Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unsure the infection, but 20 years windows exp states there is one


  • This topic is locked This topic is locked
3 replies to this topic

#1 mmd123

mmd123

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:central ohio
  • Local time:12:29 PM

Posted 30 March 2016 - 03:37 PM

so, yea, been an avid windows user for dang near 20 years now, at my meager age of 24.....and, something just is not right....I do not know what is wrong, but I  CAN JUST TELL somethings not right...
 
nothing is finding anything, not kaspersky total security 2016, not kaspersky virus removal tool, not mbam or mbam premium (however mbam was physically unable to update, for anything, I straight up had to spend hours gettting the definitions up to date as the servers were blocked, and also could not activate my sub due to activation servers also being blocked), superantispyware, as per my norm with it, always crashes when scanning the system, msisoft emergency kit is still running, has found a total of 19 items, of which like 12 are "no risk" items, and its not finding what I know is there, as everything it finds I'm already aweare of the files in question and know them to be, for the most part save one or two, to be legit files, hijackthis has FOUND THINGS THAT RAISE HUGE RED FLAGS TO ME already, and just, sooo many other things I've tried that have been completely fruitless as heck...
 
anywho, the logs in question now.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by High Voltage (administrator) on FURRYONE (28-03-2016 01:45:12)
Running from S:\Downloads
Loaded Profiles: High Voltage (Available Profiles: High Voltage)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\GCloud.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe
() C:\Program Files (x86)\Livedrive\VSSService.exe
(Malwarebytes Corporation) S:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Malwarebytes Corporation) S:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\proXPN\bin\proXpnService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Horizon DataSys Inc) C:\Program Files\Shield\ShdServ.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) S:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
(Microsoft Corporation) S:\program files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) S:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\High Voltage\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\High Voltage\AppData\Local\Akamai\netsession_win.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files (x86)\proXPN\bin\proXPN.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Malwarebytes Corporation) S:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Oracle Corporation) S:\program files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(The OpenVPN Project) C:\Program Files (x86)\proXPN\bin\openvpn.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
(Valve Corporation) S:\program files (x86)\Common Files\Steam\SteamService.exe
(Wacom Technology, Corp.) S:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Autodesk Inc.) C:\Users\High Voltage\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Wacom Technology) S:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) S:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
(Wacom Technology, Corp.) S:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2\RPMDaemon.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) S:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Malwarebytes) S:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
() C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
(Google Inc.) S:\program files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [961024 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-26] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] => C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe [1993216 2011-08-18] (SteelSeries)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => S:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2622432 2016-01-29] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => S:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\Gigabyte\SmartRecovery2\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>)
HKLM-x32\...\RunOnce: [SIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1902456 2016-01-15] (SeriousBit)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [Akamai NetSession Interface] => C:\Users\High Voltage\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [Discord] => C:\Users\High Voltage\AppData\Local\Discord\app-0.0.286\Discord.exe [53420216 2016-03-05] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-02-29] (SUPERAntiSpyware)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Run: [proXPN] => C:\Program Files (x86)\proXPN\bin\proXPN.exe [1538936 2016-02-07] ()
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\RunOnce: [Uninstall C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\RunOnce: [Uninstall C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\MountPoints2: {1ca844fe-bb0c-11e5-b65b-fcaa149459c2} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\MountPoints2: {36c79d6e-ba47-11e5-b65b-fcaa149459c2} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\MountPoints2: {7a3e47b6-b8c8-11e5-9267-806e6f6e6963} - F:\VZW_Software_upgrade_assistant.exe
IFEO\taskmgr.exe: [Debugger] "S:\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE"
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-10-29] (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-10-29] (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-10-29] (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Livedrive\Extensions.dll [2015-10-29] (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
Startup: C:\Users\High Voltage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2013-05-06] ()
BootExecute: autocheck autochk * ShdSync

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.22.1 10.0.22.2
Tcpip\..\Interfaces\{5BE8D41E-BF1E-421B-8723-329CCCCD245F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AEC91262-E8C2-4A8D-9C2A-3D557F839A5A}: [DhcpNameServer] 10.0.22.1 10.0.22.2
Tcpip\..\Interfaces\{E9DEACA3-98F3-45F8-9BCF-0A2B96115922}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-521393813-4001764701-2461359094-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-23] (Microsoft Corporation)
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> S:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-03-23] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-08] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> S:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> S:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-03-23] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2016-01-08] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> S:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2016-01-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-521393813-4001764701-2461359094-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-23] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default
FF Session Restore: -> is enabled.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> S:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> S:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> S:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> S:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: BetterPrivacy - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-01-12]
FF Extension: WOT - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-12]
FF Extension: Nightly Tester Tools - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2016-01-12]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2016-01-12]
FF Extension: Tab Preview - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991}.xpi [2016-01-12]
FF Extension: Resurrect Pages - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2016-01-12]
FF Extension: TinEye Reverse Image Search - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\tineye@ideeinc.com.xpi [2016-01-12]
FF Extension: Test Pilot - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\testpilot@labs.mozilla.com.xpi [2016-01-12]
FF Extension: RequestPolicy - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\requestpolicy@requestpolicy.com.xpi [2016-01-12]
FF Extension: Lazarus: Form Recovery - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\lazarus@interclue.com.xpi [2016-01-12]
FF Extension: Greasefire - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\greasefire@skrul.com.xpi [2016-01-12]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-01-12]
FF Extension: DownThemAll! AntiContainer - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\anticontainer@downthemall.net.xpi [2016-01-16]
FF Extension: Stylish - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-01-29]
FF Extension: Greasefire2 - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\greasefire2@b0nk3rz.net.xpi [2016-02-03]
FF Extension: Greasemonkey - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-21]
FF Extension: LastPass - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\support@lastpass.com [2016-03-11]
FF Extension: Classic Theme Restorer - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-03-18]
FF Extension: Xmarks - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\foxmarks@kei.com [2016-03-19]
FF Extension: NoScript - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-03-24]
FF Extension: HTTPS-Everywhere - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\extensions\https-everywhere@eff.org [2016-03-25]
FF Extension: DownThemAll! - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\dta@downthemall.net.xpi [2016-03-26]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-02-17]
FF Extension: F.B. Purity - Cleans Up Facebook - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\fbp@fbpurity.com.xpi [2016-01-11]
FF Extension: Ghostery - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\firefox@ghostery.com.xpi [2016-03-24]
FF Extension: Webmail Ad Blocker - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\gmailnoads@mywebber.com.xpi [2016-01-11]
FF Extension: YouTube™ Flash-HTML5 - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2016-01-27]
FF Extension: AdBlock for YouTube™ - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-03-27]
FF Extension: No Install Delay - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\noinstalldelay@trlkly.drivehq.com.xpi [2016-01-11]
FF Extension: Prevent Tab Overflow - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\noverflow@sdrocking.com.xpi [2016-01-11]
FF Extension: Restartless Restart - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\restartless.restart@erikvold.com.xpi [2016-01-11]
FF Extension: Tab Groups - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\tabgroups@quicksaver.xpi [2016-03-25]
FF Extension: videoresumer - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\videoresumer@jetpack.xpi [2016-01-11]
FF Extension: Facebook Phishing Protector - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2016-01-11]
FF Extension: Session Manager - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-19]
FF Extension: Bluhell Firewall - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2016-01-20]
FF Extension: YouTube High Definition - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-03-19]
FF Extension: Video DownloadHelper - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-11]
FF Extension: Adblock Plus - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Facebook Share Button - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d}.xpi [2016-03-27]
FF Extension: DownThemAll! - C:\Users\High Voltage\AppData\Roaming\Mozilla\Firefox\Profiles\dyha5p9c.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-01-12]
FF Extension: Default - S:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-03-03]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_16_02&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzyyEyDzy0CtB0C0Bzz0AtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StB0AzzyByB0AtCtCtGyEtAtA0BtGzztBzztAtGtDtB0A0CtGyC0B0BzztCyC0A0DtA0Czy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0EyDtC0FtC0B0DtGtD0DtA0DtGyEzztA0BtG0AyByByEtG0D0FyDyEyBzzyDyC0F0FtAtB2QtN0A0LzutB%26cr%3D484039016%26a%3Dwncy_frg01_16_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
CHR StartupUrls: Default -> "hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_16_02&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0C0A0AtCyEzyyEyDzy0CtB0C0Bzz0AtN0D0Tzu0StCyEyBtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StB0AzzyByB0AtCtCtGyEtAtA0BtGzztBzztAtGtDtB0A0CtGyC0B0BzztCyC0A0DtA0Czy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0EyDtC0FtC0B0DtGtD0DtA0DtGyEzztA0BtG0AyByByEtG0D0FyDyEyBzzyDyC0F0FtAtB2QtN0A0LzutB%26cr%3D484039016%26a%3Dwncy_frg01_16_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate","hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - S:\program files (x86)\Google\Chrome\Application\49.0.2623.87\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - S:\program files (x86)\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - S:\program files (x86)\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\High Voltage\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\High Voltage\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-08]
CHR Extension: (Dmail) - C:\Users\High Voltage\AppData\Local\Google\Chrome\User Data\Default\Extensions\fblelgmhengcpjogkpmmhjghbcelaake [2016-03-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\High Voltage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2016-01-08] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-13] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [114176 2014-11-17] (Creative Technology Ltd)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed]
R2 GCloud; C:\Program Files (x86)\GIGABYTE\CloudStation\HomeCloud\GCloud.exe [19264 2014-06-18] (Microsoft)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [61248 2014-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-07-18] ()
R2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [212152 2015-10-29] ()
R2 MbaeSvc; S:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 proXPN VPN; C:\Program Files (x86)\proXPN\bin\proXPNService.exe [133496 2016-02-07] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 ShdServ; C:\Program Files\Shield\shdserv.exe [255456 2016-01-11] (Horizon DataSys Inc)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R3 Steam Client Service; S:\Program Files (x86)\Common Files\Steam\SteamService.exe [835152 2016-03-10] (Valve Corporation)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinDefend; S:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMPNetworkSvc; S:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2015-12-21] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1065728 2014-11-17] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [34048 2014-11-17] (Creative Technology Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-13] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESProtectionDriver; S:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
R2 GhFlt; C:\Windows\system32\drivers\ghflt.sys [16856 2016-01-07] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-03] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2016-01-08] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2016-01-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934808 2016-03-03] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-08] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-28] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [40976 2015-08-04] (SeriousBit)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R0 Shdbus; C:\Windows\System32\DRIVERS\Shdbus.sys [30176 2016-01-11] (Horizon DataSys Inc)
R0 Shield; C:\Windows\System32\DRIVERS\shield.sys [81888 2016-01-11] (Horizon DataSys Inc)
R0 Shieldf; C:\Windows\System32\DRIVERS\Shieldf.sys [32736 2016-01-11] (Horizon DataSys Inc)
R0 Shieldm; C:\Windows\System32\DRIVERS\Shieldm.sys [35296 2016-01-11] (Horizon DataSys Inc)
R3 SSMO3v2Filter; C:\Windows\System32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-28 01:44 - 2016-03-28 01:45 - 00000000 ____D C:\FRST
2016-03-28 01:36 - 2016-03-28 01:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-28 01:36 - 2016-03-28 01:36 - 00000000 ____D S:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-28 01:36 - 2016-03-28 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-28 01:36 - 2016-03-28 01:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-28 01:36 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-28 01:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-28 01:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-28 01:19 - 2016-03-28 01:19 - 00016360 _____ C:\Users\High Voltage\AppData\Roaming\CairoAppConfig.xml
2016-03-28 01:16 - 2016-03-28 01:16 - 00000210 _____ C:\Users\High Voltage\AppData\Roaming\CairoStacksConfig.xml
2016-03-28 01:16 - 2016-03-28 01:16 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Cairo
2016-03-28 01:03 - 2016-03-28 01:31 - 00000000 ____D S:\Program Files (x86)\FreeCommander XE
2016-03-28 01:03 - 2016-03-28 01:03 - 00000000 ____D C:\Users\High Voltage\AppData\Local\FreeCommanderXE
2016-03-28 01:03 - 2016-03-28 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE
2016-03-27 23:05 - 2016-03-27 23:04 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-03-27 23:02 - 2016-03-27 23:02 - 00003250 _____ C:\Windows\System32\Tasks\{CFD7E9A0-81A6-460F-985C-651415DB1908}
2016-03-27 22:44 - 2016-03-27 22:45 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-03-27 22:44 - 2016-03-27 22:44 - 00000000 ____D S:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-03-27 22:44 - 2016-03-27 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-03-27 22:39 - 2016-03-27 23:02 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-27 21:03 - 2016-03-27 21:10 - 00000000 ____D S:\Program Files\Skyperious
2016-03-27 21:03 - 2016-03-27 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skyperious
2016-03-27 20:49 - 2016-03-27 20:49 - 00000000 ____D C:\Users\High Voltage\.android
2016-03-27 01:05 - 2016-03-27 01:05 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Maize Sampler Player
2016-03-27 01:04 - 2016-03-27 02:27 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Native Instruments
2016-03-27 01:04 - 2016-03-27 01:04 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Glitch2
2016-03-27 00:34 - 2016-03-27 00:34 - 00000000 __HDC C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}
2016-03-27 00:22 - 2016-03-27 00:22 - 00000000 __HDC C:\ProgramData\{78915E0A-25F8-47A2-9793-CEBC2D28F274}
2016-03-27 00:22 - 2016-03-27 00:22 - 00000000 __HDC C:\ProgramData\{6032CB49-DE54-4192-9F71-65859D0B544F}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{C693A367-F08F-4F42-A5DE-8996D6AC24F0}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{A9FC06D6-E75C-4DA2-B8D2-8D91C1A269C3}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{98F83ED2-DF89-465B-8EB3-F87E179CFA56}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{849C3EA7-6C44-4D64-BFD2-FC5AF841BE83}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{7C702C5F-ADE3-4D28-9619-90BA76D4E1ED}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{03697879-2B80-4810-9B4D-D8EF1EE777F0}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 __HDC C:\ProgramData\{0209395A-8E4A-48E1-A5E3-C830292F263C}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{786FEDEA-8E71-4900-8D2F-40933D86B376}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{2FF04994-9599-464E-AD99-B09CBE2122AE}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{DFAB8828-7DA2-4573-A254-15D802A10A7E}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{B96A0118-1095-4E34-9C27-D87092B77F67}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{926BF989-2A51-492D-8A6A-E9D533417C34}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{727F248C-CA81-4A68-8E01-27236ED99D98}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{1C7A6EB7-BED0-4444-B0DA-4BFDCF83C380}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 __HDC C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{A793ECF9-34FC-47F0-8CBE-0B3DEA468C01}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{5309003E-4102-4141-A0C9-7507F0E10F52}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{1CCB05D7-901D-4CCB-816F-73AC0098D30A}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{499D67BC-046E-4931-8BFB-D5ABB500E67C}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{0221FDDB-41E3-4971-AC93-5048F8D7CAAC}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{FB5C60A0-15D1-4DEF-A6EF-3366AC37909F}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{F036CC43-6BE8-4CBD-91C3-76F4BC8FFD6F}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{D53B5F71-B715-494C-AFD4-BB0C94C787E5}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{B54CEF12-4612-4E77-B06C-403C662468E7}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{A6377726-7317-464A-87EB-693294E9F383}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{6B991D2A-5E91-44B4-BE28-CFDCED1835AB}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{18869C94-495B-4D97-8C75-E405CF6509CB}
2016-03-27 00:14 - 2016-03-27 00:14 - 00000000 __HDC C:\ProgramData\{EFEC7DCC-2F91-4828-B49D-8506F9F0D9FF}
2016-03-27 00:14 - 2016-03-27 00:14 - 00000000 __HDC C:\ProgramData\{7AFFCFD3-F022-420B-8E87-BBAED1C983C8}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{F4C30B44-15B7-482B-8B80-38AA0AB0956A}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{AD7B6000-2063-4CF8-A07D-49A34A4164E7}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{03149E88-061F-4C01-98FF-736811F5AEF5}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{F565CCC6-40E0-4D3B-A268-394489E1A288}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{BC4F73B4-86E2-45AA-A4F8-3D7C23012DDF}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{831278B3-E363-4BCB-B754-70A9488477C9}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{E753D955-673D-4851-B06F-9A9D0C44C02C}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{87A1E31E-1C63-4A99-AEEA-EA57A3043C1D}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{34163C5E-1AE4-49D8-B5F9-A3C2422AAB96}
2016-03-27 00:08 - 2016-03-27 00:08 - 00000000 __HDC C:\ProgramData\{B9F39E05-2A83-4A5C-873C-9004232BF507}
2016-03-27 00:07 - 2016-03-27 00:07 - 00000000 __HDC C:\ProgramData\{D8A99D59-FC0A-442D-AFE3-3ACD232C2D11}
2016-03-27 00:04 - 2016-03-27 00:04 - 00000000 __HDC C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}
2016-03-27 00:02 - 2016-03-27 00:02 - 00000000 __HDC C:\ProgramData\{5CCB3323-39AA-41ED-8599-AECD2B307327}
2016-03-27 00:01 - 2016-03-27 00:01 - 00000000 __HDC C:\ProgramData\{EC39AE66-34A3-419D-BCB8-29619DA92C37}
2016-03-27 00:01 - 2016-03-27 00:01 - 00000000 __HDC C:\ProgramData\{54946576-BA75-44B8-B88E-CA765E921188}
2016-03-26 23:55 - 2016-03-26 23:55 - 00000000 __HDC C:\ProgramData\{E2A3D3D3-946E-4752-90FB-AF37CC248734}
2016-03-26 23:53 - 2016-03-27 02:25 - 00000000 __HDC C:\ProgramData\{F92C204F-6C39-4D56-B100-EC929C871966}
2016-03-26 23:40 - 2016-03-26 23:40 - 00000000 __HDC C:\ProgramData\{F498FDAE-BA77-4B5C-8DB3-889B3AD5E273}
2016-03-26 23:40 - 2016-03-26 23:40 - 00000000 __HDC C:\ProgramData\{DE521B66-DEF0-47C8-889C-6F9CD6F36CEB}
2016-03-26 23:39 - 2016-03-26 23:39 - 00000000 __HDC C:\ProgramData\{0E6B114B-EAAB-4EE8-9ED4-AB156948B2E0}
2016-03-26 23:38 - 2016-03-27 02:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-03-26 23:38 - 2016-03-27 00:22 - 00000000 ____D S:\Program Files\Native Instruments
2016-03-26 23:38 - 2016-03-27 00:20 - 00000000 ____D S:\Program Files\Common Files\Native Instruments
2016-03-26 23:38 - 2016-03-26 23:38 - 00000000 __HDC C:\ProgramData\{9C964661-2E2A-47A7-848E-D45FCF01A2C2}
2016-03-26 23:38 - 2016-03-26 23:38 - 00000000 ____D C:\ProgramData\Native Instruments
2016-03-25 14:30 - 2016-03-25 14:30 - 00000000 ___HD C:\OneDriveTemp
2016-03-25 13:23 - 2016-02-05 14:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-25 13:23 - 2016-02-05 14:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-25 13:23 - 2016-02-05 13:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-25 13:23 - 2016-02-02 14:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-25 13:23 - 2016-02-01 15:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-25 13:23 - 2016-02-01 14:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-25 13:23 - 2016-02-01 14:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-25 13:23 - 2016-02-01 14:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-25 13:23 - 2016-02-01 14:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-25 13:23 - 2016-02-01 14:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-25 13:23 - 2016-02-01 14:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-25 13:23 - 2016-02-01 14:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-25 13:23 - 2016-02-01 14:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-25 13:23 - 2016-02-01 14:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-25 13:23 - 2016-01-20 20:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-25 13:23 - 2015-06-03 16:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-25 00:16 - 2016-03-25 13:31 - 00000000 ____D S:\Program Files (x86)\Mozilla Firefox
2016-03-24 02:25 - 2016-03-24 02:25 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\MeldaProduction
2016-03-24 02:25 - 2016-03-24 02:25 - 00000000 ____D C:\ProgramData\MeldaProduction
2016-03-24 01:20 - 2016-03-24 21:57 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Apple Computer
2016-03-24 01:20 - 2016-03-24 01:20 - 00000000 ____D S:\Program Files (x86)\LinCity-NG
2016-03-24 01:20 - 2016-03-24 01:20 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Apple Computer
2016-03-24 01:20 - 2016-03-24 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinCity-NG
2016-03-24 01:20 - 2016-03-24 01:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-24 01:19 - 2016-03-24 01:19 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files\iTunes
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files\iPod
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files\Common Files\Apple
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files\Bonjour
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files (x86)\iTunes
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files (x86)\Bonjour
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D S:\Program Files (x86)\Apple Software Update
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Apple
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D C:\ProgramData\Apple Computer
2016-03-24 01:19 - 2016-03-24 01:19 - 00000000 ____D C:\ProgramData\Apple
2016-03-24 01:18 - 2016-03-24 01:18 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\GoPro
2016-03-24 01:18 - 2016-03-24 01:18 - 00000000 ____D C:\Users\High Voltage\AppData\Local\GoPro
2016-03-24 01:17 - 2016-03-24 01:18 - 00000000 ____D C:\Users\Public\CineForm
2016-03-24 01:17 - 2016-03-24 01:17 - 00000000 ____D S:\Program Files (x86)\GoPro
2016-03-24 01:17 - 2016-03-24 01:17 - 00000000 ____D S:\Program Files (x86)\CineForm
2016-03-24 01:17 - 2016-03-24 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2016-03-24 01:11 - 2016-03-24 01:13 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Pagico
2016-03-24 01:11 - 2016-03-24 01:11 - 00000000 ____D C:\Users\High Voltage\AppData\Local\NOTES 17 LLC
2016-03-24 01:10 - 2016-03-24 01:10 - 00000000 ____D S:\Program Files\Pagico
2016-03-24 01:10 - 2016-03-24 01:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pagico
2016-03-23 23:59 - 2007-11-21 04:34 - 00007744 _____ (Altiris) C:\Windows\SysWOW64\HookDll.dll
2016-03-23 23:59 - 2006-11-06 12:22 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-03-23 23:53 - 2016-03-23 23:53 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2016-03-23 23:53 - 2016-03-23 23:53 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2016-03-23 23:53 - 2016-03-23 23:53 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-03-23 23:42 - 2016-03-23 23:42 - 00000046 _____ C:\Windows\SysWOW64\DonationCoder_processtamer_InstallInfo.dat
2016-03-23 23:42 - 2016-03-23 23:42 - 00000046 _____ C:\Users\High Voltage\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
2016-03-23 23:42 - 2016-03-23 23:42 - 00000000 ____D S:\Program Files (x86)\ProcessTamer
2016-03-23 23:42 - 2016-03-23 23:42 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\DonationCoder
2016-03-23 23:42 - 2016-03-23 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessTamer
2016-03-23 23:42 - 2016-03-23 23:42 - 00000000 ____D C:\ProgramData\DonationCoder
2016-03-23 23:39 - 2016-03-23 23:40 - 00000000 ____D S:\Program Files\CCleaner
2016-03-23 23:39 - 2016-03-23 23:39 - 00002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-23 23:39 - 2016-03-23 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-23 23:37 - 2016-03-23 23:37 - 00000000 ____D S:\Program Files\7-Zip
2016-03-23 23:37 - 2016-03-23 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-20 22:31 - 2016-03-20 22:32 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\vlc
2016-03-20 22:31 - 2016-03-20 22:31 - 00000000 ____D S:\Program Files (x86)\VideoLAN
2016-03-20 22:31 - 2016-03-20 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-20 21:50 - 2016-03-20 21:50 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\RenPy
2016-03-20 21:40 - 2016-03-24 20:28 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Battle.net
2016-03-20 21:40 - 2016-03-20 21:41 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Battle.net
2016-03-20 21:40 - 2016-03-20 21:40 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Blizzard Entertainment
2016-03-20 21:40 - 2016-03-20 21:40 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-03-20 21:40 - 2016-03-20 21:40 - 00000000 ____D C:\ProgramData\Battle.net
2016-03-20 21:27 - 2016-03-20 21:43 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\OBS
2016-03-20 21:27 - 2016-03-20 21:27 - 00000000 ____D S:\Program Files\OBS
2016-03-20 21:27 - 2016-03-20 21:27 - 00000000 ____D S:\Program Files (x86)\OBS
2016-03-20 21:27 - 2016-03-20 21:27 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-03-20 19:54 - 2016-03-20 19:54 - 00000000 ____D S:\Program Files\Firestorm-Releasex64
2016-03-20 19:54 - 2016-03-20 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm
2016-03-19 01:50 - 2016-03-19 01:50 - 00000000 ____D S:\Program Files\SUPERAntiSpyware
2016-03-19 01:50 - 2016-03-19 01:50 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\SUPERAntiSpyware.com
2016-03-19 01:50 - 2016-03-19 01:50 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-19 01:50 - 2016-03-19 01:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-19 00:07 - 2016-03-19 00:24 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Mp3tag
2016-03-19 00:07 - 2016-03-19 00:07 - 00000000 ____D S:\Program Files (x86)\Mp3tag
2016-03-19 00:07 - 2016-03-19 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-03-19 00:05 - 2016-03-19 00:06 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\ID3-TagIT 3
2016-03-19 00:02 - 2016-03-19 00:02 - 00000000 ____D S:\Program Files (x86)\ID3-TagIT 3
2016-03-19 00:02 - 2016-03-19 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ID3-TagIT 3
2016-03-19 00:02 - 2016-03-19 00:02 - 00000000 ____D C:\ProgramData\ID3-TagIT 3
2016-03-09 23:08 - 2016-02-12 14:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 23:08 - 2016-02-12 14:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 23:08 - 2016-02-12 14:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 23:08 - 2016-02-12 14:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 23:08 - 2016-02-12 14:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 23:08 - 2016-02-12 14:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 23:08 - 2016-02-12 14:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 23:08 - 2016-02-12 14:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 23:08 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 23:08 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 23:08 - 2016-02-12 14:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 23:08 - 2016-02-12 14:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 23:08 - 2016-02-12 14:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 23:08 - 2016-02-12 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 23:08 - 2016-02-12 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 23:08 - 2016-02-12 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 23:08 - 2016-02-04 13:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 23:07 - 2016-02-19 15:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 23:07 - 2016-02-19 14:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 23:07 - 2016-02-19 10:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 23:07 - 2016-02-11 14:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 23:07 - 2016-02-11 14:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 23:07 - 2016-02-11 14:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 23:07 - 2016-02-11 14:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 23:07 - 2016-02-11 14:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 23:07 - 2016-02-11 14:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 23:07 - 2016-02-11 14:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 23:07 - 2016-02-11 14:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 23:07 - 2016-02-11 14:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 23:07 - 2016-02-11 14:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 23:07 - 2016-02-11 14:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 23:07 - 2016-02-11 14:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 23:07 - 2016-02-11 14:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 23:07 - 2016-02-11 14:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 23:07 - 2016-02-11 14:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 23:07 - 2016-02-11 14:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 23:07 - 2016-02-11 14:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 23:07 - 2016-02-11 14:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 23:07 - 2016-02-11 14:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 23:07 - 2016-02-11 14:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 23:07 - 2016-02-11 14:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 23:07 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 23:07 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 23:07 - 2016-02-11 14:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 23:07 - 2016-02-11 14:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 23:07 - 2016-02-11 14:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 23:07 - 2016-02-11 14:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 23:07 - 2016-02-11 14:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 23:07 - 2016-02-11 14:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 23:07 - 2016-02-11 14:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 23:07 - 2016-02-11 14:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 23:07 - 2016-02-11 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 23:07 - 2016-02-11 14:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 23:07 - 2016-02-11 14:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 13:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 23:07 - 2016-02-11 13:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 23:07 - 2016-02-11 13:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 23:07 - 2016-02-11 13:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 23:07 - 2016-02-11 13:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 23:07 - 2016-02-11 13:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 23:07 - 2016-02-11 13:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 23:07 - 2016-02-11 13:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 23:07 - 2016-02-11 13:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 23:07 - 2016-02-11 13:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 23:07 - 2016-02-11 13:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 23:07 - 2016-02-11 13:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 23:07 - 2016-02-11 13:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 23:07 - 2016-02-11 13:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 23:07 - 2016-02-11 13:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 13:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 23:07 - 2016-02-11 10:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 23:07 - 2016-02-09 05:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 23:07 - 2016-02-09 05:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 23:07 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 23:07 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 23:07 - 2016-02-09 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 23:07 - 2016-02-09 05:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 23:07 - 2016-02-09 05:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 23:07 - 2016-02-09 05:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 23:07 - 2016-02-09 05:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 23:07 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 23:07 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 23:07 - 2016-02-09 02:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 23:07 - 2016-02-09 02:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 23:07 - 2016-02-08 17:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 23:07 - 2016-02-08 16:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 23:07 - 2016-02-08 16:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 23:07 - 2016-02-08 16:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 23:07 - 2016-02-08 16:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 23:07 - 2016-02-08 16:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 23:07 - 2016-02-08 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 23:07 - 2016-02-08 16:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 23:07 - 2016-02-08 16:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 23:07 - 2016-02-08 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 23:07 - 2016-02-08 16:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 23:07 - 2016-02-08 16:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 23:07 - 2016-02-08 16:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 23:07 - 2016-02-08 16:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 23:07 - 2016-02-08 16:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 23:07 - 2016-02-08 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 23:07 - 2016-02-08 16:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 23:07 - 2016-02-08 16:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 23:07 - 2016-02-08 16:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 23:07 - 2016-02-08 16:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 23:07 - 2016-02-08 16:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 23:07 - 2016-02-08 16:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 23:07 - 2016-02-08 16:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 23:07 - 2016-02-08 16:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 23:07 - 2016-02-08 16:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 23:07 - 2016-02-08 16:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 23:07 - 2016-02-08 16:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 23:07 - 2016-02-08 16:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 23:07 - 2016-02-08 15:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 23:07 - 2016-02-08 15:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 23:07 - 2016-02-08 15:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 23:07 - 2016-02-08 14:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 23:07 - 2016-02-08 14:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 23:07 - 2016-02-08 14:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 23:07 - 2016-02-08 14:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 23:07 - 2016-02-08 14:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 23:07 - 2016-02-08 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 23:07 - 2016-02-08 14:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 23:07 - 2016-02-08 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 23:07 - 2016-02-08 14:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 23:07 - 2016-02-08 14:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 23:07 - 2016-02-08 14:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 23:07 - 2016-02-08 14:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 23:07 - 2016-02-08 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 23:07 - 2016-02-08 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 23:07 - 2016-02-08 14:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 23:07 - 2016-02-08 14:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 23:07 - 2016-02-08 14:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 23:07 - 2016-02-08 14:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 23:07 - 2016-02-08 13:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 23:07 - 2016-02-08 13:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 23:07 - 2016-02-08 13:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 23:07 - 2016-02-08 13:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 23:07 - 2016-02-08 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 23:07 - 2016-02-08 13:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 23:07 - 2016-02-08 13:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 23:07 - 2016-02-08 13:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 23:07 - 2016-02-08 13:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 23:07 - 2016-02-08 13:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 23:07 - 2016-02-08 13:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 23:07 - 2016-02-08 13:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 23:07 - 2016-02-08 13:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 23:07 - 2016-02-08 13:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 23:07 - 2016-02-08 12:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 23:07 - 2016-02-05 14:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 23:07 - 2016-02-05 14:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 23:07 - 2016-02-05 14:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 23:07 - 2016-02-05 14:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 23:07 - 2016-02-05 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 23:07 - 2016-02-05 14:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 23:07 - 2016-02-05 14:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 23:07 - 2016-02-05 13:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 23:07 - 2016-02-05 13:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 23:07 - 2016-02-05 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 23:07 - 2016-02-05 10:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 23:07 - 2016-02-05 10:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 23:07 - 2016-02-05 10:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 23:07 - 2016-02-04 21:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 23:07 - 2016-02-04 14:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 23:07 - 2016-02-03 14:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 23:07 - 2016-02-03 14:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 23:07 - 2016-02-03 14:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 23:07 - 2016-02-03 14:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 23:07 - 2016-02-03 14:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-28 01:45 - 2016-01-08 21:45 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Skype
2016-03-28 01:44 - 2016-01-08 21:14 - 00000000 ____D C:\Users\High Voltage\AppData\Local\DisplayFusion
2016-03-28 01:41 - 2009-07-14 00:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-28 01:41 - 2009-07-14 00:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-28 01:39 - 2009-07-14 01:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-28 01:39 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-03-28 01:38 - 2016-01-08 18:43 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\etdrv.sys
2016-03-28 01:37 - 2016-01-08 20:58 - 00000000 ___RD C:\Users\High Voltage\OneDrive
2016-03-28 01:37 - 2016-01-08 18:42 - 00026192 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-03-28 01:36 - 2016-01-11 22:49 - 00000051 _____ C:\Users\High Voltage\deletedRoute.txt
2016-03-28 01:33 - 2016-01-11 22:48 - 00009886 _____ C:\Users\High Voltage\proXPN.ovpn
2016-03-28 01:33 - 2016-01-08 20:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-28 01:33 - 2016-01-08 18:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-03-28 01:33 - 2016-01-07 21:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-28 01:33 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-28 01:32 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\L2Schemas
2016-03-28 01:30 - 2016-01-07 21:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-28 01:08 - 2016-01-09 03:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-27 23:05 - 2016-01-13 23:32 - 00000000 ____D C:\ProgramData\Oracle
2016-03-27 23:05 - 2016-01-13 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-03-27 23:05 - 2016-01-13 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-27 23:04 - 2016-01-13 23:32 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-03-27 23:04 - 2016-01-13 23:32 - 00000000 ____D S:\Program Files\Java
2016-03-27 23:04 - 2016-01-13 23:32 - 00000000 ____D C:\Users\High Voltage\.oracle_jre_usage
2016-03-27 23:03 - 2016-02-24 20:17 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-27 23:03 - 2016-02-24 20:17 - 00000000 ____D S:\Program Files (x86)\Java
2016-03-27 21:18 - 2016-01-08 20:35 - 00000000 ____D C:\Users\High Voltage\AppData\Local\CrashDumps
2016-03-27 20:49 - 2016-01-11 22:57 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Adobe
2016-03-27 20:49 - 2016-01-07 20:52 - 00000000 ____D C:\Users\High Voltage
2016-03-27 02:42 - 2016-01-13 22:22 - 00000000 ____D S:\Program Files (x86)\VstPlugins
2016-03-27 01:34 - 2016-01-20 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-03-27 01:34 - 2016-01-20 00:19 - 00000000 ____D C:\ProgramData\Autodesk
2016-03-27 00:58 - 2016-01-20 01:36 - 00000000 ____D S:\Program Files (x86)\Autodesk
2016-03-27 00:57 - 2016-01-13 23:35 - 00000091 _____ C:\HaxLogs.txt
2016-03-27 00:57 - 2016-01-13 23:34 - 00000000 ____D C:\Android
2016-03-26 23:37 - 2016-01-07 21:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-26 22:54 - 2016-01-12 20:23 - 00000000 ____D S:\Program Files\IIS
2016-03-26 22:52 - 2016-01-13 22:22 - 00000000 ____D S:\Program Files\Common Files\Propellerhead Software
2016-03-26 22:52 - 2009-07-13 23:20 - 00000000 ____D S:\Program Files\Common Files\SpeechEngines
2016-03-26 22:46 - 2016-01-20 01:06 - 00000000 ____D S:\Program Files\Autodesk
2016-03-26 22:41 - 2016-01-08 20:24 - 00000000 ____D S:\Program Files (x86)\NVIDIA Corporation
2016-03-26 22:32 - 2016-01-12 20:26 - 00000000 ____D S:\Program Files (x86)\Microsoft Office365 Tools
2016-03-26 22:31 - 2016-01-16 16:41 - 00000000 ____D S:\Program Files\SAMSUNG
2016-03-26 22:31 - 2016-01-12 01:16 - 00000000 ____D S:\Program Files (x86)\Microsoft Help Viewer
2016-03-26 22:31 - 2016-01-08 20:24 - 00000000 ____D S:\Program Files\NVIDIA Corporation
2016-03-26 22:30 - 2016-01-07 21:16 - 00000000 ___HD S:\Program Files (x86)\InstallShield Installation Information
2016-03-26 03:41 - 2016-01-13 22:21 - 00000000 ____D S:\Program Files\Image-Line
2016-03-26 03:09 - 2016-01-12 01:04 - 00000000 ____D C:\Users\High Voltage\AppData\LocalLow\LastPass
2016-03-25 22:46 - 2016-01-15 13:04 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Smart Recorder
2016-03-25 21:15 - 2016-01-14 23:12 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Wunderlist
2016-03-25 21:15 - 2016-01-08 21:04 - 00000000 ____D S:\Program Files (x86)\Steam
2016-03-25 14:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-25 13:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-03-25 13:31 - 2016-01-11 22:25 - 00000000 ____D S:\Program Files (x86)\Mozilla Maintenance Service
2016-03-25 03:24 - 2016-01-13 21:49 - 00000000 ____D C:\Users\High Voltage\DTA temp files
2016-03-24 23:39 - 2016-01-17 23:17 - 00000132 _____ C:\Users\High Voltage\AppData\Roaming\Adobe PNG Format CC Prefs
2016-03-24 20:33 - 2016-01-31 21:05 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\discord
2016-03-24 02:20 - 2016-01-08 20:35 - 00000000 ____D C:\Users\High Voltage\AppData\Local\NVIDIA Corporation
2016-03-24 02:20 - 2016-01-08 20:32 - 00000000 ____D C:\Users\High Voltage\AppData\Local\NVIDIA
2016-03-23 23:43 - 2016-01-12 01:04 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\FileZilla
2016-03-23 23:43 - 2016-01-07 23:40 - 00000000 ____D C:\Windows\Panther
2016-03-23 22:06 - 2016-01-08 21:02 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-23 22:05 - 2016-01-08 20:59 - 00000000 ____D S:\Program Files (x86)\Microsoft Office
2016-03-23 22:00 - 2016-01-10 03:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 22:00 - 2016-01-10 03:40 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 21:08 - 2016-01-09 03:21 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-23 21:08 - 2016-01-09 03:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-23 21:08 - 2016-01-09 03:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-20 21:22 - 2016-01-19 23:35 - 00000000 ____D C:\Users\High Voltage\AppData\Local\FirestormOS_x64
2016-03-20 20:13 - 2016-01-19 23:35 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Firestorm_x64
2016-03-19 23:56 - 2016-01-09 03:27 - 00000000 ___RD S:\Program Files (x86)\Skype
2016-03-19 23:56 - 2016-01-08 21:45 - 00000000 ____D C:\ProgramData\Skype
2016-03-19 01:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SchCache
2016-03-19 01:20 - 2016-01-08 20:56 - 00000078 ___RH C:\Windows\ctfile.rfc
2016-03-19 01:20 - 2016-01-08 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-03-19 01:19 - 2016-01-09 03:31 - 00000000 ____D S:\Program Files\Creative
2016-03-18 19:31 - 2016-01-07 21:10 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-11 22:33 - 2016-01-07 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-11 21:47 - 2016-01-08 20:58 - 00002139 _____ C:\Users\High Voltage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-11 21:34 - 2009-07-14 00:45 - 00424424 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 00:23 - 2016-01-08 21:40 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 00:20 - 2016-01-09 03:25 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-10 00:20 - 2016-01-08 21:40 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-05 22:55 - 2016-01-31 21:05 - 00000000 ____D C:\Users\High Voltage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-03-05 22:55 - 2016-01-31 21:04 - 00000000 ____D C:\Users\High Voltage\AppData\Local\SquirrelTemp
2016-03-05 22:55 - 2016-01-31 21:04 - 00000000 ____D C:\Users\High Voltage\AppData\Local\Discord
2016-03-03 20:34 - 2016-01-08 20:04 - 00934808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-03-03 20:34 - 2015-06-06 09:51 - 00077728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys

==================== Files in the root of some directories =======

2016-01-17 23:17 - 2016-03-24 23:39 - 0000132 _____ () C:\Users\High Voltage\AppData\Roaming\Adobe PNG Format CC Prefs
2016-03-28 01:19 - 2016-03-28 01:19 - 0016360 _____ () C:\Users\High Voltage\AppData\Roaming\CairoAppConfig.xml
2016-03-28 01:16 - 2016-03-28 01:16 - 0000210 _____ () C:\Users\High Voltage\AppData\Roaming\CairoStacksConfig.xml
2016-01-12 21:05 - 2016-01-12 21:05 - 0000042 _____ () C:\Users\High Voltage\AppData\Roaming\WB.CFG
2016-01-12 23:38 - 2016-01-12 23:39 - 0001456 _____ () C:\Users\High Voltage\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-03-23 23:42 - 2016-03-23 23:42 - 0000046 _____ () C:\Users\High Voltage\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
2016-01-07 21:18 - 2016-01-07 21:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\High Voltage\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\High Voltage\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\High Voltage\AppData\Local\Temp\proXPN-4.3.6.0-install.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-25 13:49

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by High Voltage (2016-03-28 01:45:35)
Running from S:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-01-08 00:52:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-521393813-4001764701-2461359094-500 - Administrator - Disabled)
Guest (S-1-5-21-521393813-4001764701-2461359094-501 - Limited - Disabled)
High Voltage (S-1-5-21-521393813-4001764701-2461359094-1000 - Administrator - Enabled) => C:\Users\High Voltage

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B14.0730.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B14.0730.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AmbientLED B14.0819.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE)
AmbientLED B14.0819.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.15.1228 - Gigabyte)
APP Center (x32 Version: 1.15.1228 - Gigabyte) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{903D0F33-D3CF-48D6-967D-84004089428A}) (Version: 4.0.51203.1 - Microsoft Corporation)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE)
CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1408.1401 - GIGABYTE)
Cloud Station Server (x32 Version: 1.00.1408.1401 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0013 - GIGABYTE)
CloudStation (x32 Version: 1.00.0013 - GIGABYTE) Hidden
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative Music Server (HKLM-x32\...\Music Server) (Version: 1.01 - Creative Technology Limited)
Creative Smart Recorder (HKLM-x32\...\Smart Recorder) (Version: 2.20 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DesignDoll (HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\a94d3e1b3ab3bea6) (Version: 1.4.0.0 - Terawell)
Discord (HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\Discord) (Version: 0.0.286 - Hammer & Chisel, Inc.)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version: - Binary Fortress Software)
DisplayFusion 7.3.4 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.4.0 - Binary Fortress Software)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EZSetup B14.0709.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B14.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FARO LS 1.1.503.3 (64bit) (HKLM-x32\...\{1C05E654-FB81-4274-BF32-292E3707701D}) (Version: 5.3.3.38662 - FARO Scanner Production)
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.00.0000 - GIGABYTE)
Fast Boot (x32 Version: 1.00.0000 - GIGABYTE) Hidden
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Firestorm SecondLife and OpenSim viewer (Version: 4.7.48706 - The Phoenix Firestorm Project, Inc.) Hidden
Firestorm-Releasex64 x64 (HKLM-x32\...\{9021e9ec-b296-4490-9393-e22dbe687f33}) (Version: 4.7.48706 - The Phoenix Firestorm Project, Inc.)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
GameCtrl B14.0718.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE)
GameCtrl B14.0718.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
ID3-TagIT 3 (HKLM-x32\...\ID3-TagIT 3_is1) (Version: 3 - Michael Pluemper)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
LinCity-NG 2.0 (HKLM-x32\...\LinCity-NG_is1) (Version: - LinCity-NG Developers)
Livedrive (HKLM-x32\...\{4A20D375-0556-4B48-9282-14652FAF435C}) (Version: 3.0.3.51 - Livedrive Internet Limited)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6741.2017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-521393813-4001764701-2461359094-1000\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{1d03ad7c-fa27-4517-91b0-410bb49f94d9}) (Version: 14.0.24720.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
MindMaple Pro 1.71 (HKLM-x32\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
Mozilla Firefox 45.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1011 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B14.0217.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PCGen60401 (HKLM-x32\...\PCGen60401) (Version: - )
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Process Tamer 2.11.01 (HKLM-x32\...\Process Tamer_is1) (Version: - )
proXPN 4.3.5.2 (HKLM-x32\...\proXPN) (Version: 4.3.5.2 - proXPN B.V)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24723 - Microsoft Corporation) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skyperious 3.5 (HKLM-x32\...\Skyperious) (Version: 3.5 - Erki Suurjaak)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Smart Recovery 2 B14.0521.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B14.0731.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
Sound Blaster Z-Series (HKLM-x32\...\{A15CAB30-128B-4CB3-8C9F-091A69028167}) (Version: 1.00.28 - Creative Technology Limited)
Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com)
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version: - Sven Co-op Team)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualDJ 8 (HKLM-x32\...\{EA636980-2EDF-48BA-B6EF-C0C8E9869F80}) (Version: 8.1.2821.0 - Atomix Productions)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.00.0000 - GIGABYTE)
VTuner (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-2 - Wacom Technology Corp.)
Waves Complete V9r17 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.17 - Waves)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
World of Warcraft®: Cataclysm™ MMO Gaming Mouse (HKLM-x32\...\{B832F6BF-B53E-4A51-BD95-A1D5D956207C}) (Version: 1.01.0015 - SteelSeries)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-521393813-4001764701-2461359094-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-521393813-4001764701-2461359094-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\High Voltage\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {002CBE95-5503-4C93-972C-33E9CD59C2EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-13] (Microsoft Corporation)
Task: {2F35603C-BAEF-48AD-91D1-CE4F46D4F678} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {6A6ED352-A69F-461C-8BB5-AF283FE25526} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-23] (Microsoft Corporation)
Task: {78104A7C-9A46-4B87-B51F-0FE9E7E26DCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7C0C961E-4B99-4043-9B8D-0B9060D91E5B} - System32\Tasks\AdobeAAMUpdater-1.0-FurryOne-High Voltage => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {9F94C6A9-4C6D-4A91-BF32-B3C5F0A6F08D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {AB5D1B56-AFA8-49AE-A135-8D3C62D8FF59} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-13] (Microsoft Corporation)
Task: {BC2F76AC-C9EF-4DEF-AE1D-96D5BB668869} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {D08E9F24-51DF-4B4E-8609-6888FEDCFE62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {DDF9E5B9-74E1-481F-AFBC-B8FC404B78E8} - System32\Tasks\open to do list manager at login => C:\Users\High Voltage\AppData\Local\Wunderlist\Wunderlist.exe [2015-12-21] ()
Task: {E2340425-CCAE-4CFD-8A20-28CFF1553188} - System32\Tasks\{CFD7E9A0-81A6-460F-985C-651415DB1908} => pcalua.exe -a C:\Users\HIGHVO~1\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {EA2CE456-B06A-4125-8E58-3CF09B6C31BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {F46C7827-F938-4BB3-B963-37EB37507877} - \SoftPlanet Software Assistant -> No File <==== ATTENTION
Task: {FA0B9F9F-3766-4A5A-B56A-3ADED330BD5D} - System32\Tasks\{2B10BC2F-1A42-4AFD-8D73-E1486D0C3AE5} => pcalua.exe -a S:\Downloads\vs_community_ENU.exe -d S:\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-08 20:24 - 2016-01-22 21:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-08 20:58 - 2016-03-13 08:43 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-04-14 16:27 - 2015-04-14 16:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2014-07-18 00:12 - 2014-07-18 00:12 - 00034624 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe
2015-10-29 17:48 - 2015-10-29 17:48 - 00212152 _____ () C:\Program Files (x86)\Livedrive\VSSService.exe
2016-02-24 19:48 - 2016-03-23 21:25 - 08919232 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-03-24 02:19 - 2016-02-17 02:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-24 02:19 - 2016-02-17 02:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-01-08 20:31 - 2016-02-17 02:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-07 08:41 - 2016-02-07 08:41 - 00133496 _____ () C:\Program Files (x86)\proXPN\bin\proXPNService.exe
2016-01-11 23:10 - 2016-01-11 23:10 - 00015840 ____N () C:\Program Files\Shield\shdservps.dll
2015-10-16 06:02 - 2015-10-16 06:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-07-30 10:52 - 2015-07-30 10:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2016-02-07 08:41 - 2016-02-07 08:41 - 01538936 _____ () C:\Program Files (x86)\proXPN\bin\proXPN.exe
2016-03-26 22:32 - 2015-12-21 14:02 - 01349824 _____ () S:\Program Files\Tablet\Wacom\libxml2.dll
2014-01-21 14:36 - 2014-01-21 14:36 - 00015872 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
2014-02-26 20:22 - 2014-02-26 20:22 - 00107008 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
2016-01-20 21:20 - 2016-02-24 00:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-01-20 21:20 - 2016-02-24 00:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll
2011-09-14 18:12 - 2011-09-14 18:12 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll
2014-12-21 12:07 - 2014-12-21 12:07 - 00119822 _____ () C:\Program Files (x86)\proXPN\bin\libgcc_s_dw2-1.dll
2014-12-21 12:07 - 2014-12-21 12:07 - 01026062 _____ () C:\Program Files (x86)\proXPN\bin\libstdc++-6.dll
2016-03-26 22:41 - 2016-02-17 03:02 - 00020352 _____ () S:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-01-22 14:53 - 2014-01-22 14:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 11:47 - 2015-02-16 11:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-10-02 23:15 - 2015-10-02 23:15 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll
2016-01-04 08:35 - 2016-01-04 08:35 - 00175144 _____ () C:\Program Files (x86)\proXPN\bin\liblzo2-2.dll
2016-01-04 08:35 - 2016-01-04 08:35 - 00112736 _____ () C:\Program Files (x86)\proXPN\bin\libpkcs11-helper-1.dll
2016-03-28 01:33 - 2016-02-24 00:47 - 00110664 _____ () C:\Users\High Voltage\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-07-28 16:01 - 2014-07-28 16:01 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\SIV\MFCCPU.dll
2012-11-28 23:03 - 2012-11-28 23:03 - 00102400 _____ () C:\Program Files (x86)\Gigabyte\SIV\ycc.dll
2016-01-08 20:26 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-03-26 03:41 - 2016-03-07 22:48 - 01676440 _____ () S:\program files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-26 03:41 - 2016-03-07 22:48 - 00086168 _____ () S:\program files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll
2016-01-08 21:05 - 2016-02-09 21:17 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-08 21:05 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-08 21:05 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-08 21:05 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-08 21:05 - 2016-03-10 15:02 - 02547792 _____ () C:\Program Files (x86)\Steam\video.dll
2016-01-08 21:05 - 2016-02-08 19:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-08 21:05 - 2016-02-08 19:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-08 21:05 - 2016-02-08 19:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-08 21:05 - 2016-02-08 19:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-08 21:05 - 2016-02-08 19:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-08 21:05 - 2016-03-10 15:02 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 22:52 - 2016-02-17 18:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-01-08 21:05 - 2016-02-08 21:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2016-03-24 21:12 - 2016-03-21 16:17 - 17541312 _____ () C:\Users\High Voltage\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.197\pepflashplayer.dll
2014-06-24 17:08 - 2014-06-24 17:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-01-08 21:05 - 2015-09-24 19:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2014-03-25 14:14 - 2014-03-25 14:14 - 00105984 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ycc.dll
2014-07-09 14:15 - 2014-07-09 14:15 - 00311296 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCCPU.dll
2014-06-17 21:24 - 2014-06-17 21:24 - 00208896 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCSPD.dll
2014-07-31 12:51 - 2014-07-31 12:51 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\BDR_info.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-521393813-4001764701-2461359094-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\High Voltage\AppData\Local\DisplayFusion\Wallpaper_1.jpg
DNS Servers: 10.0.22.1 - 10.0.22.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Livedrive => "C:\Program Files (x86)\Livedrive\Livedrive.exe"
MSCONFIG\startupreg: proXPN => C:\Program Files (x86)\proXPN\bin\proXPN.exe
MSCONFIG\startupreg: Shield => "C:\Program Files\Shield\shdtray.exe"
MSCONFIG\startupreg: Sysinternals Desktops => S:\Downloads\Desktops\Desktops.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BF89B3F3-22C6-4D49-B4DF-85FFD4740136}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{124B10B7-D3C7-4515-B211-77881BA73568}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6A8AAE31-FB16-4B23-B886-58CBBD44E9CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B323B7A-2091-4583-AFFC-E9B14AD2D0CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{00D0D089-C2BD-4D3B-9E29-B87049A56509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F00B4D5D-E502-4042-93D1-DDFF4BF7E9A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57064F4B-0D50-48EA-9426-F67FC572ADD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AADC7AC5-611A-452A-BA4C-CDBF1BA9A283}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{13557F78-4D9E-40AB-9E24-9B73CF91046E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A73524F7-6E1F-40C9-A1C1-B1661C171A01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ACF0BB19-1454-4D0D-ACD7-81F547ECC620}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7E05965-06C7-45F8-9762-DB4A5F5342E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6C475C48-24A0-43D2-8451-C5F00B58E589}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{AAA96BBC-926B-4C3F-90DC-570A600ADE25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{B1DF043E-E58D-4F2B-AAD2-3C6F70F33F9C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E708EB7D-F789-421D-9F52-7B57C2052B50}] => (Allow) S:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6A5C9023-730D-4CB0-9E66-7FB6CBE22B79}] => (Allow) S:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BDA3358-9DE0-4BC4-A72A-BD5D2445A8EE}] => (Allow) S:\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{591C753F-F385-4758-B5B1-7A302481DE82}] => (Allow) S:\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{CEC1CB97-E914-4C2A-99CD-D8FC075DF55F}] => (Allow) S:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{1DD9884F-ED62-4B5D-A613-929B72E90F68}] => (Allow) S:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{818C53B9-B209-4B87-9074-5661C041D854}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{876D5EB2-0508-412D-B729-92C6A08F1502}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{54C18477-4B48-4CB0-B352-1735042D836B}] => (Allow) C:\Program Files\Shield\ShdServ.exe
FirewallRules: [{48791CBE-560A-45D6-80A1-ED970A9DBFC2}] => (Allow) C:\Program Files\Shield\ShdServ.exe
FirewallRules: [{7E947ADC-75DF-4F4B-8EA6-10E04C809678}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{8420F444-C2B0-460C-8BDB-6B76747D2802}] => (Allow) S:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{81D40491-7254-4557-AAE0-616D78203269}] => (Allow) S:\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{3FD65DED-3182-4E71-A3AC-BD4FA482A578}] => (Allow) S:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{CAE67296-6CBF-417E-8441-0A077A6EDECC}] => (Allow) S:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{E5632214-AE81-415D-ADFD-4F2F646750B0}] => (Allow) LPort=62194
FirewallRules: [{65924CFD-0D76-4648-8184-897D171E5445}] => (Allow) LPort=5000
FirewallRules: [{C41840D7-D5EF-4948-8C0A-1701D6AE3D7F}] => (Allow) S:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{5E6612C2-34B7-4745-8715-3A7F59680A11}] => (Allow) S:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{879190D4-19C4-4D93-9DAE-0590A831A118}] => (Allow) S:\Steam\steamapps\common\Carpe Diem\Carpe Diem.exe
FirewallRules: [{7D325525-1A98-4845-A3F7-8B1002E8B0D5}] => (Allow) S:\Steam\steamapps\common\Carpe Diem\Carpe Diem.exe
FirewallRules: [{6402193F-2973-479F-86F6-3D60EC306DA4}] => (Allow) S:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{D07426BE-C783-47C6-B4B0-613A97A2DB95}] => (Allow) S:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{00D15A6D-1A8C-4E3A-9314-0795841A0885}] => (Allow) S:\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{48FC4D76-905F-4C1D-8F6A-3ABCFAE9EBA8}] => (Allow) S:\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{5D735EC0-953C-4BEA-A5CB-7657A82956E9}] => (Allow) S:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7B698F85-12D5-4300-B120-B8314D2B7A21}] => (Allow) S:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4DB6CB34-4590-46C9-AE6C-793C156FF631}] => (Allow) S:\Steam\steamapps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [{A54DD0E5-440D-4331-BB95-F219EBA954C9}] => (Allow) S:\Steam\steamapps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [{BDAAFE0E-F2A4-49B7-A06E-59178DE3A00C}] => (Allow) S:\Steam\steamapps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{CBFE2A2D-B450-462F-B7C5-763248F618F6}] => (Allow) S:\Steam\steamapps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{DF6CE8AF-7A64-417B-A323-4F98F1F8EA4C}] => (Allow) S:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{195283FA-9251-491F-8512-FCB8ECDA9FA1}] => (Allow) S:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{5E9E37CC-EEC1-452A-A135-EDDBB6B6F6BB}] => (Allow) S:\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{462686CA-499D-4A00-9CE8-F31942C2DA7E}] => (Allow) S:\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{CB8C1E10-E92D-46F0-80BA-2A2F2E746741}] => (Allow) S:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AED01B1B-1D9C-4454-906D-95F6E699A76E}] => (Allow) S:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0D9CF8F-4167-4D1C-9449-07A5E3C445C6}] => (Allow) S:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{81EC976A-3EB8-4DF9-B3F2-5F9DF5F1F727}] => (Allow) S:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8F4754F5-D917-4B29-BA22-B60AAB1A681C}] => (Allow) S:\Steam\steamapps\common\X Rebirth\XRebirth.exe
FirewallRules: [{5FFBB35B-1875-4F2D-B265-17BFAFBF053D}] => (Allow) S:\Steam\steamapps\common\X Rebirth\XRebirth.exe
FirewallRules: [{CB73FFA7-CDF6-4572-898F-16BCF65B0BAC}] => (Allow) S:\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{00183C33-8976-4726-9EFE-01B55E9C566A}] => (Allow) S:\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{310AB31C-6F55-42F8-BD79-11DDA4CE65EE}] => (Allow) S:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{E08C8F6C-ED71-4AA7-B045-9DD8C2F969BC}] => (Allow) S:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{65359DD2-AB7E-4CE6-95FA-0F95FFD5EF37}] => (Allow) S:\Steam\steamapps\common\Sakura Santa\Sakura Santa.exe
FirewallRules: [{5D1D5D56-15BD-4815-B699-24F368EC058D}] => (Allow) S:\Steam\steamapps\common\Sakura Santa\Sakura Santa.exe
FirewallRules: [{759E6AE5-E091-440D-8207-C60038DECACA}] => (Allow) S:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{EAF7ADC3-71E9-4DA0-A53B-AEB7C9961128}] => (Allow) S:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{A6166039-87F8-4785-A210-00912919DF56}] => (Allow) S:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{C17F6113-C65F-44BC-B76B-865CF786BBE9}] => (Allow) S:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{2E8CEA00-2165-449D-8EF8-B4F36BBC7421}] => (Allow) S:\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{675A42CB-47E0-4583-96FE-0C5ABCDA9C8E}] => (Allow) S:\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{3BF7EAC5-8774-40AA-B0C6-9DD280EF3AEF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7C039784-059A-420F-8053-A24761F4E14B}] => (Allow) S:\Steam\steamapps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{2454B3A9-C4E9-4EEA-BEF5-9CEE8D522E41}] => (Allow) S:\Steam\steamapps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{A998AC5F-E643-4D52-863D-D33C9B7BACE4}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0167213E-E0CD-4F37-BEFD-8196F4EF3B74}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ABD4B5B7-533E-48A5-871F-CD6B048C7160}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{40C31196-363E-4F87-B2A1-21099A2EE13A}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FBFC85FF-2B61-491F-AC3E-F76C3257DC26}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D0DA9689-CC4D-4503-BFA6-6FB0F705CA33}] => (Allow) C:\Users\High Voltage\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D63CFFAB-7419-4014-AC1A-C921D07DCAF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AEA97FA4-C9D9-44BE-A2D6-92E7EC31CF55}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EC641314-3F1E-4527-8142-ADABB37C3863}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D42A868C-2015-42B6-968B-F31C2919FAA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F14D1F7-B4A2-4619-90BA-DAB915A84B57}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F9D2050C-EFE0-42A8-9C28-A7B21834D870}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{45BAE3CA-3D3C-4E1E-981D-47FA06D53595}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{7DC973CA-2554-41E8-868A-DA294669F70A}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{600B91E1-07BB-4CD9-AF10-3F30FA93A7B3}] => (Allow) LPort=1980
FirewallRules: [{967D41A8-C926-496D-9FF7-2E09C38FBB64}] => (Allow) LPort=1900
FirewallRules: [{8D26B342-01AA-4273-BDE1-F2DED1F5AF45}] => (Allow) LPort=1900
FirewallRules: [{FC576E7C-A8F1-4AB0-84F2-FC84FDDD04FB}] => (Allow) LPort=8356

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Linksys AE2500
Description: Linksys AE2500
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: H100iGTX Cooler
Description: H100iGTX Cooler
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================


System errors:
=============
Error: (03/28/2016 01:36:18 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}

Error: (03/28/2016 01:35:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (03/28/2016 01:35:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (03/28/2016 01:33:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
UsbCharger

Error: (03/28/2016 01:31:47 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/28/2016 01:31:47 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/28/2016 12:28:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/28/2016 12:09:29 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (03/28/2016 12:03:47 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Description with the following error:
%%5

Error: (03/28/2016 12:03:47 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5


CodeIntegrity:
===================================
Date: 2016-01-09 02:27:48.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-09 02:27:48.262
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-09 02:27:48.258
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-09 02:27:48.257
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:27.284
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:27.282
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:18.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:18.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:16.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-08 19:04:16.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 23%
Total physical RAM: 32593.82 MB
Available physical RAM: 24969.77 MB
Total Virtual: 65185.85 MB
Available Virtual: 56301.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:419.09 GB) (Free:167.33 GB) NTFS
Drive d: (Misc) (Fixed) (Total:74.5 GB) (Free:74.41 GB) NTFS
Drive k: (RECOVERY) (Fixed) (Total:29.8 GB) (Free:29.8 GB) FAT32
Drive l: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:546.85 GB) NTFS
Drive p: (Seagate Backup Plus Drive) (Fixed) (Total:4657.52 GB) (Free:3236.58 GB) NTFS
Drive r: (Seagate Backup Plus Drive) (Fixed) (Total:2794.51 GB) (Free:1398.67 GB) NTFS
Drive s: (Storage Pool) (Fixed) (Total:4284.81 GB) (Free:3688.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 48EB70D6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=419.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 0007130D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 90909090)
Partition 1: (Not Active) - (Size=74.5 GB) - (Type=42)

========================================================
Disk: 3 (Size: 74.5 GB) (Disk ID: 225DC720)

Partition: GPT.

========================================================
Disk: 4 (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7C8BB13C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: C8FEE771)
Partition 1: (Not Active) - (Size=186.3 GB) - (Type=42)

========================================================
Disk: 7 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=149 GB) - (Type=42)

========================================================
Disk: 12 (Size: 29.8 GB) (Disk ID: 2BF09178)

Partition: GPT.

========================================================
Disk: 13 (Size: 931.5 GB) (Disk ID: 4A332876)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 18.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 19.

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 04 April 2016 - 09:51 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:29 AM

Posted 04 April 2016 - 10:04 AM

Greetings mmd123 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

I am assuming you set the following IFEO, is that correct?

IFEO\taskmgr.exe: [Debugger] "S:\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE"

Though there is some clutter we can clean up there is no evidence of an active infection on your computer. I know you think you have a problem but what evidence are you seeing?

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Click Format and check Word Wrap
  • Please copy and paste the contents of the below code box into the open notepad and save it to your Desktop as fixlist.txt. If FRST.exe is not on your Deskptop please move it to that location. (<<<Important)
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-521393813-4001764701-2461359094-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-03-27 00:34 - 2016-03-27 00:34 - 00000000 __HDC C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}
2016-03-27 00:22 - 2016-03-27 00:22 - 00000000 __HDC C:\ProgramData\{78915E0A-25F8-47A2-9793-CEBC2D28F274}
2016-03-27 00:22 - 2016-03-27 00:22 - 00000000 __HDC C:\ProgramData\{6032CB49-DE54-4192-9F71-65859D0B544F}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{C693A367-F08F-4F42-A5DE-8996D6AC24F0}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{A9FC06D6-E75C-4DA2-B8D2-8D91C1A269C3}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{98F83ED2-DF89-465B-8EB3-F87E179CFA56}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{849C3EA7-6C44-4D64-BFD2-FC5AF841BE83}
2016-03-27 00:21 - 2016-03-27 00:21 - 00000000 __HDC C:\ProgramData\{7C702C5F-ADE3-4D28-9619-90BA76D4E1ED}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}
2016-03-27 00:20 - 2016-03-27 00:20 - 00000000 __HDC C:\ProgramData\{03697879-2B80-4810-9B4D-D8EF1EE777F0}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 __HDC C:\ProgramData\{0209395A-8E4A-48E1-A5E3-C830292F263C}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{786FEDEA-8E71-4900-8D2F-40933D86B376}
2016-03-27 00:19 - 2016-03-27 00:19 - 00000000 ___DC C:\ProgramData\{2FF04994-9599-464E-AD99-B09CBE2122AE}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{DFAB8828-7DA2-4573-A254-15D802A10A7E}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{B96A0118-1095-4E34-9C27-D87092B77F67}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{926BF989-2A51-492D-8A6A-E9D533417C34}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{727F248C-CA81-4A68-8E01-27236ED99D98}
2016-03-27 00:18 - 2016-03-27 00:18 - 00000000 ___DC C:\ProgramData\{1C7A6EB7-BED0-4444-B0DA-4BFDCF83C380}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 __HDC C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{A793ECF9-34FC-47F0-8CBE-0B3DEA468C01}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{5309003E-4102-4141-A0C9-7507F0E10F52}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}
2016-03-27 00:17 - 2016-03-27 00:17 - 00000000 ___DC C:\ProgramData\{1CCB05D7-901D-4CCB-816F-73AC0098D30A}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{499D67BC-046E-4931-8BFB-D5ABB500E67C}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}
2016-03-27 00:16 - 2016-03-27 00:16 - 00000000 ___DC C:\ProgramData\{0221FDDB-41E3-4971-AC93-5048F8D7CAAC}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{FB5C60A0-15D1-4DEF-A6EF-3366AC37909F}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{F036CC43-6BE8-4CBD-91C3-76F4BC8FFD6F}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{D53B5F71-B715-494C-AFD4-BB0C94C787E5}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{B54CEF12-4612-4E77-B06C-403C662468E7}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{A6377726-7317-464A-87EB-693294E9F383}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{6B991D2A-5E91-44B4-BE28-CFDCED1835AB}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7}
2016-03-27 00:15 - 2016-03-27 00:15 - 00000000 ___DC C:\ProgramData\{18869C94-495B-4D97-8C75-E405CF6509CB}
2016-03-27 00:14 - 2016-03-27 00:14 - 00000000 __HDC C:\ProgramData\{EFEC7DCC-2F91-4828-B49D-8506F9F0D9FF}
2016-03-27 00:14 - 2016-03-27 00:14 - 00000000 __HDC C:\ProgramData\{7AFFCFD3-F022-420B-8E87-BBAED1C983C8}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{F4C30B44-15B7-482B-8B80-38AA0AB0956A}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{AD7B6000-2063-4CF8-A07D-49A34A4164E7}
2016-03-27 00:13 - 2016-03-27 00:13 - 00000000 __HDC C:\ProgramData\{03149E88-061F-4C01-98FF-736811F5AEF5}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{F565CCC6-40E0-4D3B-A268-394489E1A288}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{BC4F73B4-86E2-45AA-A4F8-3D7C23012DDF}
2016-03-27 00:12 - 2016-03-27 00:12 - 00000000 __HDC C:\ProgramData\{831278B3-E363-4BCB-B754-70A9488477C9}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{E753D955-673D-4851-B06F-9A9D0C44C02C}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{87A1E31E-1C63-4A99-AEEA-EA57A3043C1D}
2016-03-27 00:11 - 2016-03-27 00:11 - 00000000 __HDC C:\ProgramData\{34163C5E-1AE4-49D8-B5F9-A3C2422AAB96}
2016-03-27 00:08 - 2016-03-27 00:08 - 00000000 __HDC C:\ProgramData\{B9F39E05-2A83-4A5C-873C-9004232BF507}
2016-03-27 00:07 - 2016-03-27 00:07 - 00000000 __HDC C:\ProgramData\{D8A99D59-FC0A-442D-AFE3-3ACD232C2D11}
2016-03-27 00:04 - 2016-03-27 00:04 - 00000000 __HDC C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}
2016-03-27 00:02 - 2016-03-27 00:02 - 00000000 __HDC C:\ProgramData\{5CCB3323-39AA-41ED-8599-AECD2B307327}
2016-03-27 00:01 - 2016-03-27 00:01 - 00000000 __HDC C:\ProgramData\{EC39AE66-34A3-419D-BCB8-29619DA92C37}
2016-03-27 00:01 - 2016-03-27 00:01 - 00000000 __HDC C:\ProgramData\{54946576-BA75-44B8-B88E-CA765E921188}
2016-03-26 23:55 - 2016-03-26 23:55 - 00000000 __HDC C:\ProgramData\{E2A3D3D3-946E-4752-90FB-AF37CC248734}
2016-03-26 23:53 - 2016-03-27 02:25 - 00000000 __HDC C:\ProgramData\{F92C204F-6C39-4D56-B100-EC929C871966}
2016-03-26 23:40 - 2016-03-26 23:40 - 00000000 __HDC C:\ProgramData\{F498FDAE-BA77-4B5C-8DB3-889B3AD5E273}
2016-03-26 23:40 - 2016-03-26 23:40 - 00000000 __HDC C:\ProgramData\{DE521B66-DEF0-47C8-889C-6F9CD6F36CEB}
2016-03-26 23:39 - 2016-03-26 23:39 - 00000000 __HDC C:\ProgramData\{0E6B114B-EAAB-4EE8-9ED4-AB156948B2E0}
2016-03-26 23:38 - 2016-03-26 23:38 - 00000000 __HDC C:\ProgramData\{9C964661-2E2A-47A7-848E-D45FCF01A2C2}
Task: {F46C7827-F938-4BB3-B963-37EB37507877} - \SoftPlanet Software Assistant
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:29 AM

Posted 07 April 2016 - 09:05 AM

Greetings,

===================================================

3 Day Bump

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,731 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:29 AM

Posted 09 April 2016 - 11:14 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users