiti Inc.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.0 - Red Giant Software) Hidden
Magic Bullet Suite v12.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.0.3 - Red Giant, LLC)
MaintenanceService 1.0.0 (HKLM-x32\...\zz.507.mcc) (Version: 1.0.0 - CSDI)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MovieDea 1.0 (HKLM-x32\...\MovieDea) (Version: 1.0 - MovieDea)
NETGEAR A6210 Genie (HKLM-x32\...\InstallShield_{B37F67D3-ABD1-48E0-B422-E011C355529C}) (Version: 1.0.0.30 - NETGEAR)
NETGEAR A6210 Genie (x32 Version: 1.0.0.30 - NETGEAR) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.13004.105 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.1.5 - Reimage) <==== ATTENTION
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.2.103 - Skype Technologies S.A.)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperEasy Driver Updater v.1.1.1 (HKLM-x32\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
System Requirements Lab Detection (HKLM-x32\...\{23E34C45-9310-4CD4-9893-810D441059F8}) (Version: 6.1.1.0 - Husdawg, LLC)
sZone-Online (HKLM-x32\...\Steam App 316390) (Version:  - Cybertime System)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
War Inc. Battlezone (HKLM-x32\...\Steam App 107900) (Version:  - Online Warmongers Group Inc.)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
ZipDownloader (HKLM-x32\...\ZipDownloader) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1611889982-3250800483-796148715-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
22-05-2015 06:34:12 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2015-05-07 23:10 - 00001993 ____N C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {04908399-A898-4F5A-8EAE-4417168DB733} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {110D76FB-6BFD-46A9-8EDF-852C834AE248} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe
Task: {235E4054-EBD9-4725-B1BF-454CFB78C62F} - System32\Tasks\{FF58929A-99E3-437A-97BB-6F816C38444A} => pcalua.exe -a C:\Users\Jay\Downloads\hdpvr2_driver_1_5_32118.exe -d C:\Users\Jay\Downloads
Task: {256631D6-D071-46EC-AF78-8E1AEAC939CF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-22] (Avast Software s.r.o.)
Task: {2DCFC21A-DA26-41CA-A020-B29B195E9072} - System32\Tasks\Winsta Update => C:\Program Files (x86)\Winsta\bin\Winsta.exe [2014-11-25] ()
Task: {34EA5089-E8B6-41A1-A084-CC05E8954722} - System32\Tasks\DXBLVIVAZX => C:\ProgramData\82b7754b066349da9bd954654865a124\82b7754b066349da9bd954654865a124.exe
Task: {43527F2A-8E1B-45B3-B111-1C2C7753C4F5} - System32\Tasks\Convertor => C:\Program Files (x86)\Convertor\Convertor.exe [2014-11-25] ()
Task: {440273E8-1156-4D79-9F9E-C9504AB5B2F5} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe
Task: {44EDAB70-0F36-44E4-AE9C-098AFA832265} - System32\Tasks\IMGGZHDX1 => C:\ProgramData\LolyKey\LolyKey.exe
Task: {4A9DA71E-C8F3-4D8E-9745-2105DFD0D000} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {5BCB476F-D771-4A9E-BC4A-EBE1DB3C4A2A} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {6BA0E765-149E-4313-9F11-92B5E5BE62B8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2015-03-16] (Reimage ltd.) <==== ATTENTION
Task: {79B00A4F-51D6-410E-B6B2-56A3032897F7} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {85E46406-69E3-45DF-A3F4-CC5195BE4A08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {99059A1A-A828-4119-B7F6-E13BD9EB285E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {99643E0B-5779-4AAE-A4FA-AA7402546A6D} - System32\Tasks\WinKit => C:\Users\Jay\AppData\Roaming\PDFConvert\SWUpdate.exe [2014-11-25] ()
Task: {A3CF9716-EE98-4D4D-8A62-54AD1C22F647} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {A4A7C1CD-57D2-4CBA-94D8-212CCB57F0A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {A8C8B65B-DA90-43DF-813E-613866F3967F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {BF39952B-5324-4913-91DA-6E89BDCFC569} - \avabvcxvyx No Task File <==== ATTENTION
Task: {CAA0D438-C332-4068-831D-C59070CD0128} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe [2014-07-06] ()
Task: {CC712978-BDD1-48C4-B266-ACA869A2037B} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-05-22] (Enigma Software Group USA, LLC.)
Task: {D8F8EA04-5DBB-4C63-B7D1-8D5275118423} - System32\Tasks\avastBCLRestartS-1-5-21-1611889982-3250800483-796148715-1000 => Chrome.exe 
Task: {F077CEAC-CF4C-412D-8830-9C869DE1B10D} - System32\Tasks\Driver Booster SkipUAC (Jay) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {F2AF4DCD-12EF-44AB-9C4C-C7A07CB97C76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {F2DDEE02-195F-4768-9DBB-921E20D9B948} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {F5684744-F8B2-459C-A776-8EC87719FEA5} - System32\Tasks\Uninstaller_SkipUac_Jay => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IMGGZHDX1.job => C:\ProgramData\LolyKey\LolyKey.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-14 23:50 - 2015-03-13 09:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-13 16:57 - 2014-05-13 16:57 - 00210648 _____ () C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
2015-03-27 01:33 - 2015-03-27 01:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-14 03:07 - 2015-01-14 03:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2015-03-14 16:28 - 2014-09-23 15:19 - 00146736 ____N () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
2015-05-22 00:20 - 2013-07-03 14:39 - 07342080 _____ () C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
2013-08-08 14:30 - 2013-08-08 14:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-05-22 04:47 - 2015-05-22 04:47 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-22 04:47 - 2015-05-22 04:47 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-22 10:10 - 2015-05-22 10:10 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052201\algo.dll
2015-05-22 23:58 - 2015-05-22 23:58 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052300\algo.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00109160 _____ () C:\Program Files (x86)\Games Bot\Modules\Base.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00041576 _____ () C:\Program Files (x86)\Games Bot\Modules\inws.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00058984 _____ () C:\Program Files (x86)\Games Bot\Modules\ups.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00039528 _____ () C:\Program Files (x86)\Games Bot\Modules\alzm.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00117352 _____ () C:\Program Files (x86)\Games Bot\Modules\brs.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00090728 _____ () C:\Program Files (x86)\Games Bot\Modules\cmd.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00096872 _____ () C:\Program Files (x86)\Games Bot\Modules\sipc.dll
2015-04-22 05:02 - 2015-04-22 05:02 - 00056424 _____ () C:\Program Files (x86)\Games Bot\Modules\wdm.dll
2015-04-14 01:42 - 2015-03-27 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-01-21 15:21 - 2015-01-21 15:21 - 00131808 _____ () C:\Program Files (x86)\NETGEAR\A6210\Ralink.dll
2012-11-21 18:26 - 2012-11-21 18:26 - 01204224 _____ () C:\Program Files (x86)\NETGEAR\A6210\RaWLAPI.dll
2015-05-22 04:47 - 2015-05-22 04:47 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-30 09:34 - 2015-04-27 19:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 09:34 - 2015-04-27 19:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-05-22 00:18 - 2015-03-26 07:13 - 01091584 _____ () C:\Users\Jay\AppData\Local\Games Bot\Explore\libglesv2.dll
2015-05-22 00:18 - 2015-03-26 07:13 - 00167936 _____ () C:\Users\Jay\AppData\Local\Games Bot\Explore\libEGL.dll
2015-05-22 00:18 - 2015-03-26 07:39 - 08569856 _____ () C:\Users\Jay\AppData\Local\Games Bot\Explore\pdf.dll
2015-05-22 00:18 - 2015-03-26 07:18 - 00324608 _____ () C:\Users\Jay\AppData\Local\Games Bot\Explore\ppGoogleNaClPluginChrome.dll
2015-05-22 00:18 - 2015-03-26 07:14 - 00880128 _____ () C:\Users\Jay\AppData\Local\Games Bot\Explore\ffmpegsumo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1611889982-3250800483-796148715-1000\...\sony.com -> sony.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1611889982-3250800483-796148715-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1611889982-3250800483-796148715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER Error getting ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2A823429-A50E-4004-8CC9-E1E727AFB269}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{793972E4-0B67-459E-9B77-EE56F4C5FB02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC94E5B7-1476-48DE-AEC0-55DEBE3CFBC6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{30BFBFC7-E795-4B2C-B44A-87C2BECB475A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D03CCEE7-9A18-4B89-A4A6-BC2DC6081867}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F08EB3E1-9FB0-41DC-A911-2C32B9ECD094}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B62B9935-20FE-46A0-9FB7-145EF2001062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C571A07B-603F-4970-B712-1D2ACC018253}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6FC995BA-C2C9-4474-859D-058B151C94D2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{EDF0795B-2B56-47FF-B7CE-367D757B256E}D:\steam\steamapps\common\dayz\dayz.exe] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{8E1A9C63-EEB1-4F3C-A112-96FB6EEBE221}D:\steam\steamapps\common\dayz\dayz.exe] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{EAD679FE-3C8D-47DC-81F4-CED8D12FB5B6}] => (Allow) D:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{B7A5E7EE-F64E-40B3-8487-61FC7A1A71FB}] => (Allow) D:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{706B4397-AE34-4FF4-8311-630F47071375}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{C2DED15E-14B7-42DE-8C95-B0CEB1207546}D:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{07283D63-2293-4CD9-B4D5-27893BEFAE3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2AC6B86-F218-40CB-B7F6-513D6B8E1BA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{202B3A8E-FFCC-4796-93C8-C26656ED2776}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{25350FF2-6097-4EB3-9EE1-7CD488226466}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{311ED470-5EAA-47AE-8279-48C7EC2C67BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0C4BB4F7-A083-4F01-A9E7-538AC78C929F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{695FDFE0-113E-47DE-840A-F04604DACB83}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{F9E60946-311F-4C1F-84C5-CCFC0B249F92}] => (Allow) D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{36AB772E-08EE-4616-80F7-4CD913D11238}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{BF4799F7-00F5-442A-AA8D-A73AFBCDC380}] => (Allow) D:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{44966CD5-F64B-4875-84A6-975E28CA9523}] => (Allow) D:\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe
FirewallRules: [{7015F4B2-79C2-4304-A850-C388B43E255A}] => (Allow) D:\Steam\steamapps\common\sZone-Online\game\SZoneOnline.exe
FirewallRules: [{175E6595-9691-44E6-9E2B-1FFDD5EBCB75}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{E9525128-1A63-401E-BBFD-B1F34D6C316B}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{847C6095-9246-494B-BEFE-5F3A053A3C19}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6B14007E-9330-4F62-8758-004D5A12404E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5F5599A1-C2FF-4D52-9215-8D7FD992409D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F91014AA-9FB1-4262-B82C-EEA31E330468}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{44D6E20D-9362-456F-AE20-8D8B5FE44314}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{9FBEE14B-B695-47CB-8E6D-258C78D0616F}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{5F37F18D-19D6-4D87-B3C4-6B4190D0C02F}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{70964DEF-EAD1-4DCA-816A-441811FBF0EE}] => (Allow) D:\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{57A4DA6F-38D8-472E-830D-61A9B65EAE16}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{86B99C1D-40A3-4169-B336-F59D0F161A23}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{11616375-E168-43EE-A6A5-38A731065E03}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{F8A01754-8E57-4D8F-8236-B1D2A9D45B7F}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{063A77D7-F2FD-44AE-AA67-4E2EBD690858}] => (Allow) D:\Steam\steamapps\common\WarIncBattleZone\RSUpdate.exe
FirewallRules: [{167E059C-9979-4302-BA84-145AEBA7E1E6}] => (Allow) D:\Steam\steamapps\common\WarIncBattleZone\RSUpdate.exe
FirewallRules: [{92106CC3-5A11-4E44-9C01-56BEFE6E22DF}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{3981FFDA-93F4-42A1-A5D6-B51C5F0F5104}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{191EF16A-6885-4964-A72F-A500370C8425}] => (Allow) D:\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{D1F789EC-C338-41FC-99AE-415ABF7B548F}] => (Allow) D:\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{245BA3ED-69AA-4D6F-8036-6E2C3CD6120D}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{0C1F0914-F3F1-4E38-8111-C3E7697F610C}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{BD3B8BE5-2313-4764-8E09-5B4DD49C7639}] => (Allow) D:\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{310EE28B-AAEF-4F88-B919-116B8CEA6C6D}] => (Allow) D:\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{5CB16074-0C04-42E4-85F2-2E246290E67F}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4E612DDA-E7BD-4FBA-9B37-CD52288251C6}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3D41D159-9FDF-448D-98FD-1C7F5CF9C7FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0342F679-3221-40B9-BE9B-C5A882724688}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A3D42779-02CF-4000-A59D-DAF3A1AA3F33}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DDD4014B-9788-4FAE-A3CA-404917C6816D}] => (Allow) D:\Steam\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{41366D55-D940-4099-830B-FD8E33F355FE}] => (Allow) D:\Steam\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{F514F904-0536-4B41-AA60-61C577F53B03}] => (Allow) D:\Steam\steamapps\common\Dead Space 2\deadspace2.exe
FirewallRules: [{5C60586E-AD5D-489A-8727-CDF3E48B203E}] => (Allow) D:\Steam\steamapps\common\Dead Space 2\deadspace2.exe
FirewallRules: [{9F998FF4-F1DA-4B0A-9801-07A770B18AEA}] => (Allow) D:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{166A1085-719D-49D3-8FC1-FA8638E801D4}] => (Allow) D:\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{AB8B3A62-4CD0-454B-85AE-2F0EB027EA46}] => (Allow) D:\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{2FCC13ED-0530-4D39-9F9D-D6CFBD546DAB}] => (Allow) D:\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{24F8A160-1AE2-47BA-AD1D-ECD14FAAEC91}] => (Allow) D:\Steam\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{EB7B7B6C-6B06-4FC0-AF90-714D6098321C}] => (Allow) D:\Steam\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{0E7D8632-0695-4641-9DBF-069A1AAB411B}] => (Allow) D:\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{DC2755F5-9D83-452E-A918-F07F30ED82CB}] => (Allow) D:\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{ECAEDE8E-123F-4F8E-96C6-1ECB6C44E051}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{15A7BB24-A2C3-40BB-983F-3E9FED7FF2AD}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{C65356E4-E44B-4F9F-B845-D02D5A4072C7}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{39CCAB79-AD14-4E43-B7AD-DA68AD69F9FC}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{3BB21E19-ECC3-4C38-9B2A-DE2056342056}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{EB52A385-3FE6-42ED-88FF-0BCF43B05136}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [TCP Query User{C0BC38BB-40D6-4B9F-B72A-F5EDA5521415}C:\program files (x86)\itibiti soft phone\itibiti.exe] => (Block) C:\program files (x86)\itibiti soft phone\itibiti.exe
FirewallRules: [UDP Query User{AEA0EDE6-F28E-4428-9F8A-239311ABC721}C:\program files (x86)\itibiti soft phone\itibiti.exe] => (Block) C:\program files (x86)\itibiti soft phone\itibiti.exe
FirewallRules: [{F3AA4ED5-F49A-44D0-B382-0B6CE7486791}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E9A4AA42-4994-4E36-A4B1-D65145EA3C0D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{75EC4F56-8CDD-4712-AD6B-E2BEA3DAED71}] => (Allow) C:\Users\Jay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9013201B-6C6A-49FD-8220-1B0B4BA04374}] => (Allow) C:\Users\Jay\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/22/2015 00:59:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xb70
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (05/22/2015 00:59:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 06:10:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xb3c
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (05/22/2015 06:09:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:26:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:25:31 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005). Additional information: 0x80070005.
 
Error: (05/22/2015 04:25:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0x9cc
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (05/22/2015 04:22:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:21:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0x9e8
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (05/22/2015 04:19:58 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]
 
 
System errors:
=============
 
Microsoft Office:
=========================
Error: (05/22/2015 00:59:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920fb7001d094c9ab0a2bffC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe0471d9b7-00bd-11e5-807d-fcaa147a4d25
 
Error: (05/22/2015 00:59:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 06:10:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920fb3c01d0949090f02321C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exedc231e59-0083-11e5-ba2a-fcaa147a4d25
 
Error: (05/22/2015 06:09:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:26:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:25:31 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.210050x80070005
 
Error: (05/22/2015 04:25:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9cc01d09481e09c2e32C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe4071da22-0075-11e5-9c48-fcaa147a4d25
 
Error: (05/22/2015 04:22:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/22/2015 04:21:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9e801d09481553d7835C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exea7581006-0074-11e5-bdd7-fcaa147a4d25
 
Error: (05/22/2015 04:19:58 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 26%
Total physical RAM: 16220.28 MB
Available physical RAM: 11866.71 MB
Total Pagefile: 32438.77 MB
Available Pagefile: 26883.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (SNAKEEEEEEE) (Fixed) (Total:111.69 GB) (Free:16.16 GB) NTFS
Drive d: (Matka Plooku) (Fixed) (Total:931.51 GB) (Free:204.33 GB) NTFS
Drive e: (Windows_7_Home_P_64_Bit) (Removable) (Total:7.52 GB) (Free:7.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 82287E31)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 50D0BB86)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00EC0CB1)
Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:30 PM

Posted 23 May 2015 - 08:37 AM

Hi there,

Step 1

  • Please download and install revouninstaller.pngRevo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s) to remove it:
    AnyProtect
    AnySend
    Reimage Repair
    Surfing Protection
    SpyHunter 4
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 3

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

zoek.jpg

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    systemspecs;
    filesrcm;
    autoclean;
    iedefaults;
    CHRdefaults;
    emptyclsid;
    shortcutfix;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 Fire First Jay

Fire First Jay
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 23 May 2015 - 09:25 AM

# AdwCleaner v4.205 - Logfile created 23/05/2015 at 07:23:44
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jay - JAY-PC
# Running from : D:\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : ReimageRealTimeProtector
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\rei
Folder Deleted : C:\ProgramData\Reimage Protector
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Folder Deleted : C:\Program Files (x86)\DriverRestore
Folder Deleted : C:\Program Files (x86)\Convertor
Folder Deleted : C:\Program Files (x86)\Itibiti Soft Phone
Folder Deleted : C:\Program Files (x86)\MaxComputerCleaner
Folder Deleted : C:\Program Files (x86)\Winsta
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SafeGuard
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Program Files\Earth Networks
Folder Deleted : C:\Users\Jay\AppData\Local\Max_Computer_Cleaner
Folder Deleted : C:\Users\Jay\AppData\Local\SafeGuard
Folder Deleted : C:\Users\Jay\AppData\Local\03AA02FC-1432253120-057A-4D06-250700080009
Folder Deleted : C:\Users\Jay\Documents\MaxComputerCleaner
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\DriverRestore.lnk
File Deleted : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Deleted : C:\Windows\Reimage.ini
File Deleted : D:\Desktop\WeatherBug®.lnk
 
***** [ Scheduled tasks ] *****
 
Task Deleted : Convertor
Task Deleted : DriverRestore_DailyScan
Task Deleted : DriverRestore_ScheduledScan
Task Deleted : Reimage Reminder
Task Deleted : ReimageUpdater
Task Deleted : SuperEasyDriverUpdater_UPDATES
Task Deleted : WinKit
Task Deleted : MaxComputerCleaner_Start
Task Deleted : Winsta Update
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\SuperEasy Software
Key Deleted : HKCU\Software\MaxComputerCleanerLanguage
Key Deleted : HKLM\SOFTWARE\Boost
Key Deleted : HKLM\SOFTWARE\SuperEasy Software
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\SafeGuard
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : [x64] HKLM\SOFTWARE\DriverRestore
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverRestore
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17801
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Google Chrome v42.0.2311.135
 
[C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3331210&octid=EB_ORIGINAL_CTID&ISID=M0D3BB0D9-E6A4-43C9-8E51-ECD5CA7C4B98&SearchSource=55&CUI=&UM=8&UP=SP1E31FB40-63E8-415E-B6AB-36FF22108D94&D=052115&SSPV=SP22340TB_sp_ch
 
*************************
 
AdwCleaner[R0].txt - [6523 bytes] - [23/05/2015 07:23:13]
AdwCleaner[S0].txt - [6066 bytes] - [23/05/2015 07:23:44]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6125  bytes] ##########


#6 Fire First Jay

Fire First Jay
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 23 May 2015 - 09:45 AM

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Jay on Sat 05/23/2015 at  7:29:28.43.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
5/23/2015 7:30:09 AM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\Avira deleted successfully
C:\PROGRA~2\CompuClever deleted successfully
C:\PROGRA~2\MaxComputerCleaner_v17.507 deleted successfully
C:\PROGRA~3\82b7754b066349da9bd954654865a124 deleted successfully
C:\PROGRA~3\Ralink deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Jay\AppData\Roaming\Publish Providers deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Avira not found
C:\PROGRA~2\CompuClever not found
C:\PROGRA~2\MaxComputerCleaner_v17.507 not found
C:\PROGRA~3\82b7754b066349da9bd954654865a124 not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\windows\SysNative\Tasks\DXBLVIVAZX deleted
C:\windows\SysNative\Tasks\IMGGZHDX1 deleted
C:\PROGRA~3\2acd4cb5c435461892520f3241ad43b9 deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Jay\AppData\Roaming\Itibiti deleted
C:\PROGRA~3\86L467.dat deleted
C:\PROGRA~3\{FA77A43D-F6ED-4924-87B5-517C061388C6} deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-1611889982-3250800483-796148715-1000 deleted
C:\Users\Jay\Downloads\avast_free_antivirus_setup_online_cnet.exe deleted
C:\Users\Jay\Downloads\ReimageRepair.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Windows\Installer\40199e.msi" deleted
"C:\PROGRA~2\WinRAR\RarExt64.dll" deleted
"C:\PROGRA~2\WinRAR" not deleted
 
==== System Specs ======================
 
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16221 MB
CPU Info: Intel® Core™ i7-4790K CPU @ 4.00GHz
CPU Speed: 3939.9 MHz
Sound Card: Speakers (Realtek High Definiti | 
TOSHIBA-TV-4 (NVIDIA High Defin | 
Realtek Digital Output(Optical) | 
Realtek Digital Output (Realtek | 
Display Adapters: NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | NVIDIA GeForce GTX 970 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | Intel® HD Graphics 4600 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: NETGEAR A6210 WiFi USB3.0 Adapter | Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
CD / DVD Drives: No optical drives found.
Ports: COM1 LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  111.7GB | D:  931.5GB
Hard Disks - Free: C:  14.5GB | D:  202.0GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/30/14 | _ASUS_ - 1072009
Time Zone: Pacific Standard Time
Motherboard *: Gigabyte Technology Co., Ltd. Z97X-Gaming 5
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Google Chrome 42.0.2311.135
Internet Explorer Version: 11.0.9600.17801 
Google Chrome version: 42.0.2311.135
Adobe Reader version: 15.7.20033.133275
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2015-05-22 11:47:49 2169B4B1EFAA3453A4DA732F1F94C1E1 43112 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\Jay\AppData\Local\Temp ====
2015-05-22 20:12:13 0CFC0308F76EC217C457F54DDFCB3077 43008 ----a-w- C:\Users\Jay\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwq1vmq.dll
2015-05-22 10:43:22 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Jay\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-22 10:43:06 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Jay\AppData\Local\Temp\ReimagePackage.exe
2015-05-22 07:44:11 67614407088F2BE94C1A0EAC6B0B5902 23496 ----a-w- C:\Users\Jay\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-22 07:44:48 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\Number of results
2015-05-18 05:57:25 BF5E0D0788EFE22870DB0920E2952B2A 2531544 ----a-w- C:\Windows\SysWOW64\RltkAPO.dll
2015-05-13 10:00:22 858EB73F68B20A2A5C66B6C000D1C0DD 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 06:22:13 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\SysWOW64\certcli.dll
2015-05-13 06:22:13 2665A3D34D1C62DF303723422215B001 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-05-13 06:22:12 CFCB89C0FE8EF502A7934C0D20E5DBD6 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 06:22:12 C3120D99E6DA7878A1DD2D88138AC60A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-05-13 06:22:12 9025CA7BCD6B7956366FC90B3D6E3933 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 06:22:12 8C00AB01B1BC1E2F69765776BBC5A5D1 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 06:22:11 F2DB87F164BC13AB8EF90FBF5D866B65 664576 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-05-13 06:22:11 E993B5E929F46A52E9F4EB68A7855CDF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-05-13 06:22:11 D74445161E58644309F858342F5E265C 19691008 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-05-13 06:22:11 C525258A00ECFB4CE089F54C163268C3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-05-13 06:22:11 C2EB0AA5570CF8BC881B36EE55A59337 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 06:22:11 C1A32612710492D0C3339E46EC15E333 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-05-13 06:22:11 AA2F2D55DEF98007839D0189D721D70B 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-05-13 06:22:11 7B4FA4B41FBDBB12C5038FCB6E6652AA 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 06:22:11 746BBC86351D07859D8B40056447F7B2 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 06:22:11 63A2E3E9C771B1D4D7D84942D6FCB661 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 06:22:11 6388FC82897DDDA607BBE3580D75AE15 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 06:22:11 28313FF0DE83EAD8F5EF1B963D9078C3 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 06:22:11 136687227F11CE928CB05F4FD90319AC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 06:22:10 CC4974FCF9387F32A0FF87BCE093A5AD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 06:22:10 BCFA71A878903B5F92A7AFEFCCC5CA97 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-05-13 06:22:10 5AAC24BF6C4A54DA526CC6244DEBE227 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 06:22:10 3CE5DE0730C22A54FE783DB8A989E8BD 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 06:22:10 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 06:22:10 0E22CD36FC3292CB812CC46CBCFD8444 12828672 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-05-13 06:22:09 CB5F450D21B9D76B7F01D006E4AEDB40 1882112 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-05-13 06:22:09 6E2B4875B968324E5844F35A37A79260 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-05-13 06:22:09 37625FC1DAF886F1980E2D8F315B93AC 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-05-13 06:22:09 1C5C5B5EF9CFDFC897D4549A2385DB3A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 06:22:09 07E82A31808C8BC053D1DE547082C58F 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-05-13 06:21:10 EB058143B57ED460AC4F2DFBA104BBFF 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 06:21:10 D0F574320615303ADECDCB452EBB8930 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll
2015-05-13 06:21:10 C6D2D384B6232B0B800234C03C50979F 82944 ----a-w- C:\Windows\SysWOW64\logman.exe
2015-05-13 06:21:10 A44680B810977EA64E280523E96F2EA9 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2015-05-13 06:21:10 8D50ED3F0FBE3590AB0D43BF7B60E57A 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 06:21:10 8C45A65ED20B487085B79EEFCC08D160 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll
2015-05-13 06:21:10 7A5824DC9A85FCE4334F57FF0795853E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll
2015-05-13 06:21:10 66D6A06936088E412E29A182679F0D71 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 06:21:10 54A01CC4BC47B31C5CD082D064AB37BC 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-05-13 06:21:10 1569F20BB9DB9FDC87A6D3C8A3726ABF 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2015-05-13 06:21:10 0A66C88B087249742381924AB8F9EFCC 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 06:21:09 FCB1C8345C794FE89ABA03B4CA3131BB 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 06:21:09 F43CB86F9536B17E5C7CFCFB48ACBE54 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-05-13 06:21:09 F286528898342F0F1EB402606750C391 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe
2015-05-13 06:21:09 D9E25B4BD2120CC5183CCCE9421C7AFE 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2015-05-13 06:21:09 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2015-05-13 06:21:09 D079A408CC3E22A09D1260A6F18FC0FD 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-05-13 06:21:09 BF9BB4113E9FCDABD4C703DDD06293F3 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-05-13 06:21:09 AFFE5747054D03F8CEE18A8518A9AA34 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-05-13 06:21:09 ABA025664F9F42C568B2C022AADCB18F 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-05-13 06:21:09 99A508910BB06DFBE99D9AF7D6B4E950 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-05-13 06:21:09 97B30711DC6CA0EA4EACEDCE8080A3B4 37888 ----a-w- C:\Windows\SysWOW64\relog.exe
2015-05-13 06:21:09 9638DA21E965E23C85C4319F3F66D824 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 06:21:09 86B2AC15999BB4F8B5C84AB6154A1783 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-05-13 06:21:09 850F756363237A2EB069B9B25EF8BEC3 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-05-13 06:21:09 7F99900705E249E9D5C55E490B7D076E 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 06:21:09 79AF005633B7E41B7A194A7E7B9D3D93 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-05-13 06:21:09 74C0EC1257698176E288DA282F318E1C 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe
2015-05-13 06:21:09 741DB93796E7D4F3F804C13537FB40F4 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-05-13 06:21:09 6BB13D5E12C5C4D829C1D640DF269EA0 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2015-05-13 06:21:09 3346701038E55BD366F3D5CE31F55483 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 06:21:09 0B6E937863837BA3383E9CE9200DDF1E 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 06:21:05 C22AB1781BC6F0BB1C9B352CF66DBFFC 1250816 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2015-05-13 06:21:03 418AEC0CE89A13200F2820079B9CDFD9 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll
2015-05-13 06:21:02 744AB3C1A73A57DEED49D631F1BDEA1D 2311168 ----a-w- C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 06:21:01 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe
2015-05-13 06:21:00 DCA2C6E7990771209CDD8E9DA90ED0E2 5120 ----a-w- C:\Windows\SysWOW64\shimeng.dll
2015-05-13 06:21:00 D3E8C7FADB758E5D222C639CC65790AD 295936 ----a-w- C:\Windows\SysWOW64\apphelp.dll
2015-05-13 06:21:00 715C060150D969B0DE5DD5B365A712AF 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe
====== C:\Windows\SysWOW64\drivers =====
2015-05-06 20:25:52 E5805896A55D4166C20F216249F40FA3 26528 ----a-w- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
====== C:\Windows\Sysnative =====
2015-05-22 11:47:54 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\Sysnative\aswBoot.exe
2015-05-18 05:57:26 E8474A2323DD53B12EB3BB840A2CB306 3262184 ----a-w- C:\Windows\Sysnative\YamahaAE2.dll
2015-05-18 05:57:25 B9178219A1B69431A12ED114B409E8C9 328816 ----a-w- C:\Windows\Sysnative\ICEsoundAPO64.dll
2015-05-18 05:57:25 B3385C56C2F7DBE9D53FB5F21D6F15D5 1739992 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll
2015-05-18 05:57:25 9E40B7337137C9329A01EF2FE1C8A194 1316056 ----a-w- C:\Windows\Sysnative\RTCOM64.dll
2015-05-18 05:57:25 38FD79BF71E8455A2660BBDCA39AFB2B 2846424 ----a-w- C:\Windows\Sysnative\RltkAPO64.dll
2015-05-13 10:00:22 189FB45D7442083AE8A2E4E612233EF7 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 06:22:13 ED4B980701D081AC42F7B121C1E42149 460800 ----a-w- C:\Windows\Sysnative\certcli.dll
2015-05-13 06:22:13 8AD8D17425C75D2621B2CDFE0DEABD21 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-05-13 06:22:12 E802824B9B4A16355A5233A7B8215ECE 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-05-13 06:22:12 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-05-13 06:22:12 70EDB996FE1BCB699232A15CB0D0FA32 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-05-13 06:22:11 ED4EB5A0CDD251A17B946C515CB94D70 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-05-13 06:22:11 D7B9EEF960F68DC18724BB5F89A464DD 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-05-13 06:22:11 6D2787CD32595A91969502A399E7BA48 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-05-13 06:22:11 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-05-13 06:22:11 1122DD841CCB7E07EF41039CBD66A29E 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-05-13 06:22:11 010F562B961AB8CAEC7A0C72F8FDD690 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-05-13 06:22:10 F918BE3C5ACA0B6485D725CC1A5348DC 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-05-13 06:22:10 F28577138120BA7E5423820D4B4C4727 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-05-13 06:22:10 EB9FCD39D65E23380CB2C2F0E6F2ED53 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-05-13 06:22:10 E20B5098C8707B2CF0858024568234FF 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-05-13 06:22:10 843D063E75B19188759CBEC82828BCB1 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-05-13 06:22:10 49B1935F131A44CD29857D6900CB643F 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-05-13 06:22:10 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-05-13 06:22:09 FFC30231459FC44FD73E07532C707791 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-05-13 06:22:09 E061B5A1D0F9BBACA41149201ADF4A3B 14401536 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-05-13 06:22:09 CA0369799519F33DDE8FD26F5D87D014 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-05-13 06:22:09 B85ECB91C88F6E74045061B7F7DDEFA2 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-05-13 06:22:09 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-05-13 06:22:09 1D610F215769E4FF56C7B1847DE4B86D 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-05-13 06:22:09 1921A72BF1273BED72E569EF1F1A0611 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-05-13 06:22:09 0B4E78E6E65D1FD2CE55C93CF1EFD623 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-05-13 06:22:08 F2A1718334172C0F4E231E998F6CB8AB 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-05-13 06:22:08 F0289B3A341429117696F0279DA977B6 2352128 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-05-13 06:22:08 DC1200D3C3AC1E69A4DAD053BC26BF0D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-05-13 06:22:08 C31D57F7A58FACDA2671075CEBA75199 24971776 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-05-13 06:22:08 C1D6BD834E69E8F77C8B4DDFCEE073F6 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-05-13 06:22:08 79A4C71CD8B610DE9F66B72B5654C450 6025728 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-05-13 06:22:08 63061A0826839DE8F5B4713976C99F1B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-05-13 06:22:08 5A18ACE782C215300BE1C82D9EDC565B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-05-13 06:21:13 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\Sysnative\services.exe
2015-05-13 06:21:10 FDF1E0FD74DED0034BA6FFB665E0641E 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2015-05-13 06:21:10 EE27E1D639E3807229C15AF94320CF0A 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe
2015-05-13 06:21:10 EA8A3E8C674B03CB4AFA1D344DBD7BC1 1254400 ----a-w- C:\Windows\Sysnative\diagtrack.dll
2015-05-13 06:21:10 E55A72876BC5E244D0A8F7F07862A939 338432 ----a-w- C:\Windows\Sysnative\conhost.exe
2015-05-13 06:21:10 DA8B541825991F6699790E617FF0FF60 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-05-13 06:21:10 D449C36379EBEFD3CCDAEC328002BB5B 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll
2015-05-13 06:21:10 D17DD01601460F5899E5C154B3FD0BFA 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll
2015-05-13 06:21:10 CCAB9BE9C9100C5F54A5A8F355730841 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-05-13 06:21:10 B01B21E15671ACD3F0AD131DC4CABFC7 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll
2015-05-13 06:21:10 A985325F4FE72FB003749A2FBBA9952E 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-05-13 06:21:10 A0BCD6A64281492EFAE02AC144A335F1 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2015-05-13 06:21:10 9C5DBA74D0C641C2A4ABDC79969B7BEF 104448 ----a-w- C:\Windows\Sysnative\logman.exe
2015-05-13 06:21:10 8453010B6512DAEAFC61CC0836FA137E 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll
2015-05-13 06:21:10 52935C072F8D5A92508AA3A3CC9133C7 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-05-13 06:21:10 52146DBFE253B83FAB1980AA704C7974 113664 ----a-w- C:\Windows\Sysnative\sechost.dll
2015-05-13 06:21:10 408A8232E84515E4AA819E0C95E65257 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-05-13 06:21:10 1C9F2F4A2C603739BD8CC8C64310AFD7 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll
2015-05-13 06:21:10 10D39E74B0D5011A8C199B9646579C3F 879104 ----a-w- C:\Windows\Sysnative\tdh.dll
2015-05-13 06:21:10 0CD609B1143961F5C3BA691729A6A5DA 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-05-13 06:21:09 FE60A67032A5C94F6ACE483C8FE84105 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe
2015-05-13 06:21:09 E1B0C7042BA7B8903D60DF3885F2DFE7 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2015-05-13 06:21:09 DA5EF2CC0764BE7097BAFA9CAF903FE8 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-05-13 06:21:09 D2602AC48B38FA10956E32D18E7143B0 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2015-05-13 06:21:09 D205305FB0E352A9D4CF922D6A016BF4 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2015-05-13 06:21:09 CD3770C78AFFC223A3B9D38F27B7A309 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-05-13 06:21:09 BB7BAF9532DBA5AB4009E981687D1EA6 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe
2015-05-13 06:21:09 AF278DB00C43E925E58C8CA2C0CF4C71 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-05-13 06:21:09 ADC2D7B5BFF277E5A9FACE6A21A24ABC 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-05-13 06:21:09 ACE24D86D2714FCC1639F890DF54951B 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-05-13 06:21:09 A3DCC3D8BB57E31EA07949313CC3A3CF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-05-13 06:21:09 9262D6E2C239EDD6D87B080F2BCCEC9F 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-05-13 06:21:09 90DC7B112F946B412C9CDC6F459F4053 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-05-13 06:21:09 90293AAC2AB0908BFF98ADB89CEBC931 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-05-13 06:21:09 8C711AF30BE3991050D0D011D92CFBE0 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-05-13 06:21:09 7A448B8CED7F7348C36159D5CC8E19ED 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-05-13 06:21:09 79F036EB691ABBA84E8EB1715E5F2B17 43008 ----a-w- C:\Windows\Sysnative\relog.exe
2015-05-13 06:21:09 50EBA6640805F6D5EF4A0DCEF2D180AB 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-05-13 06:21:09 4DD0098FFAB4664DB979537C48AE055F 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-05-13 06:21:09 40C5EA47D4AEC96249B09BF0C076A60C 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-05-13 06:21:09 2292CD8500725B94B7D2E3C0C84F2D19 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-05-13 06:21:09 0D9BDBE780DD81757AC5AF87E8B1EBEC 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-05-13 06:21:05 E612E86FA15EA1EF9A52433A2743C447 1179136 ----a-w- C:\Windows\Sysnative\FntCache.dll
2015-05-13 06:21:05 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-05-13 06:21:05 490505F6E53EF046EC70A353BC9CD615 1647104 ----a-w- C:\Windows\Sysnative\DWrite.dll
2015-05-13 06:21:03 6B0F962B1EE486FFE7BCABBC9C736976 24576 ----a-w- C:\Windows\Sysnative\jnwmon.dll
2015-05-13 06:21:03 2B36E0C5C262437E1B098344DEFA55F8 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll
2015-05-13 06:21:02 E5404072A5A9E0B452ADDF1D1339176C 2543104 ----a-w- C:\Windows\Sysnative\wpdshext.dll
2015-05-13 06:21:01 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe
2015-05-13 06:21:00 F55F287810AAF708618793764AF7D1BB 23552 ----a-w- C:\Windows\Sysnative\sdbinst.exe
2015-05-13 06:21:00 83BFCCAC53795E8A5055A93672D0C46C 72192 ----a-w- C:\Windows\Sysnative\aelupsvc.dll
2015-05-13 06:21:00 7E21D3072EB20D5400919D435D549A9B 6656 ----a-w- C:\Windows\Sysnative\shimeng.dll
2015-05-13 06:21:00 31D260ADAF1CCFEFC49DB9FBCE9986DA 342016 ----a-w- C:\Windows\Sysnative\apphelp.dll
====== C:\Windows\Sysnative\drivers =====
2015-05-22 11:47:58 B5B4C90E9F52DA8586F1E5461AD90A5D 29168 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys
2015-05-22 11:47:58 B1368BE5F6BA529E0886F4DA2361BD2D 442264 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2015-05-22 11:47:58 91782404718C6352C26B3242BAC3F0F1 272248 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys
2015-05-22 11:47:58 6E53278ECCFFBC2ACC2A5006745ED4BB 137288 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys
2015-05-22 11:47:58 6D37D8DB30D086739507C5F6E542656A 93528 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2015-05-22 11:47:58 300CB8E510855189CAD0B72FFB5590CB 89944 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2015-05-22 11:47:58 07E32DFCA422A2920482D762D01957EC 65736 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
2015-05-22 11:47:57 3B4AC2DBFC86F7247C1FF1FAF2860530 1047320 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2015-05-18 05:57:25 FEE5C21569883B2BDC655FC875CCBA21 4467928 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys
2015-05-18 05:57:25 A54940F72EA866484984D2EA8FF4CC7D 2014958 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2015-05-13 06:21:10 F7DFAE6040AC910B7C64EE208A34157D 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-05-13 06:21:10 8FE94F2EF9BF444E93E35D87E210D02F 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-05-11 08:38:20 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_xb1usb_01011.Wdf
2015-05-06 20:35:50 7D7FBC9504575D97885A858EA93684F5 5804772 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat
2015-05-06 20:31:55 5677937A1A49CA8C970E13D838C572E6 460048 ----a-w- C:\Windows\Sysnative\drivers\IntcDAud.sys
2015-05-06 20:29:37 B34C08826C081A92D7298DE23E001FB6 129200 ----a-w- C:\Windows\Sysnative\drivers\e22w7x64.sys
====== C:\Windows\Tasks ======
2015-05-22 11:48:20 F686CC2418332B07EB6563587EC70DBC 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
2015-05-21 21:04:54 F1A25E8801BC29A36879C29B1915B722 314 ----a-w- C:\Windows\Tasks\IMGGZHDX1.job
2015-05-21 10:23:46 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2015-05-06 20:27:09 5250FC67BCF5C11F5FA836620B94971D 2896 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_Jay
2015-05-06 20:25:53 1131747B78F36E1DDAF7C542D6462BCB 3168 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Update
2015-05-06 20:25:53 0ADC0CCFADBADDEF2F609A56FAEA4869 3224 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster Scan
2015-05-06 20:25:53 02B9BFE0002ADBC1DF4FDF2894AB0C09 2866 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (Jay)
2015-05-06 20:18:30 C9E1FA58EDE823CB464567B572A4165F 3196 ----a-w- C:\Windows\Sysnative\Tasks\SuperEasyDriverUpdaterRunAtStartup
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-22 10:57:23 -------- d-----w- C:\Program Files\Enigma Software Group
2015-05-18 05:57:37 -------- d-----w- C:\Program Files\Realtek
======= C:\PROGRA~2 =====
2015-05-23 14:04:31 -------- d-----w- C:\PROGRA~2\VS Revo Group
2015-05-21 20:44:58 -------- d-----w- C:\PROGRA~2\ZipDownloader
2015-05-21 10:23:40 -------- d-----w- C:\PROGRA~2\Adobe
2015-05-20 10:09:28 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
2015-05-06 20:27:05 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit
2015-05-06 20:25:50 -------- d-----w- C:\PROGRA~2\IObit
======= C: =====
2015-05-22 10:58:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\Jay\AppData\Roaming ======
2015-05-23 14:04:31 -------- d-----w- C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-05-23 12:33:45 -------- d-----w- C:\Users\Jay\AppData\Local\openvr
2015-05-22 20:12:04 -------- d-----w- C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-22 20:10:25 -------- d-----w- C:\Users\Jay\AppData\Roaming\Dropbox
2015-05-22 10:02:43 -------- d-----w- C:\Users\Jay\AppData\Local\Mixesoft
2015-05-22 09:42:46 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Adobe
2015-05-22 09:27:36 -------- d-sh--w- C:\Users\Jay\AppData\Local\EmieUserList
2015-05-22 09:27:36 -------- d-sh--w- C:\Users\Jay\AppData\Local\EmieSiteList
2015-05-22 09:27:36 -------- d-sh--w- C:\Users\Jay\AppData\Local\EmieBrowserModeList
2015-05-22 07:45:34 -------- d-----r- C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-05-22 07:18:48 -------- d-----w- C:\Users\Jay\AppData\Roaming\PDFConvert
2015-05-22 07:18:48 -------- d-----w- C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter
2015-05-22 07:18:48 -------- d-----w- C:\Users\Jay\AppData\Roaming\DocToPDFConverter
2015-05-21 20:45:39 -------- d-----w- C:\Users\Jay\AppData\Roaming\CompuClever
2015-05-21 10:26:01 -------- d-----w- C:\Users\Jay\AppData\Locallow\Adobe
2015-05-20 10:09:27 -------- d-----w- C:\Users\Jay\AppData\Roaming\Adobe
2015-05-20 10:09:22 -------- d-----w- C:\Users\Jay\AppData\Local\Adobe
2015-05-19 10:07:25 -------- d-----w- C:\Users\Jay\AppData\Local\Programs
2015-05-19 10:07:00 -------- d-----w- C:\Users\Jay\AppData\Roaming\WinRAR
2015-05-18 05:52:18 -------- d-----w- C:\Users\Jay\AppData\Locallow\IObit
2015-05-17 23:45:23 -------- d-----w- C:\Users\Jay\AppData\Roaming\Tera_Awesomium
2015-05-15 09:05:24 -------- d-----w- C:\Users\Jay\AppData\Roaming\TS3Client
2015-05-13 08:56:49 -------- d-----w- C:\Users\Jay\AppData\Local\ElevatedDiagnostics
2015-05-11 00:07:40 -------- d-----w- C:\Users\Jay\AppData\Roaming\MAXON
2015-05-10 07:23:05 -------- d-----w- C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-09 23:55:22 -------- d-----w- C:\Users\Jay\AppData\Local\Skype
2015-05-09 12:09:01 -------- d-----w- C:\Users\Jay\AppData\Local\TERA
2015-05-09 07:15:14 -------- d-----w- C:\Users\Jay\AppData\Local\EA Games
2015-05-09 07:01:59 -------- d-----w- C:\Users\Jay\AppData\Roaming\DivX
2015-05-09 06:48:54 -------- d-----w- C:\Users\Jay\AppData\Roaming\DVDVideoSoft
2015-05-09 06:30:45 -------- d-----w- C:\Users\Jay\AppData\Roaming\NVIDIA
2015-05-09 06:27:06 -------- d-----w- C:\Users\Jay\AppData\Roaming\Sony
2015-05-09 06:27:06 -------- d-----w- C:\Users\Jay\AppData\Local\Sony
2015-05-09 06:16:48 C59C9DB3369FED8ADCA5EDA7E090EE23 61192 ----a-w- C:\Users\Jay\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-08 12:12:20 -------- d-----w- C:\Users\Jay\AppData\Local\IsolatedStorage
2015-05-07 06:12:57 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\IObit
2015-05-06 20:25:52 -------- d-----w- C:\Users\Jay\AppData\Roaming\IObit
====== C:\Users\Jay ======
2015-05-23 14:22:38 5B73E70C3FD8EBFC6F284001C615749C 2223104 ----a-w- C:\Users\Jay\Downloads\AdwCleaner.exe
2015-05-23 14:04:01 4F99CAE27FFD46712E65C21444AACDFC 2623656 ----a-w- C:\Users\Jay\Downloads\revosetup.exe
2015-05-23 09:04:40 -------- d-----w- C:\ProgramData\MovieDeaConfig
2015-05-23 08:55:27 BF9DA49C0E1D900A54AB15BB8EAF9BCA 2108416 ----a-w- C:\Users\Jay\Downloads\FRST64.exe
2015-05-22 10:58:13 -------- d-----w- C:\Users\Jay\Start Menu
2015-05-22 10:58:13 -------- d-----w- C:\Users\Jay\Desktop
2015-05-22 10:22:05 2305BFF2966D73694972FD7531BC5BAA 314368 ----a-w- C:\Windows\sysWoW64\config\systemprofile\sndvol.exe
2015-05-22 10:21:59 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Jay\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-22 10:17:44 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\sysWoW64\config\systemprofile\user.exe
2015-05-22 10:17:44 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\sysWoW64\config\systemprofile\osk.exe
2015-05-22 09:54:16 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\locales
2015-05-21 20:44:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipDownloader
2015-05-20 10:09:28 -------- d-----w- C:\ProgramData\Adobe
2015-05-13 12:45:35 -------- d-----r- C:\Users\Jay\Searches
2015-05-13 09:43:09 -------- d-----r- C:\Users\Jay\Pictures
2015-05-13 09:43:09 -------- d-----r- C:\Users\Jay\Music
2015-05-09 12:09:02 -------- d-----w- C:\ProgramData\boost_interprocess
2015-05-09 06:48:54 -------- d-----w- C:\Users\Jay\A
2015-05-09 06:27:06 -------- d-----r- C:\Users\Jay\Documents
2015-05-09 06:18:23 -------- d-sh--w- C:\Users\Jay\IntelGraphicsProfiles
2015-05-09 06:17:48 -------- d-----r- C:\Users\Jay\Videos
2015-05-09 06:16:48 -------- d-----r- C:\Users\Jay\Favorites
2015-05-09 06:16:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Jay\ntuser.ini
2015-05-08 07:20:08 -------- d-----w- C:\ProgramData\Solidshield
2015-05-06 20:36:05 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl
2015-05-06 20:27:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-05-06 20:25:53 -------- d-----w- C:\ProgramData\IObit
2015-05-06 20:25:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
 
====== C: exe-files ==
2015-05-23 14:22:38 5B73E70C3FD8EBFC6F284001C615749C 2223104 ----a-w- C:\Users\Jay\Downloads\AdwCleaner.exe
2015-05-23 14:08:45 3941837A49DD5F476575DF26DA5EBACA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1611889982-3250800483-796148715-1000\$IIKSIQP.exe
2015-05-23 14:04:32 761102A9B90EC601E8B3071120063D74 87550 ----a-w- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
2015-05-23 14:04:01 4F99CAE27FFD46712E65C21444AACDFC 2623656 ----a-w- C:\Users\Jay\Downloads\revosetup.exe
2015-05-23 09:22:07 353CCACAB99372A6434CB5E128B5AB2E 1952848 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\toolbox[1].exe
2015-05-23 08:55:27 BF9DA49C0E1D900A54AB15BB8EAF9BCA 2108416 ----a-w- C:\Users\Jay\Downloads\FRST64.exe
2015-05-23 08:29:13 6F6AFBD93BB17B50D91DA63EA85DF4A3 453056 ----a-w- C:\Users\Jay\AppData\Local\NVIDIA\NvBackend\Packages\0000770c\CoProc update.19606705.exe
2015-05-22 20:12:01 6DDA63B1DE6B4447B92072C838481F54 1032312 ----a-w- C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
2015-05-22 20:12:01 3F03AC51CE406AE04902BF239EE4F8F8 43374104 ----a-w- C:\Users\Jay\AppData\Roaming\Dropbox\bin\Dropbox.exe
2015-05-22 11:47:54 9CA2FDD44F7C1F8AC1652F6C2638CFED 364472 ----a-w- C:\Windows\System32\aswBoot.exe
2015-05-22 11:08:45 BED1902AF249BF3BC269420021A03D0B 613255 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\AnyProtectSetup[1].exe
2015-05-22 11:04:55 F185DC6F6E42AAD0242B29893BB6C8AE 229811 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\VuuPC_VO2_8907[1].exe
2015-05-22 11:04:42 BB968F25E58D57C3E5D1C1CE20E49D5D 130546 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U5PY4UK\rvwr[1].exe
2015-05-22 11:04:41 401FCBC206649E6D3D171DB5DCAFCEE5 66913 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F8BLXMJ\policyname[1].exe
2015-05-22 11:03:38 70FE302BFBDA15E692AFC49CF01BC6DF 93528 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\SearchUpdater[1].exe
2015-05-22 11:03:35 0B13D49B9D814409579B4EF6D6BA9D16 1041328 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7TTZLR2\infonaut-setup-1.10.0.14[1].exe
2015-05-22 11:03:34 6B7C9F733D72E979D1A29648B29A514D 39950 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAC2TPBJ\cmmdWriter[1].exe
2015-05-22 11:03:00 40009BAC0CEA6A7583F610C3235B622E 54784 ----a-w- C:\Windows\Temp\BE50.tmp.exe
2015-05-22 11:02:57 319C4ACE8A706370A33BA53D0E1BAC78 597861 ----a-w- C:\Windows\Temp\B22F.tmp.exe
2015-05-22 10:57:33 E796CCF06C15CE6C7AE8E158D3BAAD02 25472 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\native.exe
2015-05-22 10:57:26 F845E730A534BA17372368372DF01579 8260480 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
2015-05-22 10:57:25 492DD2C144612A8F6F9C39F27F009667 1026432 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
2015-05-22 10:43:34 E7C49F8D3A6F959323A998A2B2EF4286 16507936 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\ProtectorPackage2007x64d[1].exe
2015-05-22 10:43:22 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Jay\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-22 10:43:22 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U5PY4UK\ReiSysUpdate[1].exe
2015-05-22 10:43:06 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Jay\AppData\Local\Temp\ReimagePackage.exe
2015-05-22 10:43:06 1CBA0074E31C591E9079C9827400B0C3 13370912 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFU8ON00\ReimagePackage1814x64a[1].exe
2015-05-22 10:22:05 2305BFF2966D73694972FD7531BC5BAA 314368 ----a-w- C:\Windows\SysWOW64\config\systemprofile\sndvol.exe
2015-05-22 10:21:59 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Jay\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-22 10:17:44 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\SysWOW64\config\systemprofile\user.exe
2015-05-22 10:17:44 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\config\systemprofile\osk.exe
2015-05-22 09:57:55 F2959C7FED077068152CCB797CEFD97F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1611889982-3250800483-796148715-1000\$IBC4D4C.exe
2015-05-22 09:44:16 FBBAE4B3D182CE27030A9334C4CAAFB9 199680 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\VOsrv[1].exe
2015-05-22 08:28:13 A4EB37BD57781647EC9D275A7A54E49A 5672344 ----a-w- C:\Users\Jay\AppData\Local\NVIDIA\NvBackend\Packages\00007700\DAO.19604528.exe
2015-05-22 07:45:33 21333287F1A023FC417EDED21B1F4E4B 398048 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK\safeguard[1].exe
2015-05-22 07:44:49 B2B87E43A315EA1EB91CE837B1F01546 123469 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK\setup[1].exe
2015-05-22 07:44:44 23CEB3F1CC8D1C4F33084B476AA5334A 110196 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I83JFYC5\sgwr[1].exe
2015-05-22 07:44:37 528234F33A8031297E0BFFEFFDC56F23 2310191 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL\Setup[2].exe
2015-05-22 07:35:34 D320E7BABD5570AF578EB91B01FEDA5E 50358 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F8BLXMJ\ciwr[1].exe
2015-05-22 07:21:06 ED41650DBED818CEC55BA4E2F321AE59 1796055 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F8BLXMJ\MovieDea_t6_Setup[1].exe
2015-05-22 07:20:45 2A8CCC043AA52DC879F01F4B3F98D246 4459624 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\H-Alarm-Setup[1].exe
2015-05-22 07:20:38 19E5052C8496AD95A8CDB8A4EF076780 1173955 ----a-w- C:\$Recycle.Bin\S-1-5-21-1611889982-3250800483-796148715-1000\$RIKSIQP.exe
2015-05-22 07:20:24 FD94C8005EDC30BB96F959FBD67FC290 4605608 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\Itibiti_Knctr_C[1].exe
2015-05-22 07:18:48 488AD4102E6769792880194563300310 66345 ----a-w- C:\Users\Jay\AppData\Roaming\DocToPDFConverter\uninstall.exe
2015-05-22 07:18:30 4D24B8163256D5CACF4272AD5FE559B3 2380368 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U5PY4UK\pdfconv[1].exe
2015-05-22 07:17:10 FBF44532C77FB49B966CC5F944010939 2583504 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL\Setup[1].exe
2015-05-22 07:08:01 730ADDE6BA3BAD980DC6D1FBC24C5440 253440 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\SU_Srv[1].exe
2015-05-22 07:08:00 BC614A66AC15864E11F8BDBDAACA7F59 437760 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6CXG9AD\Update_Notifier[1].exe
2015-05-22 07:08:00 40009BAC0CEA6A7583F610C3235B622E 54784 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U5PY4UK\runasu[1].exe
2015-05-22 07:07:48 B844E2874EC135051C9E68E51BF611B5 418779 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK\SFSetup[1].exe
2015-05-22 07:07:45 186F5E99D24C70C916BC74A3A71EDA18 291840 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I83JFYC5\CASrv[1].exe
2015-05-22 07:07:24 AC46E0930993E2C182474EFE77677C0A 1459064 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFU8ON00\ConvertAdSetup[1].exe
2015-05-22 07:05:08 8615F13C3EBA3B7E2C60432F38B3823A 517949 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\WinCheckSetup[1].exe
2015-05-21 21:04:46 99E3D99D8ED70AC88F59E31757ED3D62 6498200 ----a-w- C:\Windows\Temp\vc.exe
2015-05-21 21:03:00 77849649B8D2374427704F320C72DC28 359128 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U5PY4UK\setup7[1].exe
2015-05-21 20:46:02 A42B8B49E70242B0306CD5D718715D02 5571992 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC8C4EFW\DriverRestore_EN[1].exe
2015-05-21 20:45:57 ED2E628CCDE9D5CFC46E19B3F730D22F 136896 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFU8ON00\Setup[1].exe
2015-05-21 20:45:51 08D0945F2D9F704F56E922164EF24CEE 871880 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC8C4EFW\boost_1003_9999[1].exe
2015-05-21 20:45:42 A80171A6899B087F215743C0BD53815F 136920 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\Setup[1].exe
2015-05-21 20:45:30 BF1015FB73C5EA55CBC4A5866B090519 7288632 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL\pcmaestropowersuite_setup8[1].exe
2015-05-21 20:45:23 70D09276FE2AAA808813399245A2F493 1542696 ----a-w- C:\Windows\Temp\contentDATs.exe
2015-05-21 20:44:59 6848CFD6D1075C23B9C571FB85F9DE11 177760 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6\spstub[1].exe
2015-05-21 20:44:59 619AEE7BA281820572D3A2876F55095F 56318 ----a-w- C:\Program Files (x86)\ZipDownloader\uninstall.exe
2015-05-21 20:44:56 F8A5C6C1C29BD5C3348E8136AE5C6E0A 607854 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\ZipDownloader_1.0_Installer[1].exe
2015-05-21 20:44:56 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICV2T2D9\sp-Setup1[1].exe
2015-05-21 20:30:36 1DBCD4D0DE5191FEB37DDD4F41695C53 675256 ----a-w- C:\Users\Jay\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-05-21 20:30:34 624433A59822ED21E0F51CB606F3B704 172984 ----a-w- C:\Users\Jay\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-05-20 06:19:18 E142943F079252AE0ABA47260C4E7196 413840 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
2015-05-20 06:19:18 93E4C51FE870A900E0417F852F781081 196240 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe
2015-05-20 06:19:18 9047D1D9F1E6FB4244F53965E89C0796 20698768 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2015-05-20 06:19:17 FAE46B3931E8FCA37F43F5284E9D61E1 4703888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe
2015-05-20 06:19:17 D5FFA9F81738C81253C0D3C7E03E3AB0 2685072 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe
2015-05-20 06:19:17 C9D89A33162D10F23148DAD1723A7497 87184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe
2015-05-20 06:19:17 C76E7ED75A7FFA50FFDF3B07400C5E84 595600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe
2015-05-20 06:19:17 C0B698B7D0E03B2A01D0F781BEE052BB 1152656 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe
2015-05-20 06:19:17 B237375302410B9C4E811B9D0699248F 3936912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe
2015-05-20 06:19:17 A2D5614BE5957B21272800B63E070C50 1057424 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe
2015-05-20 06:19:17 8B4CDD6AD795DA62E5FFBB3BFAC32D6F 126608 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe
2015-05-20 06:19:17 6FEA38EA54D6FE0B61D08E93F8F4CAC0 3051152 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe
2015-05-20 06:19:17 601B970FC5875C4B54CD19421D000DEC 22997648 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2015-05-20 06:19:17 5A0A278308A9F42266C59F68D5E2FA68 5261456 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-05-20 06:19:17 437063300629BED250D5951EAB298DE0 7896720 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe
2015-05-20 06:19:17 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe
2015-05-20 06:19:17 32ECE52E4C4A5FC2115279D7B13E6270 1884304 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe
2015-05-20 06:19:17 2985430DAF228D3E48C6BA5A20FF4329 637584 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-05-20 06:19:17 272CABCCAC57377AA8B8029051FFDD73 519824 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe
2015-05-20 06:19:17 1B2F134B70CD9BB16DEEE3DA52A43C0C 6739088 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-05-20 06:19:17 164108CA78D3AF5310CB8255157C8105 919184 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe
2015-05-20 06:19:17 08D5498728CACC31A914526B7C3DED92 5983888 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe
2015-05-20 06:18:47 FD7B3B3530475D34ABE199D09F3E7D5E 36892808 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\54bcd8d6-9a83-41a6-a9bd-dcf8b59e8a71\GeForce_Experience_Update_v2.4.3.31.exe
2015-05-19 19:28:40 E61C378A29979BD8840EEFAC0F36C231 406528 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe
2015-05-19 19:28:40 B94C770978AD994F419D92FE24FD3F0F 360240 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe
2015-05-19 19:28:40 A9B579DCC2BCAB35AAD2B88F0C22ACF2 476160 ----a-w- C:\Windows\System32\GWX\GWX.exe
2015-05-19 19:28:40 4F7DF2B33A4691E08B2B96FC98A4388F 401408 ----a-w- C:\Windows\System32\GWX\GWXUX.exe
2015-05-19 19:28:40 39553E30D5CE09168F1E82A2FA563FDF 667136 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe
2015-05-18 05:57:26 538250508501C2A714B2764E9920DAFF 1768152 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2015-05-18 05:57:26 2A21E75EF80242E0646E7567993E977D 562792 ----a-w- C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
2015-05-18 05:57:25 C21E6749B1BD1E55D46F1B3052C6432E 295128 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2015-05-18 05:57:25 912858EE253CA62AC0DC326BB556273B 8466136 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2015-05-18 05:57:25 813006C133576159EBB6DE770D55267D 1393880 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2015-05-18 05:57:25 08D9600B273D85C4CC5E4D6116E1941A 13876952 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2015-05-18 05:57:24 F9EDCA74B8CB3744159DEF02352F7BD6 58880 ----a-w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe
2015-05-18 05:57:24 D1E343BC00136CE03C4D403194D06A80 98208 ----a-w- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
2015-05-18 05:57:24 BA3484DDEF9E56ED15E91EAF550B41C2 742592 ----a-w- C:\Program Files\Realtek\Audio\HDA\CXAPOAgent64.exe
2015-05-18 05:57:24 B14370C5FF63C548BB880D21195F7CBC 124440 ----a-w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-05-18 05:57:24 6688B6F74C360CBC366B7AF948D9084D 240576 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
2015-05-18 05:57:24 44BB65B1D3827043978FC8E11CA7C0B4 210024 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
=== C: other files ==
2015-05-23 14:10:24 D91C5D6F21ADF1FF49B0A90BB5BD022A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1611889982-3250800483-796148715-1000\$I8B3NVY.zip
2015-05-22 22:15:12 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Jay\AppData\Local\Temp\avastBCLTMP\{c442ac41-9200-4770-8cc0-7cdb4f245c55}.zip
2015-05-22 22:15:12 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Jay\AppData\Local\Temp\avastBCLTMP\{ba0c978d-d909-49b6-afe2-8bde245dc7e6}.zip
2015-05-22 11:48:57 EDC6E9C057C9D7F83EEA22B4CEF5DCAD 145792 ----a-w- C:\Windows\System32\vbox\E1G6032E.sys
2015-05-22 11:48:48 D52B0761CCEB61A660DE7D55A246EBED 374216 ----a-w- C:\Windows\System32\vbox\VBoxVideoW8.sys
2015-05-22 11:48:48 72D22E6E9E948EA112630F18E8105B4E 369608 ----a-w- C:\Windows\System32\vbox\VBoxVideoWddm.sys
2015-05-22 11:48:48 71C5BF32BB55F60DD7C9F44A46B4EB2B 147640 ----a-w- C:\Windows\System32\vbox\VBoxVideo.sys
2015-05-22 11:48:47 C4DAA49E602BFA5A48288D67B42ADBF9 123432 ----a-w- C:\Windows\System32\vbox\VBoxMouse.sys
2015-05-22 11:48:47 B0ED299C61AB5C1E6B35E6FA873188A0 164096 ----a-w- C:\Windows\System32\vbox\VBoxGuest.sys
2015-05-22 11:47:58 B5B4C90E9F52DA8586F1E5461AD90A5D 29168 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-05-22 11:47:58 B1368BE5F6BA529E0886F4DA2361BD2D 442264 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2015-05-22 11:47:58 91782404718C6352C26B3242BAC3F0F1 272248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-05-22 11:47:58 6E53278ECCFFBC2ACC2A5006745ED4BB 137288 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-05-22 11:47:58 6D37D8DB30D086739507C5F6E542656A 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-05-22 11:47:58 300CB8E510855189CAD0B72FFB5590CB 89944 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-05-22 11:47:58 07E32DFCA422A2920482D762D01957EC 65736 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-05-22 11:47:57 3B4AC2DBFC86F7247C1FF1FAF2860530 1047320 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2015-05-22 10:58:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2015-05-22 10:57:33 F845E730A534BA17372368372DF01579 8260480 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com
2015-05-22 10:57:30 7AEC5E76816178BF6C543A155D8208B6 15920 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
2015-05-22 10:57:29 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\EsgScanner.sys
2015-05-22 07:45:13 B8852A8376945B4704C5309736107242 219205 ----a-w- C:\Users\Jay\AppData\Local\Temp\MovieDea_Reboot\icons.zip
2015-05-22 07:21:14 B8852A8376945B4704C5309736107242 219205 ----a-w- C:\Users\Jay\AppData\Local\Temp\MovieDea_USB\icons.zip
2015-05-22 07:21:14 B8852A8376945B4704C5309736107242 219205 ----a-w- C:\$Recycle.Bin\S-1-5-21-1611889982-3250800483-796148715-1000\$R8B3NVY.zip
2015-05-21 21:04:32 6013BF9B979B0C133848ADA1A13251FC 107816 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6CXG9AD\page-offer-6297[1].zip
2015-05-21 21:02:51 A22FD5CCAF4C6D460C86BE3E136472DF 9079 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I83JFYC5\page-offer-6792[1].zip
2015-05-21 20:38:32 CBF582DFEC2C2550AB28E1D129E1A22D 117322 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFU8ON00\page-offer-3640[1].zip
2015-05-21 20:38:32 78AF923A6D5D31B055CAB642321BF6C5 102198 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC8C4EFW\page-offer-6093[1].zip
2015-05-21 20:38:32 5063A5B6BFAB1994E0C3952B7DB107A4 127811 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAC2TPBJ\page-offer-2618[1].zip
2015-05-21 20:38:32 1415561FABFDDE1143A85A733899537B 7301 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK\page-offer-6710[1].zip
2015-05-21 20:38:31 EC1DE7360556274F09EACB42F66A97E9 1168736 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL\theme-theme-87[1].zip
2015-05-21 20:38:31 2E25950D1F4D818C88ACDBE32580B2C7 159896 ----a-w- C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL\page-software-45[1].zip
2015-05-20 06:19:18 DFF17A8330FB7813E3F9A4F75D69F377 15504 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys
2015-05-20 06:19:18 DBFE7B2DF103F74AE51840B3C5F25FE9 38032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys
2015-05-20 06:19:18 DA48A4EB3DD38C7BF90CB12DD1672618 19600 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-05-20 06:19:18 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys
2015-05-20 06:19:18 CB31DA7A5C788DC64E2C3BCCE066825B 14480 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys
2015-05-20 06:19:18 A3E321C92C09F995542A0B939DFF836B 18576 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2015-05-20 06:19:18 3EEDE5E218F0978D802CE3196E8B9028 32912 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys
2015-05-20 06:19:18 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys
2015-05-19 10:03:07 65CB9FD22A679CEE06B82FC5453F5355 77313488 ----a-w- C:\Users\Jay\Downloads\Program.zip
2015-05-18 05:57:25 FEE5C21569883B2BDC655FC875CCBA21 4467928 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/22/2015 04:47 AM]
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/22/2015 04:47 AM]
 
AdBlock - Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Avira Browser Safety - Jay\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnlmhbanaiddolfmcklggjmhliepiki
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
 
==== Reset Google Chrome ======================
 
C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
 
==== shortcuts on All Users Desktop ======================
 
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe 
C:\Users\Public\Desktop\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe 
C:\Users\Public\Desktop\Driver Updater.lnk - C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe 
C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
C:\Users\Public\Desktop\Free YouTube Uploader.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe 
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\Hauppauge Capture.lnk - D:\Hauppauge\Capture\HauppaugeCapture.exe 
C:\Users\Public\Desktop\Hauppauge Personal Logo inserter.lnk - D:\Hauppauge\PersonalLogo\PersonalLogo.exe 
C:\Users\Public\Desktop\Killer Network Manager.lnk - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_E38B8113745D486384C281C6EE6C49DB.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe 
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - D:\TeamSpeak 3 Client\ts3client_win64.exe 
C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk - D:\Sony\Vegas Pro 13.0\vegas130.exe 
 
==== shortcuts in Users Start Menu ======================
 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter\DocToPDFConverter.lnk - C:\Users\Jay\AppData\Roaming\DocToPDFConverter\DocToPdfConverter.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter\Uninstall DocToPDFConverter.lnk - C:\Users\Jay\AppData\Roaming\DocToPDFConverter\uninstall.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Jay\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Jay\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url 
 
==== shortcuts in All Users Start Menu ======================
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Uninstall Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube Uploader.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIFix.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\AVIFix.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\AVIMux.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\AVIMux.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory Video Setting.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\DxtoryVideoSetting.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\Dxtory.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\EULA.txt.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\EULA_en.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\License Register.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\LicReg.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv NoPreview.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe /nopv
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\RawCapConv.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\RawCapConv.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0\readme.txt.lnk - C:\Program Files (x86)\ExKode\Dxtory2.0\readme.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dead Space™ 2.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Elder Scrolls V Skyrim.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake\Handbrake.lnk - C:\Program Files\Handbrake\Handbrake.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake\Uninstall.lnk - C:\Program Files\Handbrake\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge\Hauppauge Capture.lnk - C:\Program Files (x86)\Hauppauge\Capture\HauppaugeCapture.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hauppauge\Hauppauge Personal Logo inserter.lnk - C:\Program Files (x86)\Hauppauge\PersonalLogo\PersonalLogo.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub (x64).lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter64.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio (x64).lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter (x64).lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video (x64).lnk - C:\Windows\System32\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /resetsettings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Uninstall.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.8.150\McAfee.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Diagnostics.lnk - C:\Program Files (x86)\Qualcomm Atheros\Network Manager\KillerDiagnose\KillerDiagnose.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Network Manager.lnk - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_57A52662FCCD47C9AAA02E5E7FCEFD5C.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall\Uninstall RaidCall.lnk - C:\Program Files (x86)\RaidCall\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Red Giant Link.lnk - C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Magic Bullet Suite.lnk - C:\Program Files (x86)\Red Giant\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Readme.lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\Readme\Vegas_readme.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk - C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk - C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files\TeamSpeak 3 Client\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Configure x264vfw.lnk - C:\Windows\SysWOW64\rundll32.exe x264vfw.dll,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Configure x264vfw64.lnk - C:\Windows\System32\rundll32.exe x264vfw64.dll,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Uninstall x264vfw.lnk - C:\Program Files (x86)\x264vfw\x264vfw-uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Check for Updates.lnk - D:\Xvid\autoupdate-windows.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Decoder.lnk - C:\Windows\System32\rundll32.exe xvid.ax,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Encoder.lnk - C:\Windows\System32\rundll32.exe xvidvfw.dll,Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Release Notes.lnk - C:\Program Files (x86)\Xvid\releasenotes.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Uninstall Xvid Video Codec.lnk - C:\Program Files (x86)\Xvid\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid MiniConvert.lnk - C:\Program Files (x86)\Xvid\MiniConvert.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's FourCC Changer.lnk - C:\Program Files (x86)\Xvid\AviC.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's MiniCalc.lnk - C:\Program Files (x86)\Xvid\MiniCalc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Some Quantization Matrices.lnk - C:\Program Files (x86)\Xvid\Xvid_Quant_Matrices.zip 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader 2.1.lnk - C:\Program Files (x86)\Xvid\StatsReader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader Notes.lnk - C:\Program Files (x86)\Xvid\statsreader.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\xvid_encraw.lnk - C:\Windows\system32\cmd.exe /k ""C:\Program Files (x86)\Xvid\xvid_encraw.exe"" -h
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipDownloader\Uninstall.lnk - C:\Program Files (x86)\ZipDownloader\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipDownloader\ZipDownloader.lnk - C:\Program Files (x86)\ZipDownloader\ZipDownloader.exe 
 
==== shortcuts in Quick Launch ======================
 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Jay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Jay\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6 will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F8BLXMJ will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I83JFYC5 will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7TTZLR2 will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC8C4EFW will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6CXG9AD will be deleted at reboot
C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\Jay\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=232 folders=82 69387318 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jay\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Jay\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\PROGRA~2\WinRAR"  not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12QYVOR6" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8F8BLXMJ" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FEKBEVOL" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I83JFYC5" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7TTZLR2" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC8C4EFW" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6CXG9AD" not found
"C:\Users\Jay\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMFHP5NK" not found
 
==== EOF on Sat 05/23/2015 at  7:43:48.46 ======================


#7 Fire First Jay

Fire First Jay
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 23 May 2015 - 09:47 AM

It seems my problems are gone. So many thanks to you dude. Thank you for taking your time to help me!



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:30 PM

Posted 23 May 2015 - 10:15 AM

Step 1

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:30 PM

Posted 26 May 2015 - 05:31 AM

Hi,

3 Day Inactivity

this is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:30 PM

Posted 31 May 2015 - 03:25 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users