Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting virus FRST logs here


  • This topic is locked This topic is locked
11 replies to this topic

#1 sovitin

sovitin

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 25 December 2015 - 10:24 PM

Any sort of input from the mouse would cause a redirect, i already got MBAM and other programs from a previous forum here. I have used spybot, ESET, CC cleaner tools, and also ran the mini toolbox. Problem still stands the same. 

Attached Files



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 26 December 2015 - 09:07 AM

Hello sovitin, welcome to Bleeping Computer's Malware Removal forum!
 
My name is Gerrit. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 

======================================================

 

STEP 1
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 2

BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab, and click Cleaning
  • Follow the prompts and allow your computer to reboot
  • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S1].txt.

 

STEP 3
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is selected and click Start Scan.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 

STEP 4
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • JRT.txt
  • AdwCleaner[C1].txt
  • MBAM Log
  • FRST.txt & Addition.txt

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 sovitin

sovitin
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 29 December 2015 - 03:00 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 x64 
Ran by joshia (Administrator) on Sat 12/26/2015 at 15:13:40.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 1 
 
Successfully deleted: C:\Users\joshia\AppData\Roaming\sp_data.sys (File) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 12/26/2015 at 15:16:53.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/25/2015
Scan Time: 12:23 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.12.25.05
Rootkit Database: v2015.12.18.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: joshia
 
Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 0
(No malicious items detected)
Time Elapsed: 0 min, 19 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
# AdwCleaner v5.026 - Logfile created 26/12/2015 at 16:17:11
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : joshia - HOME
# Running from : C:\Users\joshia\Downloads\AdwCleaner (2).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS10r0WO_8Qe-_X9qxFMShdHtP3OE91YH4Gd-YluuNw-YVp5XeWYWoCIFYOsjyyfa1_Odf0JXm00nze4-MArOIApAHsJkl5rMN5nJ02IBBZAZZtTf1N8dkbbQTXWpCMyq
[-] [C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP908931E0-9847-4D97-A84B-FACFE5A76F4C&SSPV=
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1522 bytes] ##########
 
 
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
Ran by joshia (administrator) on HOME (29-12-2015 00:50:40)
Running from C:\Users\joshia\Downloads
Loaded Profiles: joshia (Available Profiles: joshia & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(VIA Technologies, Inc.) C:\WINDOWS\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.8.203.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\WWAHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(Valve Corporation) G:\steam\Steam.exe
(Valve Corporation) G:\steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) G:\steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\joshia\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-27] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723904 2015-11-10] (McAfee, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Steam] => G:\steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2050048 2015-03-09] (RemoteMouse.net)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-25] (Electronic Arts)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\MountPoints2: {9e895ba4-dcaa-11e4-be81-dc85de8b69dc} - "F:\VZW_Software_upgrade_assistant.exe" 
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-28]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{79A21B6C-4A99-4D2C-94BC-0038D1BDDA4A}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{BEDA368D-741F-4CFA-AF27-EC71DE40B52C}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1629525133-1994508930-683499572-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-25] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-25] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP908931E0-9847-4D97-A84B-FACFE5A76F4C&SSPV=
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS10r0WO_8Qe-_X9qxFMShdHtP3OE91YH4Gd-YluuNw-YVp5XeWYWoCIFYOsjyyfa1_Odf0JXm00nze4-MArOIApAHsJkl5rMN5nJ02IBBZAZZtTf1N8dkbbQTXWpCMyq"
CHR Profile: C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-25]
CHR Extension: (Google Docs) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-25]
CHR Extension: (Google Drive) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]
CHR Extension: (YouTube) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-25]
CHR Extension: (Adblock Plus) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-25]
CHR Extension: (Google Search) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]
CHR Extension: (Google Sheets) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-25]
CHR Extension: (Google Docs Offline) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-25]
CHR Extension: (Morpheon Dark) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2015-12-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-25]
CHR Extension: (Gmail) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-25]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-10] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-25] (Electronic Arts)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-23] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-28] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-23] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-23] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-23] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-29 00:50 - 2015-12-29 00:50 - 02370560 _____ (Farbar) C:\Users\joshia\Downloads\FRST64 (1).exe
2015-12-29 00:50 - 2015-12-29 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-12-29 00:49 - 2015-12-29 00:49 - 01721856 _____ (Farbar) C:\Users\joshia\Downloads\FRST (1).exe
2015-12-27 21:10 - 2015-12-27 21:10 - 00000000 ____D C:\Users\joshia\AppData\Local\DCS
2015-12-27 17:53 - 2015-12-27 17:54 - 00000000 ____D C:\Users\joshia\AppData\Roaming\DarkSoulsII
2015-12-27 14:01 - 2015-12-27 14:01 - 00000000 ____D C:\Users\joshia\Documents\WB Games
2015-12-27 11:46 - 2015-12-27 11:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-12-27 00:01 - 2015-12-27 00:01 - 00001067 _____ C:\Users\joshia\Desktop\MBAM.txt
2015-12-26 16:20 - 2015-12-26 16:20 - 00001601 _____ C:\Users\joshia\Desktop\AdwCleaner[C2].txt
2015-12-26 16:19 - 2015-12-27 11:45 - 00000401 _____ C:\Users\joshia\AppData\Roaming\sp_data.sys
2015-12-26 16:14 - 2015-12-26 16:14 - 01743360 _____ C:\Users\joshia\Downloads\AdwCleaner (2).exe
2015-12-26 15:17 - 2015-12-26 15:18 - 01743360 _____ C:\Users\joshia\Downloads\AdwCleaner (1).exe
2015-12-26 15:16 - 2015-12-26 16:16 - 00000627 _____ C:\Users\joshia\Desktop\JRT.txt
2015-12-26 15:13 - 2015-12-26 15:13 - 01599336 _____ (Malwarebytes) C:\Users\joshia\Downloads\JRT (2).exe
2015-12-26 15:11 - 2015-12-26 15:12 - 01599336 _____ (Malwarebytes) C:\Users\joshia\Downloads\JRT (1).exe
2015-12-25 20:20 - 2015-12-25 20:20 - 00066907 _____ C:\Users\joshia\Desktop\FRST 2.txt
2015-12-25 20:20 - 2015-12-25 20:20 - 00053040 _____ C:\Users\joshia\Desktop\FRST.txt
2015-12-25 20:19 - 2015-12-25 20:20 - 00066907 _____ C:\Users\joshia\Downloads\Addition.txt
2015-12-25 20:18 - 2015-12-29 00:50 - 00021786 _____ C:\Users\joshia\Downloads\FRST.txt
2015-12-25 20:18 - 2015-12-29 00:50 - 00000000 ____D C:\FRST
2015-12-25 20:17 - 2015-12-25 20:17 - 02370560 _____ (Farbar) C:\Users\joshia\Downloads\FRST64.exe
2015-12-25 20:17 - 2015-12-25 20:17 - 01721856 _____ (Farbar) C:\Users\joshia\Downloads\FRST.exe
2015-12-25 19:41 - 2015-12-25 19:41 - 00135226 _____ C:\Users\joshia\Downloads\hosts.zip
2015-12-25 14:12 - 2015-12-25 14:12 - 02870984 _____ (ESET) C:\Users\joshia\Downloads\esetsmartinstaller_enu.exe
2015-12-25 13:23 - 2015-12-25 13:23 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox (2).exe
2015-12-25 13:18 - 2015-12-25 13:18 - 01599336 _____ (Malwarebytes) C:\Users\joshia\Downloads\JRT.exe
2015-12-25 13:04 - 2015-12-26 16:17 - 00000000 ____D C:\AdwCleaner
2015-12-25 13:03 - 2015-12-25 13:03 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox (1).exe
2015-12-25 13:02 - 2015-12-25 13:02 - 01743360 _____ C:\Users\joshia\Downloads\AdwCleaner.exe
2015-12-25 12:22 - 2015-12-28 23:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 12:22 - 2015-12-25 12:22 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-25 12:22 - 2015-12-25 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-25 12:22 - 2015-12-25 12:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-25 12:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-25 12:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-25 12:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-25 12:21 - 2015-12-25 12:21 - 22908888 _____ (Malwarebytes ) C:\Users\joshia\Downloads\mbam-setup-2.2.0.1024 (1).exe
2015-12-25 12:17 - 2015-12-25 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-25 12:16 - 2015-12-25 12:16 - 22908888 _____ (Malwarebytes ) C:\Users\joshia\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-25 12:15 - 2015-12-25 13:23 - 00013180 _____ C:\Users\joshia\Downloads\MTB.txt
2015-12-25 12:14 - 2015-12-25 12:14 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox.exe
2015-12-25 12:09 - 2015-12-25 12:09 - 06805328 _____ (Piriform Ltd) C:\Users\joshia\Downloads\ccsetup513 (1).exe
2015-12-25 12:09 - 2015-12-25 12:09 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-25 12:09 - 2015-12-25 12:09 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-25 12:09 - 2015-12-25 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-25 12:09 - 2015-12-25 12:09 - 00000000 ____D C:\Program Files\CCleaner
2015-12-25 12:08 - 2015-12-25 12:09 - 06805328 _____ (Piriform Ltd) C:\Users\joshia\Downloads\ccsetup513.exe
2015-12-25 12:03 - 2015-12-25 12:03 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-25 12:03 - 2015-12-25 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-25 12:02 - 2015-12-25 20:46 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-25 12:02 - 2015-12-25 20:46 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-25 12:02 - 2015-12-25 19:44 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-25 12:02 - 2015-12-25 19:44 - 00003646 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-25 12:02 - 2015-12-25 12:02 - 00000000 ____D C:\Users\joshia\AppData\Local\Deployment
2015-12-25 01:08 - 2015-12-25 01:18 - 00474864 _____ C:\TDSSKiller.3.1.0.9_25.12.2015_01.08.26_log.txt
2015-12-25 01:02 - 2015-12-25 01:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\joshia\Downloads\tdsskiller.exe
2015-12-25 00:30 - 2015-12-25 12:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-25 00:30 - 2015-12-25 12:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-12-25 00:29 - 2015-12-25 00:30 - 16409960 _____ (Safer Networking Limited ) C:\Users\joshia\Downloads\spybotsd162.exe
2015-12-24 23:19 - 2015-12-24 23:28 - 482664876 _____ C:\Users\joshia\Downloads\l4d2_dead-before-dawn-extended_15922_v0_1.zip
2015-12-23 13:34 - 2015-12-23 13:34 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2015-12-23 13:26 - 2015-12-23 13:27 - 109567016 _____ (Zenimax Media Inc) C:\Users\joshia\Downloads\Install_ESO.exe
2015-12-23 12:42 - 2015-12-16 07:53 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-23 12:42 - 2015-12-16 07:53 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-23 12:42 - 2015-12-16 07:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-23 12:40 - 2015-12-16 10:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-23 12:40 - 2015-12-16 10:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-12-23 12:40 - 2015-12-16 10:34 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-23 12:33 - 2015-12-23 12:38 - 336974040 _____ (NVIDIA Corporation) C:\Users\joshia\Downloads\361.43-notebook-win8-win7-64bit-international-whql.exe
2015-12-23 12:30 - 2015-12-23 12:31 - 42639352 _____ (NVIDIA Corporation) C:\Users\joshia\Downloads\GeForce_Experience_v2.8.1.21.exe
2015-12-21 13:03 - 2015-12-21 13:03 - 00000000 ____D C:\Users\joshia\AppData\Local\My Games
2015-12-19 15:49 - 2015-12-23 13:34 - 00000702 _____ C:\Users\joshia\Desktop\The Elder Scrolls Online.lnk
2015-12-19 15:49 - 2015-12-19 15:49 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2015-12-19 15:49 - 2015-12-19 15:49 - 00000000 ____D C:\WINDOWS\jre
2015-12-19 12:04 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-12-19 12:04 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-12-17 15:28 - 2015-12-17 15:41 - 00000000 ____D C:\Users\joshia\AppData\LocalLow\BitTorrent
2015-12-15 19:51 - 2015-12-15 19:51 - 00465231 _____ C:\Users\joshia\Downloads\20151207_222726_001.mp4
2015-12-15 16:03 - 2015-12-15 16:03 - 08204776 _____ (McAfee, Inc.) C:\Users\joshia\Downloads\McAfeeSetup (1).exe
2015-12-08 20:20 - 2015-11-05 01:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-08 20:19 - 2015-11-21 23:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-08 20:19 - 2015-11-21 23:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-08 20:19 - 2015-11-21 23:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-08 20:19 - 2015-11-21 23:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-08 20:19 - 2015-11-21 23:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-08 20:19 - 2015-11-21 23:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-08 20:19 - 2015-11-21 23:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-08 20:19 - 2015-11-21 11:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-08 20:19 - 2015-11-21 10:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-08 20:19 - 2015-11-21 09:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-08 20:19 - 2015-11-21 09:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-08 20:19 - 2015-11-21 09:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-08 20:19 - 2015-11-21 09:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-08 20:19 - 2015-11-20 15:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-08 20:19 - 2015-11-20 11:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-08 20:19 - 2015-11-20 09:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-08 20:19 - 2015-11-20 09:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-08 20:19 - 2015-11-20 09:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-08 20:19 - 2015-11-20 09:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-08 20:19 - 2015-11-20 09:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-08 20:19 - 2015-11-20 09:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-08 20:19 - 2015-11-20 09:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-08 20:19 - 2015-11-20 09:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-08 20:19 - 2015-11-20 09:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-08 20:19 - 2015-11-20 09:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-08 20:19 - 2015-11-20 09:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-08 20:19 - 2015-11-11 09:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-08 20:19 - 2015-11-11 09:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-08 20:19 - 2015-11-11 08:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-08 20:19 - 2015-11-11 08:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-08 20:19 - 2015-11-11 08:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-08 20:19 - 2015-11-11 08:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-08 20:19 - 2015-11-09 17:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-08 20:19 - 2015-11-09 17:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-08 20:19 - 2015-11-09 17:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-08 20:19 - 2015-11-09 17:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-08 20:19 - 2015-11-09 17:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-08 20:19 - 2015-11-09 16:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-08 20:19 - 2015-11-09 16:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-08 20:19 - 2015-11-09 16:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-08 20:19 - 2015-11-09 16:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-08 20:19 - 2015-11-09 16:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-08 20:19 - 2015-11-09 16:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-08 20:19 - 2015-11-09 16:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-08 20:19 - 2015-11-09 16:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-08 20:19 - 2015-11-09 16:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-08 20:19 - 2015-11-09 16:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-08 20:19 - 2015-11-08 17:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-08 20:19 - 2015-11-08 15:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-08 20:19 - 2015-11-08 15:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-08 20:19 - 2015-11-08 15:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-08 20:19 - 2015-11-08 15:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-08 20:19 - 2015-11-08 15:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-08 20:19 - 2015-11-08 15:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-08 20:19 - 2015-11-08 14:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-08 20:19 - 2015-11-08 14:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-08 20:19 - 2015-11-08 14:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-08 20:19 - 2015-11-08 14:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-08 20:19 - 2015-11-08 14:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-08 20:19 - 2015-11-08 14:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-08 20:19 - 2015-11-08 14:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-08 20:19 - 2015-11-08 14:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-08 20:19 - 2015-11-08 14:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-08 20:19 - 2015-11-08 14:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-08 20:19 - 2015-11-08 14:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-08 20:19 - 2015-11-08 14:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-08 20:19 - 2015-11-08 13:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-08 20:19 - 2015-11-08 13:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-08 20:19 - 2015-11-08 13:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-08 20:19 - 2015-11-08 13:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-08 20:19 - 2015-11-08 13:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-08 20:19 - 2015-11-08 13:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-08 20:19 - 2015-11-08 13:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-08 20:19 - 2015-10-28 08:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-08 20:19 - 2015-10-28 08:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-08 20:19 - 2015-10-22 09:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-08 20:19 - 2015-10-22 09:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-08 20:19 - 2015-10-22 08:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-08 20:19 - 2015-10-22 08:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-08 20:19 - 2015-10-22 07:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-08 20:19 - 2015-10-22 07:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-08 20:19 - 2015-10-10 23:34 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-08 20:19 - 2015-10-10 23:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-08 20:19 - 2015-10-10 11:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-08 20:19 - 2015-10-10 11:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-08 20:19 - 2015-10-10 11:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-08 20:19 - 2015-10-10 10:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-08 20:19 - 2015-10-08 09:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-08 20:19 - 2015-10-08 08:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-08 20:19 - 2015-10-05 11:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-08 20:19 - 2015-10-05 11:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-08 20:19 - 2015-10-03 12:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-08 20:19 - 2015-10-03 12:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-05 20:52 - 2015-12-05 22:51 - 00000000 ____D C:\Users\joshia\AppData\Local\Ubisoft Game Launcher
2015-12-05 20:52 - 2015-12-05 20:52 - 00001219 _____ C:\Users\joshia\Desktop\Uplay.lnk
2015-12-05 20:52 - 2015-12-05 20:52 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-12-05 20:51 - 2015-12-05 20:51 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-12-04 07:40 - 2015-12-04 07:40 - 00000000 ____D C:\Users\joshia\AppData\LocalLow\Adobe
2015-12-04 07:40 - 2015-12-04 07:40 - 00000000 ____D C:\Users\joshia\AppData\Local\Adobe
2015-12-03 13:58 - 2015-12-03 13:58 - 00000000 ____D C:\Users\joshia\Documents\StarCraft II
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-12-28 23:37 - 2015-10-18 19:39 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1629525133-1994508930-683499572-1002
2015-12-28 23:29 - 2015-10-27 18:37 - 00003770 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0E7BA79-1C90-4DD0-8583-33EF59A6605F}
2015-12-28 23:29 - 2014-11-21 01:44 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-28 23:29 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-28 23:25 - 2015-10-18 21:08 - 00000000 ____D C:\Users\joshia\AppData\Local\CrashDumps
2015-12-28 23:25 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS
2015-12-27 21:20 - 2015-01-14 06:02 - 00000000 ____D C:\Users\joshia\Documents\my games
2015-12-27 13:57 - 2015-10-31 20:58 - 00000000 ____D C:\Users\joshia\AppData\Local\Bohemia_Interactive
2015-12-27 11:47 - 2015-11-16 17:51 - 00000000 ____D C:\ProgramData\Origin
2015-12-27 11:45 - 2015-10-25 15:31 - 00000000 ___DO C:\Users\joshia\OneDrive
2015-12-27 11:45 - 2012-10-28 13:07 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-12-27 11:44 - 2015-10-23 06:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-27 11:44 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-27 11:44 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-26 16:19 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-26 14:24 - 2012-10-28 13:07 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-12-26 02:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\schemas
2015-12-25 20:46 - 2012-08-04 18:43 - 00000000 ____D C:\ProgramData\McAfee
2015-12-25 20:46 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-12-25 19:44 - 2015-10-31 16:04 - 00001930 _____ C:\WINDOWS\System32\Tasks\{F642E88F-8D68-4BC2-9E97-7E25D9E2E618}
2015-12-25 19:44 - 2012-10-28 13:14 - 00002068 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-12-25 19:38 - 2015-10-22 16:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-25 19:38 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files\mcafee
2015-12-25 12:55 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-12-25 12:55 - 2013-08-22 07:44 - 00346632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-25 12:11 - 2015-10-23 08:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-25 12:03 - 2015-10-18 19:32 - 00000000 ____D C:\Users\joshia\AppData\Local\Google
2015-12-25 12:03 - 2015-10-18 19:32 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-25 01:10 - 2015-11-16 17:50 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-25 01:04 - 2015-10-26 06:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-25 01:04 - 2015-10-26 06:02 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-25 00:57 - 2012-10-28 13:15 - 00001988 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-12-25 00:57 - 2012-10-28 13:15 - 00001904 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-12-25 00:57 - 2012-10-28 13:14 - 00001794 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2015-12-25 00:57 - 2012-10-28 13:11 - 00001692 _____ C:\WINDOWS\System32\Tasks\BtvStack
2015-12-25 00:57 - 2012-10-28 13:11 - 00001688 _____ C:\WINDOWS\System32\Tasks\BtTray
2015-12-25 00:57 - 2012-10-28 13:07 - 00002574 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-12-25 00:57 - 2012-10-28 13:07 - 00002270 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-12-24 19:39 - 2015-10-19 12:50 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Awesomium
2015-12-23 14:41 - 2015-01-25 13:17 - 00053248 ___SH C:\Users\joshia\Desktop\Thumbs.db
2015-12-23 13:34 - 2015-10-23 07:03 - 00000000 ____D C:\Users\joshia
2015-12-23 12:43 - 2015-11-01 18:35 - 00001395 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-12-23 12:42 - 2015-10-23 06:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 19:16 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-12-21 19:16 - 2012-07-26 01:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-21 19:15 - 2015-10-21 07:52 - 00003064 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2015-12-21 19:14 - 2015-10-21 07:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-12-21 15:44 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-21 11:52 - 2015-10-20 19:58 - 00000000 ____D C:\Users\joshia\AppData\Local\Battle.net
2015-12-19 12:06 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-17 21:01 - 2015-10-31 21:07 - 00000000 ____D C:\Users\joshia\AppData\Local\Arma 3
2015-12-17 15:41 - 2015-10-22 16:45 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Skype
2015-12-17 12:37 - 2015-10-31 18:07 - 00000000 ____D C:\Users\joshia\AppData\Local\UnrealEngine
2015-12-17 12:36 - 2015-10-31 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 10:34 - 2015-11-28 14:26 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-16 10:34 - 2015-11-01 18:47 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01846016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01530240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 18716176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 16286888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 14005408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 00034848 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 10:34 - 2013-12-10 07:12 - 03637352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 10:34 - 2013-12-10 07:12 - 03211760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 02985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 07:53 - 2015-10-23 06:53 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 07:49 - 2015-11-01 18:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-15 11:11 - 2015-10-20 16:44 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-15 00:18 - 2015-10-18 21:18 - 00003348 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2015-12-10 20:26 - 2015-10-19 17:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 20:22 - 2015-10-19 17:37 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 20:03 - 2015-10-20 19:58 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Battle.net
2015-12-05 21:35 - 2015-11-27 21:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-05 20:11 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 07:40 - 2015-10-18 19:26 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Adobe
2015-12-01 10:19 - 2014-11-21 09:03 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 10:19 - 2014-11-21 09:03 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-12-26 16:19 - 2015-12-27 11:45 - 0000401 _____ () C:\Users\joshia\AppData\Roaming\sp_data.sys
2012-08-04 18:42 - 2012-07-29 23:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:42 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-20 03:13
 
==================== End of FRST.txt ============================


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 29 December 2015 - 02:42 PM

Hey, :)

 

Please move FRST to your desktop.

 

 

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint:
    HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\MountPoints2: {9e895ba4-dcaa-11e4-be81-dc85de8b69dc} - "F:\VZW_Software_upgrade_assistant.exe" 
    AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
    Hosts:
    CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP908931E0-9847-4D97-A84B-FACFE5A76F4C&SSPV=
    CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS10r0WO_8Qe-_X9qxFMShdHtP3OE91YH4Gd-YluuNw-YVp5XeWYWoCIFYOsjyyfa1_Odf0JXm00nze4-MArOIApAHsJkl5rMN5nJ02IBBZAZZtTf1N8dkbbQTXWpCMyq"EmptyTemp:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • ESET Online Scan log

 


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 sovitin

sovitin
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 29 December 2015 - 11:55 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:29-12-2015
Ran by joshia (2015-12-29 12:54:38) Run:1
Running from C:\FRST
Loaded Profiles: joshia (Available Profiles: joshia & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\MountPoints2: {9e895ba4-dcaa-11e4-be81-dc85de8b69dc} - "F:\VZW_Software_upgrade_assistant.exe" 
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
Hosts:
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP908931E0-9847-4D97-A84B-FACFE5A76F4C&SSPV=
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS10r0WO_8Qe-_X9qxFMShdHtP3OE91YH4Gd-YluuNw-YVp5XeWYWoCIFYOsjyyfa1_Odf0JXm00nze4-MArOIApAHsJkl5rMN5nJ02IBBZAZZtTf1N8dkbbQTXWpCMyq"EmptyTemp:
end
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-1629525133-1994508930-683499572-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e895ba4-dcaa-11e4-be81-dc85de8b69dc}" => key removed successfully
HKCR\CLSID\{9e895ba4-dcaa-11e4-be81-dc85de8b69dc} => key not found. 
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Value data removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
 
==== End of Fixlog 12:55:01 ====
 
C:\Users\joshia\Downloads\ccsetup513 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\joshia\Downloads\ccsetup513.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\joshia\Downloads\drivermax_7_51_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\joshia\Downloads\GrandTheftAutoV+14Tr-LNG_v1.0.rar MSIL/GameHack.EO potentially unsafe application
 


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 30 December 2015 - 10:06 AM

Hi,

 

 

C:\Users\joshia\Downloads\ccsetup513 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Users\joshia\Downloads\ccsetup513.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\joshia\Downloads\drivermax_7_51_cnet.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\joshia\Downloads\GrandTheftAutoV+14Tr-LNG_v1.0.rar MSIL/GameHack.EO potentially unsafe application

Please delete these files manually.

 

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST.exe or FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 

 

 

How is your system running?


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 sovitin

sovitin
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 01 January 2016 - 07:13 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by joshia (2016-01-01 17:09:47)
Running from C:\Users\joshia\Downloads
Windows 8.1 (X64) (2015-10-25 22:28:04)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1629525133-1994508930-683499572-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1629525133-1994508930-683499572-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1629525133-1994508930-683499572-1006 - Limited - Enabled)
joshia (S-1-5-21-1629525133-1994508930-683499572-1002 - Administrator - Enabled) => C:\Users\joshia
UpdatusUser (S-1-5-21-1629525133-1994508930-683499572-1007 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.018 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Battleborn Closed Technical Test (HKLM-x32\...\Steam App 376500) (Version:  - )
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Deadpool (HKLM-x32\...\Steam App 224060) (Version:  - High Moon Studios)
ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
MechWarrior Online (HKLM-x32\...\Steam App 342200) (Version:  - Piranha Games Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version:  - Rogue Factor)
NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Remote Mouse version 2.70 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.70 - Remote Mouse)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Squad (HKLM-x32\...\Steam App 393380) (Version:  - Offworld Industries)
STAR WARS® - Empire At War™ Gold (HKLM-x32\...\1421404887_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.22789 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{77C1CFAB-C12D-47CE-A1FD-ABF43BF079E4}) (Version: 6.1.6.0 - Husdawg, LLC)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Vanishing of Ethan Carter Redux (HKLM-x32\...\Steam App 400430) (Version:  - The Astronauts)
Tom Clancy's Rainbow Six: Vegas (HKLM-x32\...\Steam App 13540) (Version:  - Ubisoft Montreal)
Tom Clancy's Rainbow Six® Siege (HKLM-x32\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Town of Salem (HKLM-x32\...\Steam App 334230) (Version:  - BlankMediaGames)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05C85E2A-76B7-49BB-AD88-2096555EF6DE} - System32\Tasks\{F642E88F-8D68-4BC2-9E97-7E25D9E2E618} => pcalua.exe -a "C:\GOG Games\Star Wars - Empire At War Gold\EAWX\swfoc.exe" -d "C:\GOG Games\Star Wars - Empire At War Gold\EAWX" -c LANGUAGE=ENGLISH
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> No File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> No File <==== ATTENTION
Task: {1735D402-A480-445F-99FA-2EFC862924E5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {27C27523-D4E8-4118-BE69-054E597C2129} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {308A2E89-8D55-4089-84AC-1BDA1FE67BD7} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {49EB9ED1-934C-4172-A461-240B2CC83178} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-22] (McAfee, Inc.)
Task: {5F6CA85A-CEB4-4BCF-9819-02D48E993CE0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
Task: {6F021DC3-DBF8-4940-AC74-8A0A8DC9A6E4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> No File <==== ATTENTION
Task: {7CEBF55A-BCA6-4820-80AC-B2EE315EC1D2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {824F9F92-1E3C-456C-874E-9EC009C19085} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {94F141C3-CBA7-465B-8345-6BA46740ADD0} - System32\Tasks\BtvStack => C:\Program
Task: {A304179A-B306-4A02-A14F-581F6F843245} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {A4B01FA6-C80A-47DB-B04B-4B7465E4378D} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {A682B4F5-394B-40A1-B19E-F5B4A0DF184B} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {AD3FA2A3-1919-4F2F-8AAC-DCBA896B0B3C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> No File <==== ATTENTION
Task: {B9EC1CA5-D0D9-43EF-B72D-CCB2D3CCA529} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C042875E-0479-4015-93A0-DAEF2A15FE04} - System32\Tasks\BtTray => C:\Program
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> No File <==== ATTENTION
Task: {E947A454-2A48-4D06-9669-680C47AC8D0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
Task: {EB1230CC-36ED-4EF3-A927-47B2C404304C} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {F34D8455-483F-44C4-99C3-F9B0996FFD46} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2015-11-02] (McAfee, Inc.)
Task: {F57B7B71-F906-4B57-8570-438A41606355} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-23 06:53 - 2015-12-16 07:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-21 18:13 - 2015-12-16 10:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2012-08-10 18:28 - 2012-08-10 18:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-10-28 13:11 - 2012-08-16 03:04 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-28 13:11 - 2012-08-16 03:04 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-10-28 13:12 - 2011-09-19 10:40 - 00466944 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2012-04-16 14:45 - 2012-04-16 14:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
2015-11-01 18:33 - 2015-12-16 10:34 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
2012-04-16 11:42 - 2012-04-16 11:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 20:15 - 2011-08-15 20:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 16:41 - 2011-08-17 16:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 19:23 - 2011-08-15 19:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
2012-04-16 11:41 - 2012-04-16 11:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 11:56 - 2012-04-16 11:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 11:38 - 2012-04-16 11:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
2012-08-24 17:17 - 2012-08-24 17:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-11-02 18:28 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2011-07-19 16:05 - 2011-07-19 16:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 20:17 - 2011-08-15 20:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 16:04 - 2011-07-19 16:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll
2012-10-28 13:06 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-12 17:10 - 2015-11-10 12:55 - 00778752 _____ () G:\steam\SDL2.dll
2015-01-19 18:30 - 2015-07-03 09:12 - 04962816 _____ () G:\steam\v8.dll
2014-11-12 17:10 - 2015-12-14 13:01 - 02547280 _____ () G:\steam\video.dll
2015-01-19 18:30 - 2015-07-03 09:12 - 01556992 _____ () G:\steam\icui18n.dll
2015-01-19 18:30 - 2015-07-03 09:12 - 01187840 _____ () G:\steam\icuuc.dll
2014-11-12 17:09 - 2015-09-23 17:33 - 02549248 _____ () G:\steam\libavcodec-56.dll
2014-11-12 17:09 - 2015-09-23 17:33 - 00491008 _____ () G:\steam\libavformat-56.dll
2014-11-12 17:09 - 2015-09-23 17:33 - 00332800 _____ () G:\steam\libavresample-2.dll
2014-11-12 17:09 - 2015-09-23 17:33 - 00442880 _____ () G:\steam\libavutil-54.dll
2014-11-12 17:09 - 2015-09-23 17:33 - 00485888 _____ () G:\steam\libswscale-3.dll
2014-11-12 17:10 - 2015-12-14 13:01 - 00804432 _____ () G:\steam\bin\chromehtml.DLL
2015-07-21 16:32 - 2015-11-03 15:00 - 00201728 _____ () G:\steam\bin\openvr_api.dll
2014-11-12 17:09 - 2015-11-16 17:31 - 47846176 _____ () G:\steam\bin\libcef.dll
2015-01-19 18:30 - 2015-09-24 16:56 - 00119208 _____ () G:\steam\winh264.dll
2015-12-25 12:03 - 2015-12-10 20:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-25 12:03 - 2015-12-10 20:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-25 12:10 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\joshia\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\61887227.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\61887227.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2015-12-29 12:55 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\joshia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSWebStorage"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9CBB1FDB-FAF7-40D8-8E6D-731BD4F2C0D2}] => (Allow) F:\SteamLibrary\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{4ADA1844-34B3-44E7-BDB2-B88D271E2044}] => (Allow) F:\SteamLibrary\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{A3C581F7-9D32-414A-8B4C-C05EDD2C3500}] => (Allow) F:\steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{61302474-4286-4F94-99E7-8C1694BA89B7}] => (Allow) F:\steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C7B3D06F-03EC-45BA-80E7-12C73CFDF52F}] => (Allow) F:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{334C0FC0-B46A-4235-973E-926C45B4506D}] => (Allow) F:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{5290ED83-A78D-4B18-8D01-2FF5A2E846C8}] => (Allow) F:\SteamLibrary\steamapps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{BB31E64E-A256-4088-8D85-98FF78324D95}] => (Allow) F:\SteamLibrary\steamapps\common\Depth\Binaries\Win32\DepthGame.exe
FirewallRules: [{A5CF6399-815C-4DD5-8DE9-606792ECE61E}] => (Allow) F:\SteamLibrary\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{B2D27A22-5F41-4A8A-8F8C-F688BDF4C2CA}] => (Allow) F:\SteamLibrary\steamapps\common\PULSARLostColony\PULSAR_LostColony.exe
FirewallRules: [{3461689F-DC2B-4B7D-A072-9A2FF73AFF23}] => (Allow) F:\steam\SteamApps\common\Planetary Annihilation Titans\bin_x64\PA.exe
FirewallRules: [{9089C3F2-DAA7-46F3-A593-3CC9FA4B0C05}] => (Allow) F:\steam\SteamApps\common\Planetary Annihilation Titans\bin_x64\PA.exe
FirewallRules: [{020B481C-CBE9-4308-9E42-BBC40BCC0854}] => (Allow) F:\steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{50B2C18E-C45F-4F7B-86A0-E91300ADFE2F}] => (Allow) F:\steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{348AD794-4752-4389-BAE1-2A6BA172D10F}] => (Allow) F:\steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{55D7A7FF-9F90-466A-BEC7-649AAE3CE0AF}] => (Allow) F:\steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{A296FA86-E328-4133-8937-2B9811FFE78C}] => (Allow) F:\steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{8CD7DDBB-A15E-4B01-83E3-5F4C71C94249}] => (Allow) F:\steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{795D21AE-81C9-4293-B435-21E00E2F8B5C}] => (Allow) F:\steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{9F4E3782-7D92-41D4-AC19-1C29B48A6726}] => (Allow) F:\steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{B0DF5A86-FAC8-472C-9A68-F3EE58D76520}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{922D79E4-C95D-456E-B075-737FBED00742}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{756EA4F0-72B7-49CB-90DF-AFEE691ED0D1}] => (Allow) F:\steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{F92CFBBD-E892-4E96-A8A7-2A37F9A0F7CB}] => (Allow) F:\steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{7B6735D7-1655-4F75-9B5A-54A73BE410C5}] => (Allow) F:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{72A4974A-F485-415D-81B9-927B95241C6F}] => (Allow) F:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4C47F287-4720-441B-A25F-37D42040E19E}] => (Allow) F:\steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{75BC2374-92EE-4C5F-83EB-27B7E739FE22}] => (Allow) F:\steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{C5B942BC-C381-46CE-BF60-70E1E660EAD9}] => (Allow) F:\steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{B16E8B19-0F5B-45EC-A91D-F2DA6BC5D286}] => (Allow) F:\steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{08CEA9F8-DBF2-4EDD-8349-3A4E40E30978}] => (Allow) F:\steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{F971443B-49A2-42CE-A778-A58D4875ECD4}] => (Allow) F:\steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{61566C1C-7DD4-4176-BE59-98CCBAE72A86}] => (Allow) F:\steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6370401E-5930-4BA3-8BC2-A8C45F82B1FE}] => (Allow) F:\steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8C563BF7-2AEA-4BBC-83C0-B4B682A8D70A}] => (Allow) F:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{92984286-0F68-4A6D-86A0-07220A335534}] => (Allow) F:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{534AE73C-9AE6-40A6-AC50-699D4C33AF3B}] => (Allow) F:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{7C2AC313-3488-486F-905B-FC970D552E4B}] => (Allow) F:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{D40FDBA2-3201-418F-8D91-04B530E387DE}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{549EBCE2-948C-43D9-94CC-3F1C9F3851F2}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{5A791491-5688-4798-B723-5AC96BB68AC4}] => (Allow) F:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E87352C3-397C-45FC-BC6F-CE69F8C66FD7}] => (Allow) F:\steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{40378623-E3B1-413A-ADAC-8D6AF7FB49E4}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{773953CF-50DB-4958-82CB-94EB00D00CCB}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{B5293FF3-088B-41FB-9717-BCDADC90C178}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DD619B00-85D5-49F6-8B8D-3D70B1168972}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D1AAAF20-F238-4F68-9F42-E4D081944EBB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{714322AD-5793-4A42-814A-CCF13F5C904A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7C368FC7-8378-4F33-BF42-616C9F39EFA1}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{FD4FBF25-7714-4A47-AE0A-FDA9DD5D1164}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{3C12FBB4-52BF-4E80-9019-29EC7BC200D5}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{72AEF010-2973-4830-BD74-2C0BA627A693}] => (Allow) F:\steam\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{CCF10D9B-661D-4A85-AF8F-D89C1BDB8AA7}] => (Allow) F:\steam\bin\steamwebhelper.exe
FirewallRules: [{F7BAD544-E8BB-4FC5-856E-282D4C4E433B}] => (Allow) F:\steam\bin\steamwebhelper.exe
FirewallRules: [{392DB82C-1B1E-48B4-81C8-F9F65C1DA3A6}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{65BB92F8-5558-4FCE-909F-FBAA5B9EC243}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C68E68DB-D103-4CCA-BDC7-E1DD206E32DF}] => (Allow) F:\steam\Steam.exe
FirewallRules: [{E9E79A18-FC2E-4E54-8C91-FF7B9B6FF69E}] => (Allow) F:\steam\Steam.exe
FirewallRules: [{B138194C-AEC6-4B6F-85E0-C837A2849736}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{71046C93-5A70-4A94-AFCD-1097FE07C5F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{24AD51BA-9582-45FD-9E12-DC07B9085698}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F5ED825-A06E-4EC5-B9BB-5B1B7F0AF62E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D42FCDAC-CD18-4D37-93D4-DDDEACDC2BE2}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{EF5E1F7C-86E5-4597-849D-BC3849D3943A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [TCP Query User{02F32365-C178-4394-B9E2-743BD9A4CEA7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3FF20E7-2F33-4B3D-8BAA-B2B7EB338B36}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5D430427-E046-4100-A306-D028FB1F26B0}] => (Allow) F:\steam\SteamApps\common\Contagion\contagion.exe
FirewallRules: [{E16A9451-345C-40F2-8E1B-D832D0EA6833}] => (Allow) F:\steam\SteamApps\common\Contagion\contagion.exe
FirewallRules: [{872820A6-4EFC-4AC1-8B19-1387A7BD83F4}] => (Allow) F:\steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{53320176-FD59-4C97-BC7B-F6CB07924E06}] => (Allow) F:\steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{C492CEE0-45E8-4805-AD5B-9FA6D86DFD3F}] => (Allow) F:\SteamLibrary\steamapps\common\Damned\Damned.exe
FirewallRules: [{BF6D54CC-C8C0-49C8-86ED-D41E0AA20687}] => (Allow) F:\SteamLibrary\steamapps\common\Damned\Damned.exe
FirewallRules: [{5DBF48CB-A56A-41C7-9874-959B426F0859}] => (Allow) F:\SteamLibrary\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{729A0D15-7554-4114-AD5A-5F15F29CC030}] => (Allow) F:\SteamLibrary\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{C9E6460C-2795-4A68-8084-64254BE05158}] => (Allow) F:\SteamLibrary\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{D0E8569C-E522-41CC-9103-06F46E0BDF85}] => (Allow) F:\SteamLibrary\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{480B9630-B0C4-4358-8645-CA7ED1898F5F}] => (Allow) F:\steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{66200A2A-B5E8-4A49-8EBE-2C8A397BD440}] => (Allow) F:\steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{E3C739F6-B9A3-4844-AC2B-17CEF39A6C07}] => (Allow) F:\steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{70185280-1666-476D-9EED-1A321594A4DF}] => (Allow) F:\steam\SteamApps\common\Layers of Fear\Layers Of Fear.exe
FirewallRules: [{826922C1-85C5-4079-96D4-6F12B7237485}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{DE302AEC-81EF-49A3-9934-15FD6F633F1D}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{47EE85F1-024F-469A-918D-154443769493}] => (Allow) F:\steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{F4794878-1E0D-49F9-B406-C9894261445C}] => (Allow) F:\steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{F2A09774-2164-4B07-A7B3-93ABD34F810F}] => (Allow) F:\SteamLibrary\steamapps\common\DeadRealm\DeadRealm.exe
FirewallRules: [{7192C0A7-F00C-4AD1-83C8-AAC6CFC72BBC}] => (Allow) F:\SteamLibrary\steamapps\common\DeadRealm\DeadRealm.exe
FirewallRules: [{97272077-1E12-45D9-9953-65BE699B4E43}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{CFF76BDE-D76E-4C3D-B832-1779BD5E6452}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{49FDFE9E-FD86-4A8A-88EF-AA27ECEB0A16}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{F9DAC187-C311-4A88-BAFC-087F2322EC5A}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{1DCDB746-E8D9-4037-BD4E-EBDA9C48F8BE}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{4964F741-A578-4A19-A276-A488839C3FD3}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{29EBB877-E48A-495C-9B2D-B7CE02D8CEF5}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{EBCBD9EA-F957-4BA0-AFF8-10EBE54FEC41}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{940F55D0-4CFD-4D58-A7D2-0B11F72362E8}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8D308040-D797-4FD4-9265-5059F26421BB}] => (Allow) F:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{84FBD32C-DA00-4126-BA38-AC56B9B6A5FA}] => (Allow) F:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{4485D3E2-5590-4EC9-8599-04DAB86152EA}] => (Allow) F:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{926198E9-EA62-4531-914B-B561B0E8F541}] => (Allow) F:\steam\SteamApps\common\Battleborn Closed Technical Test\Binaries\Win64\Battleborn.exe
FirewallRules: [{5F589843-E185-448D-B1D7-49121A9597CE}] => (Allow) F:\steam\SteamApps\common\Battleborn Closed Technical Test\Binaries\Win64\Battleborn.exe
FirewallRules: [{41BFA53F-8DA0-4FC1-AD84-04A11DC8B594}] => (Allow) F:\steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E3EFC894-FD6D-4DAE-8E83-0A758363B66D}] => (Allow) F:\steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{95AAA626-2556-476F-9F72-16BD43FF8272}] => (Allow) F:\steam\SteamApps\common\Angels Fall First\Binaries\Win64\AFFGame.exe
FirewallRules: [{EA71B793-8F9A-4AC2-AE76-D7D73D01F51E}] => (Allow) F:\steam\SteamApps\common\Angels Fall First\Binaries\Win64\AFFGame.exe
FirewallRules: [{E91D6A1E-248C-47F7-BF10-EECD250B1B07}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9528C236-AAED-48C9-B07B-805CE2EA017E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0BE30459-A58E-4BBE-BE53-3756594D9962}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3202C0E1-DAF7-4EC3-A947-52CF816A2FB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4B3584BF-3965-4190-8384-1E7FDAA2A627}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{41C88993-9F66-40D8-ADA9-D3A5DD112A0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A347410D-C1DC-4CE1-AA71-FA226541DC6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0975FE1A-0C70-4C7B-8308-BA6B5FE24E4D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{AA5C166C-BED2-430E-81EB-6638F4CDDB8C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{9A32DB03-DEBF-4156-B9C8-464DB95D35C0}] => (Allow) F:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{C773EBF9-6899-4B6A-BDCB-8DCBC41116FA}] => (Allow) F:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{807EFE6A-A5DE-4C99-BC3A-03C319150F76}] => (Allow) F:\steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{853A912C-6BEA-4853-A86D-FD85376EB908}] => (Allow) F:\steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{FFE30501-69E3-4943-A087-EA1B16D687BD}] => (Allow) F:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{E396D521-FDB6-4722-8024-1BE71A1CA287}] => (Allow) F:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{80944F4C-0D3A-4D84-84D4-1F39FF04E5D2}] => (Allow) F:\SteamLibrary\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{E0E61ED5-706C-4F8B-8AA3-539D45B93E48}] => (Allow) F:\SteamLibrary\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe
FirewallRules: [{CAC34EDC-B66D-4D69-90F4-372D00DE51B8}] => (Allow) F:\steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{C4D461E9-252F-4DAD-9125-047F8B5567C0}] => (Allow) F:\steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{8F794354-CEEF-4D03-B369-163D2123F181}] => (Allow) F:\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{79619980-91BA-4B03-8C1B-141205BC821B}] => (Allow) F:\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{16988C16-C5BA-4628-A4D8-4D03D5D077DE}] => (Allow) F:\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{7B1AAF51-A60A-4A29-8C5D-AC7C178158BF}] => (Allow) F:\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{FA7FF147-A5A6-4951-8278-649E4641087C}] => (Allow) F:\steam\SteamApps\common\Primal Carnage Extinction\Binaries\Win64\PrimalCarnageGame.exe
FirewallRules: [{02A2A9E6-694F-469C-9005-9AD30F4AB184}] => (Allow) F:\steam\SteamApps\common\Primal Carnage Extinction\Binaries\Win64\PrimalCarnageGame.exe
FirewallRules: [{0709B422-26BB-4B3F-9469-C4FE19B2006F}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{B61F498E-AB5E-4551-A648-4A1650884AE4}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{55D4012B-3B69-484F-9651-A145EDF6A712}] => (Allow) F:\steam\SteamApps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{C756E83E-7745-4A34-99A1-692435C2320E}] => (Allow) F:\steam\SteamApps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{D3C0AAB4-0E22-43C6-84D0-A28D62ABA191}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{7DC9E1E8-7090-44D2-BBCA-D15E18D89755}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{2DD8C2D7-3610-4CD8-98A2-5E23D7A27471}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{066E6F99-D6A6-4158-A971-165C092118E5}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{8976C4B4-79D8-4B3B-9EC2-89DBD5050380}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{D69D2830-7427-4A8C-B964-A89BDC701651}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{08CACCF9-034B-4E3E-8E6C-2A656B9D870D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{662EF818-D964-4625-97AA-1597843A5C47}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{A3B5B4F7-1F07-46FF-AE85-FF3A5F77F29F}] => (Allow) F:\steam\SteamApps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{5921C7CC-712A-40E2-A9EC-86FBD355FFA1}] => (Allow) F:\steam\SteamApps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{73F92EE1-C8F5-467B-B6DE-36E4B3E5520E}] => (Allow) F:\steam\SteamApps\common\DCSWorld\Run.exe
FirewallRules: [{521D2C17-458D-417C-A08C-1BCED67F169F}] => (Allow) F:\steam\SteamApps\common\DCSWorld\Run.exe
FirewallRules: [{CCB76FDD-78F8-4D3E-A0D6-055A1FC655D2}] => (Allow) F:\steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{6C3D6207-0D70-430A-8030-2DCBFBBC7DD7}] => (Allow) F:\steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1471592B-22E4-4650-9623-40DEDA20E0DD}] => (Allow) F:\SteamLibrary\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{1A8EDF23-631F-4C2F-BF57-D8CBDE7BD2E9}] => (Allow) F:\SteamLibrary\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{6F9DF80C-A8A7-4267-9191-1637D58F0F61}] => (Allow) F:\steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{F650ADC3-0616-4D3B-947E-F87427F082F1}] => (Allow) F:\steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{55459B7D-38DC-4526-A539-C9282B250A36}] => (Allow) F:\steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{21CFFE5E-CBEF-4A25-878D-58C66DFB3D4F}] => (Allow) F:\steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{DE383B49-D746-48F6-A12B-D0106036A3D1}] => (Allow) F:\steam\SteamApps\common\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe
FirewallRules: [{41DA0471-6DE8-45C8-85CB-2088868B8986}] => (Allow) F:\steam\SteamApps\common\Rainbow Six Vegas\Binaries\R6Vegas_Game.exe
FirewallRules: [{A09359AB-96DA-430E-AC91-423567A6BD62}] => (Allow) F:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{5D19C89F-7625-4AB1-86D5-DA9E68081B2E}] => (Allow) F:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{1854BA91-03D8-46E0-B3D5-99471DFCCB1A}] => (Allow) F:\steam\SteamApps\common\Angels Fall First\Binaries\AFFLift.exe
FirewallRules: [{1243D847-1D7F-4148-BC73-A9CFEDA91998}] => (Allow) F:\steam\SteamApps\common\Angels Fall First\Binaries\AFFLift.exe
FirewallRules: [{CA8C6BE0-8217-4C4D-9821-318510DA34E0}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{62F38B69-E3E4-418D-BAD1-2CB42355D8B9}] => (Allow) F:\SteamLibrary\steamapps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{22481E7D-58E1-4744-B75B-9EF993636559}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{22B353DB-9EA0-4950-BA60-C3263522FFAC}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{2B7E738D-EB2E-403B-AE10-F11469687EAA}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{13774023-7FEF-4F4B-BB0D-13E801569F69}] => (Allow) F:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{2A697156-6491-42DF-8D9D-856D4F9AF737}] => (Allow) F:\steam\SteamApps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{433EA62B-1228-4C2C-8F4F-965623002B40}] => (Allow) F:\steam\SteamApps\common\MechWarrior Online\Bin64\MWOClient.exe
FirewallRules: [{3AAF6034-8843-43E6-879B-5FDBA6717AE1}] => (Allow) F:\SteamLibrary\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{A59D265F-589A-4E84-9FAD-A73EEF0C314B}] => (Allow) F:\SteamLibrary\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{6AC48946-9AF7-4A77-B75E-5DBC7BF009F4}] => (Allow) F:\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{1CFC0C23-D6FB-4BCB-9758-06B3BBD1913C}] => (Allow) F:\SteamLibrary\steamapps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{FA504503-1424-4D2C-9716-724B02BE5A35}] => (Allow) F:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{219C7AEC-CD86-4343-A9EB-24CC9A85117D}] => (Allow) F:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{17827C8A-C0DF-430E-A792-B0B938706354}] => (Allow) F:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{2A0BD89B-94BA-4798-A9C5-75101FA0D8CD}] => (Allow) F:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{F43A1E4C-16C7-4F47-A5F1-B732E1FAEB27}] => (Allow) F:\steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{18270EEC-93D3-4CED-A9B5-CEE2E42472A5}] => (Allow) F:\steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{5FBCD55F-8B12-49EA-A3E6-B9D566E76D02}] => (Allow) F:\steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{04CF21CD-E580-45EF-B358-9FF52F24BACA}] => (Allow) F:\steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{831C3C57-AFE0-4D04-BA55-AAC4CFF9BE09}] => (Allow) F:\steam\SteamApps\common\Squad\Squad.exe
FirewallRules: [{9FC3F35F-EBE0-48F3-B1D4-78208D9291D7}] => (Allow) F:\steam\SteamApps\common\Squad\Squad.exe
FirewallRules: [{082AE520-C69A-4D64-8CF9-5CD9A4435F65}] => (Allow) F:\steam\SteamApps\common\mordheim\mordheim.exe
FirewallRules: [{278B0D98-5F54-4150-A9A6-29EBBCCF5D79}] => (Allow) F:\steam\SteamApps\common\mordheim\mordheim.exe
FirewallRules: [{9484D803-89D9-4272-94E6-082F6D516A09}] => (Allow) F:\steam\SteamApps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{065B0340-111C-4388-B560-F48FC923C1BC}] => (Allow) F:\steam\SteamApps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{ECA8F933-9A41-4689-A1A9-159FD0FFFE8B}] => (Allow) F:\steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{14BFE02A-A107-45D4-8527-2E1A43C0C807}] => (Allow) F:\steam\SteamApps\common\nosgoth\NosgothLauncher.exe
FirewallRules: [{59A1F1C3-D0A5-4F73-A229-80F64AD0FE80}] => (Allow) F:\SteamLibrary\steamapps\common\Zenimax Online\zosSteamStarter.exe
FirewallRules: [{FBE7E01E-8CCD-4A0E-8351-8DCB489CADA4}] => (Allow) F:\SteamLibrary\steamapps\common\Zenimax Online\zosSteamStarter.exe
FirewallRules: [{F5F9BFD8-75CA-42E4-A811-A093B42416F4}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{D16F5333-7D90-4286-B3E4-FEAA8DE6D7E3}] => (Allow) F:\steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{1E72CB6D-43A7-4805-B945-D993F8B04151}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{AEED93E7-D80B-44FD-9968-296F56CC0F1B}] => (Allow) F:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{6EE2E971-1047-4011-83D0-2F3BB58606ED}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1D97B24B-3073-4BD7-AFAB-06CA48881CDD}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{CD234F2E-BC5D-45A7-A5CD-770542E6E747}] => (Allow) F:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DB41B89E-FEE1-4AA1-B835-3517D9C41EC6}] => (Allow) F:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{F798E835-98E9-414A-BA15-95426A99B0C6}] => (Allow) F:\steam\SteamApps\common\Left 4 Dead 2 Beta\left4dead2_beta.exe
FirewallRules: [{9ABA72CB-BAF8-4C71-A6B9-A9CA10047F8A}] => (Allow) F:\steam\SteamApps\common\Left 4 Dead 2 Beta\left4dead2_beta.exe
FirewallRules: [{F950A956-4F32-4BA2-89E9-669402AB1684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3922C013-2D0C-42C2-A807-95AA6D6F3F91}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{77EE3C4D-0BB4-4D07-97CA-89FE7C7B6F0F}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{C65174D5-8030-4D51-A0A7-929110FB2FAA}] => (Allow) G:\steam\Steam.exe
FirewallRules: [{94BDF85E-2A86-462E-8B44-20D7AC41C536}] => (Allow) G:\steam\Steam.exe
FirewallRules: [{D8E12B58-9463-447C-94D0-FC874633C6DF}] => (Allow) G:\steam\bin\steamwebhelper.exe
FirewallRules: [{841C33CE-78DA-4565-BF2E-BC7BF81B61BF}] => (Allow) G:\steam\bin\steamwebhelper.exe
FirewallRules: [{F02CD21B-AA35-48C0-90DF-FDEC99288A7F}] => (Allow) G:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{245E30AE-C3DB-4956-855A-C020CC3F3170}] => (Allow) G:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{89A68E34-40D8-47C3-A72C-8CD1429CA5CD}] => (Allow) G:\steam\SteamApps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [{C03BD182-4D07-4566-8D26-DE2FFF1C8CF3}] => (Allow) G:\steam\SteamApps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [{92496F28-6F7A-4C02-981A-C690F7601164}] => (Allow) G:\steam\SteamApps\common\Deadpool\Binaries\DP.exe
FirewallRules: [{39F74621-EC7C-4BF2-BC0E-10DC6EFB2055}] => (Allow) G:\steam\SteamApps\common\Deadpool\Binaries\DP.exe
FirewallRules: [{E7FEBBEB-4673-4C0B-9708-3E5C4384CDE0}] => (Allow) G:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{BB5A2DE7-1662-4E32-842C-C20DB1CDA27A}] => (Allow) G:\SteamLibrary\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{5F429285-AEB9-49C2-860C-C97BA3AC9515}] => (Allow) G:\steam\SteamApps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{6A8B8C77-2BC1-4C49-9F0E-AF5819D9DC2C}] => (Allow) G:\steam\SteamApps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{0BA117B8-F3DD-4A5D-AB55-6B3D0572F1AE}] => (Allow) G:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{303627F2-AC55-4BAE-BF91-6E13A6053991}] => (Allow) G:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0B1393B6-C541-45A0-A0AC-E129E30A3D04}] => (Allow) G:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{FE4A4556-E0AC-48F8-8967-AF4FBEE7EEC5}] => (Allow) G:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0415BC05-E558-430C-BF13-0F38FDCD6FB6}] => (Allow) G:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{0414DF8F-37EE-4EE6-B197-501213B6002E}] => (Allow) G:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{71E212F0-CC9D-4167-B62A-2D997EC5E00F}] => (Allow) G:\steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{151C947A-1DD6-40C0-B9D9-331B0B9D38E6}] => (Allow) G:\steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{78A5BA75-ED43-4772-B134-D821E2627159}] => (Allow) G:\steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{144ACECF-7427-47E8-872D-F40EF074C5BF}] => (Allow) G:\steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
 
==================== Restore Points =========================
 
25-12-2015 13:18:50 JRT Pre-Junkware Removal
26-12-2015 15:12:23 JRT Pre-Junkware Removal
26-12-2015 15:13:40 JRT Pre-Junkware Removal
29-12-2015 12:54:42 Restore Point Created by FRST
31-12-2015 04:48:21 Installed DirectX
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/01/2016 05:07:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 31.12.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2f90
 
Start Time: 01d144f112dcc79f
 
Termination Time: 60000
 
Application Path: C:\Users\joshia\Downloads\FRST64.exe
 
Report Id: ae37f393-b0e4-11e5-be83-dc85de8b69dc
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (01/01/2016 05:00:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/01/2016 04:57:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (01/01/2016 04:57:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (01/01/2016 04:55:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (01/01/2016 04:55:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (12/29/2015 08:33:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x565cd19e
Faulting module name: client.dll, version: 1.0.0.1, time stamp: 0x567165fe
Exception code: 0xc0000005
Fault offset: 0x000eae7a
Faulting process id: 0x1100
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Faulting package full name: hl2.exe4
Faulting package-relative application ID: hl2.exe5
 
Error: (12/29/2015 05:48:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (12/29/2015 05:48:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (12/29/2015 05:48:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
 
System errors:
=============
Error: (12/29/2015 12:57:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (12/29/2015 12:57:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (12/29/2015 12:57:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (12/28/2015 11:27:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 4 time(s).
 
Error: (12/27/2015 11:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (12/27/2015 08:16:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (12/27/2015 05:06:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/26/2015 04:17:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 
%%3
 
Error: (12/26/2015 04:17:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%3
 
Error: (12/26/2015 04:17:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%3
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8145.34 MB
Available physical RAM: 4467.36 MB
Total Virtual: 10030.93 MB
Available Virtual: 5358.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:185.52 GB) (Free:47.84 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:258.44 GB) (Free:258.04 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:1862.92 GB) (Free:529.69 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B19F8D36)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: DD3CB6A3)
Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by joshia (administrator) on HOME (01-01-2016 17:09:27)
Running from C:\Users\joshia\Downloads
Loaded Profiles: joshia (Available Profiles: joshia & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(VIA Technologies, Inc.) C:\WINDOWS\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.8.203.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\WWAHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(Valve Corporation) G:\steam\Steam.exe
(Valve Corporation) G:\steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) G:\steam\bin\steamwebhelper.exe
(Valve Corporation) G:\steam\bin\steamwebhelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-27] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723904 2015-11-10] (McAfee, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Steam] => G:\steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2050048 2015-03-09] (RemoteMouse.net)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-25] (Electronic Arts)
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-28]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{79A21B6C-4A99-4D2C-94BC-0038D1BDDA4A}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{BEDA368D-741F-4CFA-AF27-EC71DE40B52C}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1629525133-1994508930-683499572-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1629525133-1994508930-683499572-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-25] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-25] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP908931E0-9847-4D97-A84B-FACFE5A76F4C&SSPV=
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPPq_NcKDZkQXPy4TZR44LspvC9sb99JtP_8ppO11zBlE0vS10r0WO_8Qe-_X9qxFMShdHtP3OE91YH4Gd-YluuNw-YVp5XeWYWoCIFYOsjyyfa1_Odf0JXm00nze4-MArOIApAHsJkl5rMN5nJ02IBBZAZZtTf1N8dkbbQTXWpCMyq"
CHR Profile: C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-29]
CHR Extension: (Morpheon Dark) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2015-12-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\joshia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-29]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2015-12-02] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-25] (Electronic Arts)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-23] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-23] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-23] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-23] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-01 16:54 - 2016-01-01 16:54 - 02370560 _____ (Farbar) C:\Users\joshia\Downloads\FRST64.exe
2016-01-01 15:54 - 2016-01-01 15:54 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-01-01 02:20 - 2016-01-01 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-12-29 22:51 - 2015-12-29 22:51 - 00000000 ____D C:\Users\joshia\AppData\Roaming\TownOfSalem
2015-12-29 21:54 - 2015-12-29 21:54 - 00000870 _____ C:\Users\joshia\Desktop\ESET.txt
2015-12-29 21:28 - 2015-12-29 21:47 - 00000000 ____D C:\Users\joshia\AppData\Local\DayZ
2015-12-29 14:00 - 2015-12-29 14:00 - 00001147 _____ C:\Users\joshia\Desktop\Bethesda.net_Launcher - Shortcut.lnk
2015-12-29 12:56 - 2015-12-29 12:56 - 02870984 _____ (ESET) C:\Users\joshia\Downloads\esetsmartinstaller_enu (1).exe
2015-12-29 12:56 - 2015-12-29 12:56 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-27 21:10 - 2015-12-27 21:10 - 00000000 ____D C:\Users\joshia\AppData\Local\DCS
2015-12-27 17:53 - 2015-12-27 17:54 - 00000000 ____D C:\Users\joshia\AppData\Roaming\DarkSoulsII
2015-12-27 14:01 - 2015-12-27 14:01 - 00000000 ____D C:\Users\joshia\Documents\WB Games
2015-12-27 11:46 - 2015-12-27 11:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-12-27 00:01 - 2015-12-27 00:01 - 00001067 _____ C:\Users\joshia\Desktop\MBAM.txt
2015-12-26 16:20 - 2015-12-26 16:20 - 00001601 _____ C:\Users\joshia\Desktop\AdwCleaner[C2].txt
2015-12-26 16:19 - 2015-12-27 11:45 - 00000401 _____ C:\Users\joshia\AppData\Roaming\sp_data.sys
2015-12-26 15:16 - 2015-12-26 16:16 - 00000627 _____ C:\Users\joshia\Desktop\JRT.txt
2015-12-25 20:20 - 2015-12-25 20:20 - 00066907 _____ C:\Users\joshia\Desktop\FRST 2.txt
2015-12-25 20:20 - 2015-12-25 20:20 - 00053040 _____ C:\Users\joshia\Desktop\FRST.txt
2015-12-25 20:19 - 2016-01-01 17:09 - 00016776 _____ C:\Users\joshia\Downloads\Addition.txt
2015-12-25 20:18 - 2016-01-01 17:09 - 00020209 _____ C:\Users\joshia\Downloads\FRST.txt
2015-12-25 20:18 - 2016-01-01 17:09 - 00000000 ____D C:\FRST
2015-12-25 19:41 - 2015-12-25 19:41 - 00135226 _____ C:\Users\joshia\Downloads\hosts.zip
2015-12-25 14:12 - 2015-12-25 14:12 - 02870984 _____ (ESET) C:\Users\joshia\Downloads\esetsmartinstaller_enu.exe
2015-12-25 13:23 - 2015-12-25 13:23 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox (2).exe
2015-12-25 13:18 - 2015-12-25 13:18 - 01599336 _____ (Malwarebytes) C:\Users\joshia\Downloads\JRT.exe
2015-12-25 13:04 - 2015-12-26 16:17 - 00000000 ____D C:\AdwCleaner
2015-12-25 13:03 - 2015-12-25 13:03 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox (1).exe
2015-12-25 13:02 - 2015-12-25 13:02 - 01743360 _____ C:\Users\joshia\Downloads\AdwCleaner.exe
2015-12-25 12:22 - 2016-01-01 16:44 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 12:22 - 2015-12-25 12:22 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-25 12:22 - 2015-12-25 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-25 12:22 - 2015-12-25 12:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-25 12:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-25 12:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-25 12:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-25 12:21 - 2015-12-25 12:21 - 22908888 _____ (Malwarebytes ) C:\Users\joshia\Downloads\mbam-setup-2.2.0.1024 (1).exe
2015-12-25 12:17 - 2015-12-25 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-25 12:16 - 2015-12-25 12:16 - 22908888 _____ (Malwarebytes ) C:\Users\joshia\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-25 12:15 - 2015-12-25 13:23 - 00013180 _____ C:\Users\joshia\Downloads\MTB.txt
2015-12-25 12:14 - 2015-12-25 12:14 - 00891392 _____ (Farbar) C:\Users\joshia\Downloads\MiniToolBox.exe
2015-12-25 12:09 - 2015-12-25 12:09 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-25 12:09 - 2015-12-25 12:09 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-25 12:09 - 2015-12-25 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-25 12:09 - 2015-12-25 12:09 - 00000000 ____D C:\Program Files\CCleaner
2015-12-25 12:03 - 2015-12-25 12:03 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-25 12:03 - 2015-12-25 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-25 12:02 - 2015-12-25 20:46 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-25 12:02 - 2015-12-25 20:46 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-25 12:02 - 2015-12-25 19:44 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-25 12:02 - 2015-12-25 19:44 - 00003646 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-25 12:02 - 2015-12-25 12:02 - 00000000 ____D C:\Users\joshia\AppData\Local\Deployment
2015-12-25 01:08 - 2015-12-25 01:18 - 00474864 _____ C:\TDSSKiller.3.1.0.9_25.12.2015_01.08.26_log.txt
2015-12-25 01:02 - 2015-12-25 01:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\joshia\Downloads\tdsskiller.exe
2015-12-25 00:30 - 2015-12-25 12:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-25 00:30 - 2015-12-25 12:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-12-25 00:29 - 2015-12-25 00:30 - 16409960 _____ (Safer Networking Limited ) C:\Users\joshia\Downloads\spybotsd162.exe
2015-12-24 23:19 - 2015-12-24 23:28 - 482664876 _____ C:\Users\joshia\Downloads\l4d2_dead-before-dawn-extended_15922_v0_1.zip
2015-12-23 13:34 - 2015-12-23 13:34 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2015-12-23 13:26 - 2015-12-23 13:27 - 109567016 _____ (Zenimax Media Inc) C:\Users\joshia\Downloads\Install_ESO.exe
2015-12-23 12:42 - 2015-12-16 07:53 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-23 12:42 - 2015-12-16 07:53 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-23 12:42 - 2015-12-16 07:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-23 12:40 - 2015-12-16 10:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-23 12:40 - 2015-12-16 10:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-23 12:40 - 2015-12-16 10:34 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-12-23 12:40 - 2015-12-16 10:34 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-23 12:39 - 2015-12-16 10:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-23 12:33 - 2015-12-23 12:38 - 336974040 _____ (NVIDIA Corporation) C:\Users\joshia\Downloads\361.43-notebook-win8-win7-64bit-international-whql.exe
2015-12-23 12:30 - 2015-12-23 12:31 - 42639352 _____ (NVIDIA Corporation) C:\Users\joshia\Downloads\GeForce_Experience_v2.8.1.21.exe
2015-12-21 13:03 - 2015-12-21 13:03 - 00000000 ____D C:\Users\joshia\AppData\Local\My Games
2015-12-19 15:49 - 2015-12-19 15:49 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2015-12-19 15:49 - 2015-12-19 15:49 - 00000000 ____D C:\WINDOWS\jre
2015-12-19 12:04 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-12-19 12:04 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-12-17 15:28 - 2015-12-17 15:41 - 00000000 ____D C:\Users\joshia\AppData\LocalLow\BitTorrent
2015-12-15 19:51 - 2015-12-15 19:51 - 00465231 _____ C:\Users\joshia\Downloads\20151207_222726_001.mp4
2015-12-15 16:03 - 2015-12-15 16:03 - 08204776 _____ (McAfee, Inc.) C:\Users\joshia\Downloads\McAfeeSetup (1).exe
2015-12-08 20:20 - 2015-11-05 01:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-08 20:19 - 2015-11-21 23:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-08 20:19 - 2015-11-21 23:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-08 20:19 - 2015-11-21 23:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-08 20:19 - 2015-11-21 23:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-08 20:19 - 2015-11-21 23:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-08 20:19 - 2015-11-21 23:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-08 20:19 - 2015-11-21 23:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-08 20:19 - 2015-11-21 11:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-08 20:19 - 2015-11-21 10:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-08 20:19 - 2015-11-21 09:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-08 20:19 - 2015-11-21 09:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-08 20:19 - 2015-11-21 09:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-08 20:19 - 2015-11-21 09:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-08 20:19 - 2015-11-20 15:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-08 20:19 - 2015-11-20 11:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-08 20:19 - 2015-11-20 09:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-08 20:19 - 2015-11-20 09:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-08 20:19 - 2015-11-20 09:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-08 20:19 - 2015-11-20 09:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-08 20:19 - 2015-11-20 09:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-08 20:19 - 2015-11-20 09:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-08 20:19 - 2015-11-20 09:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-08 20:19 - 2015-11-20 09:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-08 20:19 - 2015-11-20 09:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-08 20:19 - 2015-11-20 09:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-08 20:19 - 2015-11-20 09:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-08 20:19 - 2015-11-11 09:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-08 20:19 - 2015-11-11 09:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-08 20:19 - 2015-11-11 08:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-08 20:19 - 2015-11-11 08:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-08 20:19 - 2015-11-11 08:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-08 20:19 - 2015-11-11 08:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-08 20:19 - 2015-11-09 17:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-08 20:19 - 2015-11-09 17:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-08 20:19 - 2015-11-09 17:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-08 20:19 - 2015-11-09 17:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-08 20:19 - 2015-11-09 17:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-08 20:19 - 2015-11-09 16:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-08 20:19 - 2015-11-09 16:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-08 20:19 - 2015-11-09 16:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-08 20:19 - 2015-11-09 16:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-08 20:19 - 2015-11-09 16:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-08 20:19 - 2015-11-09 16:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-08 20:19 - 2015-11-09 16:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-08 20:19 - 2015-11-09 16:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-08 20:19 - 2015-11-09 16:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-08 20:19 - 2015-11-09 16:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-08 20:19 - 2015-11-08 17:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-08 20:19 - 2015-11-08 15:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-08 20:19 - 2015-11-08 15:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-08 20:19 - 2015-11-08 15:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-08 20:19 - 2015-11-08 15:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-08 20:19 - 2015-11-08 15:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-08 20:19 - 2015-11-08 15:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-08 20:19 - 2015-11-08 14:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-08 20:19 - 2015-11-08 14:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-08 20:19 - 2015-11-08 14:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-08 20:19 - 2015-11-08 14:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-08 20:19 - 2015-11-08 14:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-08 20:19 - 2015-11-08 14:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-08 20:19 - 2015-11-08 14:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-08 20:19 - 2015-11-08 14:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-08 20:19 - 2015-11-08 14:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-08 20:19 - 2015-11-08 14:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-08 20:19 - 2015-11-08 14:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-08 20:19 - 2015-11-08 14:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-08 20:19 - 2015-11-08 13:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-08 20:19 - 2015-11-08 13:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-08 20:19 - 2015-11-08 13:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-08 20:19 - 2015-11-08 13:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-08 20:19 - 2015-11-08 13:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-08 20:19 - 2015-11-08 13:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-08 20:19 - 2015-11-08 13:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-08 20:19 - 2015-10-28 08:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-08 20:19 - 2015-10-28 08:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-08 20:19 - 2015-10-22 10:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-08 20:19 - 2015-10-22 09:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-08 20:19 - 2015-10-22 09:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-08 20:19 - 2015-10-22 09:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-08 20:19 - 2015-10-22 08:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-08 20:19 - 2015-10-22 08:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-08 20:19 - 2015-10-22 07:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-08 20:19 - 2015-10-22 07:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-08 20:19 - 2015-10-10 23:34 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-08 20:19 - 2015-10-10 23:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-08 20:19 - 2015-10-10 23:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-08 20:19 - 2015-10-10 11:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-08 20:19 - 2015-10-10 11:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-08 20:19 - 2015-10-10 11:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-08 20:19 - 2015-10-10 10:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-08 20:19 - 2015-10-08 09:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-08 20:19 - 2015-10-08 08:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-08 20:19 - 2015-10-05 11:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-08 20:19 - 2015-10-05 11:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-08 20:19 - 2015-10-03 12:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-08 20:19 - 2015-10-03 12:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-05 20:52 - 2015-12-05 22:51 - 00000000 ____D C:\Users\joshia\AppData\Local\Ubisoft Game Launcher
2015-12-05 20:52 - 2015-12-05 20:52 - 00001219 _____ C:\Users\joshia\Desktop\Uplay.lnk
2015-12-05 20:52 - 2015-12-05 20:52 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-12-05 20:51 - 2015-12-05 20:51 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-12-04 07:40 - 2015-12-04 07:40 - 00000000 ____D C:\Users\joshia\AppData\LocalLow\Adobe
2015-12-04 07:40 - 2015-12-04 07:40 - 00000000 ____D C:\Users\joshia\AppData\Local\Adobe
2015-12-03 13:58 - 2015-12-03 13:58 - 00000000 ____D C:\Users\joshia\Documents\StarCraft II
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-01 16:00 - 2015-10-27 18:37 - 00003770 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0E7BA79-1C90-4DD0-8583-33EF59A6605F}
2016-01-01 14:24 - 2012-10-28 13:07 - 00000870 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-01-01 03:29 - 2015-10-18 19:39 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1629525133-1994508930-683499572-1002
2015-12-31 17:14 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 04:48 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS
2015-12-30 01:10 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-29 20:37 - 2015-10-18 21:08 - 00000000 ____D C:\Users\joshia\AppData\Local\CrashDumps
2015-12-29 17:50 - 2015-10-19 12:50 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Awesomium
2015-12-28 23:29 - 2014-11-21 01:44 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-28 23:29 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-27 21:20 - 2015-01-14 06:02 - 00000000 ____D C:\Users\joshia\Documents\my games
2015-12-27 13:57 - 2015-10-31 20:58 - 00000000 ____D C:\Users\joshia\AppData\Local\Bohemia_Interactive
2015-12-27 11:47 - 2015-11-16 17:51 - 00000000 ____D C:\ProgramData\Origin
2015-12-27 11:45 - 2015-10-25 15:31 - 00000000 ___DO C:\Users\joshia\OneDrive
2015-12-27 11:45 - 2012-10-28 13:07 - 00000868 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-12-27 11:44 - 2015-10-23 06:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-27 11:44 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-27 11:44 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-26 16:19 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-26 02:20 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\schemas
2015-12-26 01:48 - 2014-11-21 09:03 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 01:48 - 2014-11-21 09:03 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 20:46 - 2012-08-04 18:43 - 00000000 ____D C:\ProgramData\McAfee
2015-12-25 20:46 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-12-25 19:44 - 2015-10-31 16:04 - 00001930 _____ C:\WINDOWS\System32\Tasks\{F642E88F-8D68-4BC2-9E97-7E25D9E2E618}
2015-12-25 19:44 - 2012-10-28 13:14 - 00002068 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-12-25 19:38 - 2015-10-22 16:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-25 19:38 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files\mcafee
2015-12-25 12:55 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-12-25 12:55 - 2013-08-22 07:44 - 00346632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-25 12:11 - 2015-10-23 08:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-25 12:03 - 2015-10-18 19:32 - 00000000 ____D C:\Users\joshia\AppData\Local\Google
2015-12-25 12:03 - 2015-10-18 19:32 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-25 01:10 - 2015-11-16 17:50 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-25 01:04 - 2015-10-26 06:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-25 01:04 - 2015-10-26 06:02 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-25 00:57 - 2012-10-28 13:15 - 00001988 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-12-25 00:57 - 2012-10-28 13:15 - 00001904 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-12-25 00:57 - 2012-10-28 13:14 - 00001794 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2015-12-25 00:57 - 2012-10-28 13:11 - 00001692 _____ C:\WINDOWS\System32\Tasks\BtvStack
2015-12-25 00:57 - 2012-10-28 13:11 - 00001688 _____ C:\WINDOWS\System32\Tasks\BtTray
2015-12-25 00:57 - 2012-10-28 13:07 - 00002574 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-12-25 00:57 - 2012-10-28 13:07 - 00002270 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-12-23 14:41 - 2015-01-25 13:17 - 00053248 ___SH C:\Users\joshia\Desktop\Thumbs.db
2015-12-23 13:34 - 2015-10-23 07:03 - 00000000 ____D C:\Users\joshia
2015-12-23 12:43 - 2015-11-01 18:35 - 00001395 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-12-23 12:42 - 2015-10-23 06:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 19:16 - 2012-08-04 18:43 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-12-21 19:16 - 2012-07-26 01:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-21 19:15 - 2015-10-21 07:52 - 00003064 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2015-12-21 19:14 - 2015-10-21 07:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-12-21 11:52 - 2015-10-20 19:58 - 00000000 ____D C:\Users\joshia\AppData\Local\Battle.net
2015-12-17 21:01 - 2015-10-31 21:07 - 00000000 ____D C:\Users\joshia\AppData\Local\Arma 3
2015-12-17 15:41 - 2015-10-22 16:45 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Skype
2015-12-17 12:37 - 2015-10-31 18:07 - 00000000 ____D C:\Users\joshia\AppData\Local\UnrealEngine
2015-12-17 12:36 - 2015-10-31 17:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 10:34 - 2015-11-28 14:26 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-16 10:34 - 2015-11-01 18:47 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01846016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01530240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-12-16 10:34 - 2015-11-01 18:33 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 18716176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 16286888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 14005408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 10:34 - 2013-12-10 07:13 - 00034848 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 10:34 - 2013-12-10 07:12 - 03637352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 10:34 - 2013-12-10 07:12 - 03211760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 02985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 07:53 - 2015-10-23 06:53 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 07:53 - 2015-10-23 06:53 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 07:49 - 2015-11-01 18:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-15 11:11 - 2015-10-20 16:44 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-15 00:18 - 2015-10-18 21:18 - 00003348 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2015-12-10 20:26 - 2015-10-19 17:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 20:22 - 2015-10-19 17:37 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 20:03 - 2015-10-20 19:58 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Battle.net
2015-12-05 21:35 - 2015-11-27 21:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-05 20:11 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 07:40 - 2015-10-18 19:26 - 00000000 ____D C:\Users\joshia\AppData\Roaming\Adobe
 
==================== Files in the root of some directories =======
 
2015-12-26 16:19 - 2015-12-27 11:45 - 0000401 _____ () C:\Users\joshia\AppData\Roaming\sp_data.sys
2012-08-04 18:42 - 2012-07-29 23:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:42 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-20 03:13
 
==================== End of FRST.txt ============================


#8 sovitin

sovitin
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 01 January 2016 - 07:17 PM

The redirection virus is still present.



#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 02 January 2016 - 09:29 AM

STEP 1
b8zkrsY.png Browser Reset
 
Before proceeding, please refer to the following instructions on how you can backup your Favourites/Bookmarks.

Using the relevant instructions below, please reset your installed browsers.
As Internet Explorer is an integral part of Windows, please ensure you reset this browser regardless of whether you use it or not.


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 sovitin

sovitin
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 02 January 2016 - 06:35 PM

So far it is working, if the problem does pop up i will Pm you, thank you so much for your support and getting back to me, i do wish you the best. 



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 03 January 2016 - 05:14 AM

Hello,
in my opinion your PC is clean.   :) If you would like to donate some money to me, then click on the button paypal.gif. I'd really appreciate it, my friend.   :)


We need to remove the tools we've used during cleaning your machine.

  • Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 

Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

Keep Safe!   :thumbsup:


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:07 AM

Posted 07 January 2016 - 11:02 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users