Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Name Not Available" in Volume Mixer - Win10


  • This topic is locked This topic is locked
5 replies to this topic

#1 deltahydra

deltahydra

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 01 July 2016 - 06:30 AM

Starting from yesterday, I happened to notice 2 "Name Not Available" in the volume mixer. I can't say I've noticed them playing sound and a search from others with the problem has led me to believe of a possible infection.

 

My operating system is Win 10 (64 bit).

 

I've attempted scans with Malwarebytes and Avast but nothing shows up.

Is this an infection or an innocent system setting?

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Dominic (administrator) on DOMINIC-PC (02-07-2016 11:00:17)
Running from C:\Users\Dominic\Desktop
Loaded Profiles: Dominic (Available Profiles: Dominic)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GSS\SteamCmd\steamcmd.exe
(Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GSS\SteamCmd\steamcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Flux Software LLC) C:\Users\Dominic\AppData\Local\FluxSoftware\Flux\flux.exe
(Nota Inc.) D:\Program Files (x86)\Gyazo\GyStation.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Hammer & Chisel, Inc.) C:\Users\Dominic\AppData\Local\Discord\app-0.0.291\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dominic\AppData\Local\Discord\app-0.0.291\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dominic\AppData\Local\Discord\app-0.0.291\Discord.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2015-11-10] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8801024 2016-04-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-30] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24105936 2016-06-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => D:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-04-28] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-05-24] (Razer Inc.)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [f.lux] => C:\Users\Dominic\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [Gyazo] => D:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-02-13] (Microsoft Corporation)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\RunOnce: [Uninstall C:\Users\Dominic\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dominic\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\MountPoints2: {d9eedf09-179b-11e6-89ca-965795f391f3} - "F:\Startup.exe"
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-06-09]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-05-01]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2d98fe72-8ba5-49a1-8f9b-51534187840c}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> D:\Program Files (x86)\Java\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> D:\Program Files (x86)\Java\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2709053559-2648078404-3121106168-1001: sony.com/MediaGoDetector -> D:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\searchplugins\google-avast.xml [2016-06-03]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-05-01]
FF Extension: Adblock Plus - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "D:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 jswpsapi; D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2014-02-25] (Wireless) [File not signed]
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSI_LiveUpdate_Service; D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2248144 2016-04-28] (Micro-Star INT'L CO., LTD.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3849520 2015-12-17] (INCA Internet Co., Ltd.)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-29] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-29] (AVAST Software)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-02] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [40568 2015-10-02] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [51400 2016-05-27] (SteelSeries ApS)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 10:59 - 2016-07-02 11:00 - 00000000 ____D C:\FRST
2016-07-02 10:50 - 2016-07-02 11:00 - 00023111 _____ C:\Users\Dominic\Desktop\FRST.txt
2016-07-02 10:44 - 2016-07-02 10:44 - 02390016 _____ (Farbar) C:\Users\Dominic\Desktop\FRST64.exe
2016-07-01 16:42 - 2016-07-01 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-01 12:01 - 2016-07-02 10:40 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 12:01 - 2016-07-01 16:41 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-01 12:01 - 2016-07-01 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-01 12:01 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-01 12:01 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-01 11:55 - 2016-07-01 11:55 - 00161790 _____ C:\Users\Dominic\Desktop\cc_20160701_115538.reg
2016-06-30 23:42 - 2016-06-30 23:42 - 00000000 _____ C:\Users\Dominic\AppData\Local\{B0F2B02F-FF46-42E9-91FD-0249DABC9D4B}
2016-06-30 23:42 - 2016-06-29 17:11 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-30 23:34 - 2016-07-01 11:54 - 00000000 ____D C:\Users\Dominic\AppData\Local\CrashDumps
2016-06-30 23:03 - 2016-06-30 23:03 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-30 23:01 - 2016-06-30 23:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-30 14:53 - 2016-06-30 23:34 - 00000000 ____D C:\Users\Dominic\AppData\Local\Rockstar Games
2016-06-30 14:52 - 2016-06-30 23:34 - 00000000 ____D C:\Users\Dominic\Documents\Rockstar Games
2016-06-30 14:52 - 2016-06-30 14:53 - 00000000 ____D C:\Program Files\Rockstar Games
2016-06-30 14:52 - 2016-06-30 14:53 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-29 17:11 - 2016-06-29 17:11 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-29 17:11 - 2016-04-30 16:51 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A52.tmp
2016-06-29 17:11 - 2016-04-30 16:45 - 00161760 _____ (AVAST Software) C:\Windows\system32\Drivers\ngv50C3.tmp
2016-06-29 17:11 - 2016-04-30 16:45 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A53.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A54.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A69.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A6A.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A6B.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A57.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A55.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A58.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A56.tmp
2016-06-28 21:45 - 2016-06-28 21:45 - 00000000 ____D C:\Users\Dominic\Documents\Klei
2016-06-27 23:46 - 2016-06-27 23:50 - 00000000 ____D C:\Users\Dominic\AppData\Local\SniperV2
2016-06-27 16:20 - 2016-06-27 16:20 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\previewer
2016-06-27 14:40 - 2016-06-27 17:00 - 00000132 _____ C:\Users\Dominic\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-06-27 13:29 - 2016-06-27 15:18 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Quixel SUITE
2016-06-27 13:29 - 2016-06-27 13:30 - 00000000 ____D C:\ProgramData\Quixel SUITE
2016-06-27 13:29 - 2016-06-27 13:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\Quixel
2016-06-27 13:28 - 2016-06-27 13:28 - 00001209 _____ C:\Users\Public\Desktop\Quixel SUITE 2.0.lnk
2016-06-27 13:28 - 2016-06-27 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quixel SUITE 2.0
2016-06-27 13:26 - 2016-06-27 13:28 - 00000000 ____D C:\Program Files\Quixel SUITE 2.0
2016-06-26 17:45 - 2016-06-26 17:45 - 00000000 ____D C:\Users\Dominic\AppData\Local\CrashReportClient
2016-06-26 17:38 - 2016-06-26 17:38 - 00000000 ____D C:\Users\Dominic\Documents\Unreal Projects
2016-06-26 17:38 - 2016-06-26 17:38 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Unreal Engine
2016-06-26 17:18 - 2016-06-26 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.Orgaz
2016-06-25 17:14 - 2016-06-25 21:59 - 00000000 ____D C:\Users\Dominic\Desktop\.mayaSwatches
2016-06-25 12:35 - 2016-06-26 10:59 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\vlc
2016-06-25 12:35 - 2016-06-25 12:35 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-06-25 01:00 - 2016-06-25 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 11:17 - 2016-06-25 13:40 - 00000000 ____D C:\Users\Dominic\Desktop\Y1Animation
2016-06-24 11:16 - 2016-06-24 11:16 - 252009833 _____ C:\Users\Dominic\Desktop\1517 (1517) - Y1-Animation Practical Assignment - 1st Submission-145613.zip
2016-06-23 10:48 - 2016-06-24 11:44 - 01335638 _____ C:\Users\Dominic\Desktop\Storyboard.pdf
2016-06-22 22:03 - 2016-06-22 22:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-22 15:56 - 2016-06-22 15:56 - 00009944 _____ C:\Users\Dominic\Desktop\Y2AnimationGrades1stAttempt.xlsx
2016-06-19 19:29 - 2016-06-19 19:36 - 00000000 ____D C:\Users\Dominic\Documents\Witcher 2
2016-06-19 19:29 - 2016-06-19 19:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\The Witcher 2
2016-06-18 14:21 - 2016-06-18 14:21 - 00001071 _____ C:\Users\Public\Desktop\DVSA Car Theory Test DVD.lnk
2016-06-18 14:21 - 2016-06-18 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVSA Car Theory Test
2016-06-18 12:14 - 2016-06-18 12:14 - 00001719 _____ C:\Users\Public\Desktop\Media Go.lnk
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\Users\Dominic\AppData\Local\Sony
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-18 12:13 - 2016-06-18 12:14 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Sony
2016-06-18 12:13 - 2016-06-18 12:14 - 00000000 ____D C:\Program Files (x86)\Sony Media Go Install
2016-06-17 18:47 - 2016-06-17 18:47 - 00299144 _____ C:\Users\Dominic\Desktop\Unit_67_3D_Animation.pdf
2016-06-17 15:38 - 2016-06-19 15:28 - 00000000 ____D C:\Users\Dominic\Desktop\Animation
2016-06-17 15:37 - 2016-06-17 15:37 - 171449056 _____ C:\Users\Dominic\Desktop\1517 (1416) - Y2-Animation Practical Submission - 1st Submission-133088(2).zip
2016-06-15 17:05 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 17:05 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-15 17:05 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 17:05 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-15 17:05 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-15 17:05 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-15 17:05 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 17:05 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 17:05 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 17:05 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 17:05 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-15 17:05 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 17:05 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 17:05 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-15 17:05 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-15 17:05 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 17:05 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 17:05 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 17:05 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 17:05 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 17:05 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-15 17:05 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 17:05 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 17:05 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 17:05 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 17:05 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 17:05 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 17:05 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 17:05 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 17:05 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-15 17:05 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 17:05 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 17:05 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-15 17:05 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-15 17:05 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-15 17:05 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 17:05 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 17:05 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-15 17:05 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-15 17:05 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 17:05 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 17:05 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 17:05 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-15 17:05 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-15 17:05 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-15 17:05 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-15 17:05 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 17:05 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-15 17:05 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 17:05 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 17:05 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-15 17:05 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 17:05 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 17:05 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 17:05 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 17:05 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 17:05 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-15 17:05 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-15 17:05 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 17:05 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 17:05 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-15 17:05 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-15 17:05 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 17:05 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-15 17:05 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 17:15 - 2016-06-30 23:01 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\MPC-HC
2016-06-14 17:14 - 2016-06-14 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-06-12 11:24 - 2016-06-12 11:24 - 00000000 ____D C:\Users\Dominic\AppData\Local\RzStats
2016-06-12 09:00 - 2016-06-12 09:00 - 00000000 ____D C:\Users\Dominic\AppData\Local\TheGuardian
2016-06-10 11:34 - 2016-06-10 11:34 - 00001684 _____ C:\Users\Dominic\AppData\Local\recently-used.xbel
2016-06-09 20:55 - 2015-12-14 22:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-06-09 20:55 - 2015-09-22 22:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-06-09 20:52 - 2016-06-09 20:57 - 00000000 ____D C:\Users\Dominic\AppData\Local\Razer
2016-06-09 20:52 - 2016-06-09 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-06-09 09:01 - 2016-06-09 16:03 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Synthesia
2016-06-07 04:08 - 2016-06-07 04:08 - 00015816 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
2016-06-03 18:55 - 2016-06-03 19:45 - 00000000 ____D C:\Users\Dominic\.ngplant

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 10:59 - 2016-04-30 19:54 - 00000932 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-02 10:50 - 2016-04-30 19:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-02 10:50 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF
2016-07-02 10:48 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 10:48 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-02 10:41 - 2016-05-01 00:29 - 00526056 _____ C:\Windows\system32\perfh011.dat
2016-07-02 10:41 - 2016-05-01 00:29 - 00142792 _____ C:\Windows\system32\perfc011.dat
2016-07-02 10:41 - 2016-04-30 23:03 - 01531668 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-02 10:40 - 2016-04-30 20:16 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-02 10:40 - 2016-04-30 19:54 - 00000928 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-02 01:26 - 2016-04-30 20:16 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 01:00 - 2016-04-30 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 01:00 - 2016-02-13 18:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-02 01:00 - 2016-02-13 18:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-02 00:59 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-02 00:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\NDF
2016-07-01 23:57 - 2016-04-30 19:14 - 00000000 ____D C:\Users\Dominic\AppData\Local\Battle.net
2016-07-01 17:17 - 2016-04-30 19:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-01 12:08 - 2016-05-11 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-06-30 23:43 - 2016-04-30 16:46 - 00004010 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462031162
2016-06-30 23:43 - 2016-04-30 16:46 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-30 23:42 - 2016-04-30 16:51 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-06-30 23:42 - 2016-04-30 16:44 - 00004004 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-30 23:41 - 2016-05-19 13:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-30 23:41 - 2016-05-03 16:29 - 00000000 ____D C:\Users\Dominic\Documents\Overwatch
2016-06-30 23:41 - 2016-05-01 00:48 - 00000000 ____D C:\ProgramData\FLEXnet
2016-06-30 23:41 - 2016-04-30 19:42 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Skype
2016-06-30 23:41 - 2016-04-30 19:13 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Battle.net
2016-06-30 23:41 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic
2016-06-30 23:41 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\security
2016-06-30 23:41 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration
2016-06-30 23:03 - 2016-05-11 18:01 - 00000000 ____D C:\Users\Dominic\AppData\Local\ElevatedDiagnostics
2016-06-29 17:11 - 2016-04-30 16:51 - 00572120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-06-29 17:11 - 2016-04-30 16:45 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146721669829602
2016-06-29 17:11 - 2016-04-30 16:44 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid(27).sys
2016-06-26 17:49 - 2016-05-30 19:22 - 00624321 _____ C:\Users\Dominic\Desktop\PSO2GateArea.ma
2016-06-26 17:38 - 2016-04-30 21:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\UnrealEngine
2016-06-26 17:18 - 2016-05-08 16:55 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-26 17:18 - 2016-04-30 21:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-26 17:15 - 2016-04-30 21:29 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-06-26 11:32 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic\AppData\Local\Packages
2016-06-26 10:59 - 2016-05-02 20:27 - 00000000 ____D C:\tmp
2016-06-25 01:00 - 2016-04-30 19:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-23 19:45 - 2016-05-01 00:34 - 00000000 ____D C:\Users\Dominic\AppData\Local\Adobe
2016-06-23 03:30 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI(34)
2016-06-22 16:15 - 2016-04-30 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-22 16:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 22:39 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Adobe
2016-06-19 19:30 - 2016-05-15 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-06-19 19:29 - 2016-05-01 17:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-19 11:51 - 2016-04-30 19:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-19 11:51 - 2016-04-30 19:42 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 16:57 - 2016-04-30 21:25 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2016-06-17 09:35 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-16 09:21 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache
2016-06-16 00:25 - 2016-02-13 10:23 - 04919088 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\en-GB
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-15 18:08 - 2016-04-30 19:09 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 18:06 - 2016-04-30 19:09 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 11:18 - 2016-04-30 23:09 - 00000000 ____D C:\Program Files (x86)\Razer
2016-06-09 20:59 - 2016-05-01 14:41 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\steelseries-engine-3-client
2016-06-09 20:55 - 2016-04-30 23:09 - 00000000 ____D C:\ProgramData\Razer
2016-06-09 17:59 - 2016-05-01 14:41 - 00000000 ____D C:\Windows\Cnxt
2016-06-09 09:11 - 2016-05-04 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-03 21:35 - 2016-04-30 19:46 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-06-03 21:35 - 2016-04-30 19:46 - 00000000 ____D C:\Users\Dominic\AppData\Local\Discord
2016-06-03 21:34 - 2016-04-30 19:46 - 00000000 ____D C:\Users\Dominic\AppData\Local\SquirrelTemp
2016-06-03 12:38 - 2016-05-06 15:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-03 00:52 - 2016-04-30 19:08 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

==================== Files in the root of some directories =======

2016-05-15 15:53 - 2016-05-15 15:53 - 0000132 _____ () C:\Users\Dominic\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-27 14:40 - 2016-06-27 17:00 - 0000132 _____ () C:\Users\Dominic\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-06-10 11:34 - 2016-06-10 11:34 - 0001684 _____ () C:\Users\Dominic\AppData\Local\recently-used.xbel
2016-06-30 23:42 - 2016-06-30 23:42 - 0000000 _____ () C:\Users\Dominic\AppData\Local\{B0F2B02F-FF46-42E9-91FD-0249DABC9D4B}
2016-05-11 18:20 - 2016-05-11 18:23 - 0000041 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-23 20:37

==================== End of FRST.txt ============================

Attached Files


Edited by deltahydra, 02 July 2016 - 05:04 AM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 PM

Posted 06 July 2016 - 06:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/618715 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 deltahydra

deltahydra
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 06 July 2016 - 11:20 AM

Issues still the same as original post.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Dominic (administrator) on DOMINIC-PC (06-07-2016 17:19:30)
Running from C:\Users\Dominic\Desktop
Loaded Profiles: Dominic (Available Profiles: Dominic)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Micro-Star INT'L CO., LTD.) D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GSS\SteamCmd\steamcmd.exe
(Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GSS\SteamCmd\steamcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Malwarebytes) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Dominic\AppData\Local\FluxSoftware\Flux\flux.exe
(Nota Inc.) D:\Program Files (x86)\Gyazo\GyStation.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Dominic\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2015-11-10] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8801024 2016-04-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-30] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24105936 2016-06-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Live Update] => D:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-04-28] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-05-24] (Razer Inc.)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [f.lux] => C:\Users\Dominic\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [Gyazo] => D:\Program Files (x86)\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-02-13] (Microsoft Corporation)
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\RunOnce: [Uninstall C:\Users\Dominic\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dominic\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2709053559-2648078404-3121106168-1001\...\MountPoints2: {d9eedf09-179b-11e6-89ca-965795f391f3} - "F:\Startup.exe"
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-06-09]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2016-05-01]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2d98fe72-8ba5-49a1-8f9b-51534187840c}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> D:\Program Files (x86)\Java\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> D:\Program Files (x86)\Java\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2709053559-2648078404-3121106168-1001: sony.com/MediaGoDetector -> D:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\searchplugins\google-avast.xml [2016-06-03]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-05-01]
FF Extension: Adblock Plus - C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "D:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-06-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 jswpsapi; D:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2014-02-25] (Wireless) [File not signed]
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSI_LiveUpdate_Service; D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2248144 2016-04-28] (Micro-Star INT'L CO., LTD.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3849520 2015-12-17] (INCA Internet Co., Ltd.)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-29] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-29] (AVAST Software)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 KillerEth; C:\Windows\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 nvoclk64; C:\Windows\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [40568 2015-10-02] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [51400 2016-05-27] (SteelSeries ApS)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 17:19 - 2016-07-06 17:19 - 00022633 _____ C:\Users\Dominic\Desktop\FRST.txt
2016-07-06 16:54 - 2016-07-06 16:55 - 02390016 _____ (Farbar) C:\Users\Dominic\Desktop\FRST64.exe
2016-07-03 22:13 - 2016-07-03 22:13 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Voices from the Sea - Steam
2016-07-02 13:11 - 2016-07-02 13:13 - 00000000 ____D C:\Users\Dominic\AppData\Local\Sniper3
2016-07-02 10:59 - 2016-07-06 17:19 - 00000000 ____D C:\FRST
2016-07-01 16:42 - 2016-07-01 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-01 12:01 - 2016-07-06 17:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 12:01 - 2016-07-01 16:41 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-01 12:01 - 2016-07-01 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-01 12:01 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-01 12:01 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-01 11:55 - 2016-07-01 11:55 - 00161790 _____ C:\Users\Dominic\Desktop\cc_20160701_115538.reg
2016-06-30 23:42 - 2016-06-30 23:42 - 00000000 _____ C:\Users\Dominic\AppData\Local\{B0F2B02F-FF46-42E9-91FD-0249DABC9D4B}
2016-06-30 23:42 - 2016-06-29 17:11 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-30 23:34 - 2016-07-01 11:54 - 00000000 ____D C:\Users\Dominic\AppData\Local\CrashDumps
2016-06-30 23:03 - 2016-06-30 23:03 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-30 23:01 - 2016-06-30 23:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-30 14:53 - 2016-06-30 23:34 - 00000000 ____D C:\Users\Dominic\AppData\Local\Rockstar Games
2016-06-30 14:52 - 2016-06-30 23:34 - 00000000 ____D C:\Users\Dominic\Documents\Rockstar Games
2016-06-30 14:52 - 2016-06-30 14:53 - 00000000 ____D C:\Program Files\Rockstar Games
2016-06-30 14:52 - 2016-06-30 14:53 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-29 17:11 - 2016-06-29 17:11 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-29 17:11 - 2016-04-30 16:51 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A52.tmp
2016-06-29 17:11 - 2016-04-30 16:45 - 00161760 _____ (AVAST Software) C:\Windows\system32\Drivers\ngv50C3.tmp
2016-06-29 17:11 - 2016-04-30 16:45 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A53.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A54.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A69.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A6A.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A6B.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A57.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A55.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A58.tmp
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3A56.tmp
2016-06-28 21:45 - 2016-06-28 21:45 - 00000000 ____D C:\Users\Dominic\Documents\Klei
2016-06-27 23:46 - 2016-06-27 23:50 - 00000000 ____D C:\Users\Dominic\AppData\Local\SniperV2
2016-06-27 16:20 - 2016-06-27 16:20 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\previewer
2016-06-27 14:40 - 2016-06-27 17:00 - 00000132 _____ C:\Users\Dominic\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-06-27 13:29 - 2016-06-27 15:18 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Quixel SUITE
2016-06-27 13:29 - 2016-06-27 13:30 - 00000000 ____D C:\ProgramData\Quixel SUITE
2016-06-27 13:29 - 2016-06-27 13:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\Quixel
2016-06-27 13:28 - 2016-06-27 13:28 - 00001209 _____ C:\Users\Public\Desktop\Quixel SUITE 2.0.lnk
2016-06-27 13:28 - 2016-06-27 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quixel SUITE 2.0
2016-06-27 13:26 - 2016-06-27 13:28 - 00000000 ____D C:\Program Files\Quixel SUITE 2.0
2016-06-26 17:45 - 2016-06-26 17:45 - 00000000 ____D C:\Users\Dominic\AppData\Local\CrashReportClient
2016-06-26 17:38 - 2016-06-26 17:38 - 00000000 ____D C:\Users\Dominic\Documents\Unreal Projects
2016-06-26 17:38 - 2016-06-26 17:38 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Unreal Engine
2016-06-26 17:18 - 2016-06-26 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.Orgaz
2016-06-25 17:14 - 2016-06-25 21:59 - 00000000 ____D C:\Users\Dominic\Desktop\.mayaSwatches
2016-06-25 12:35 - 2016-06-26 10:59 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\vlc
2016-06-25 12:35 - 2016-06-25 12:35 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-06-25 01:00 - 2016-06-25 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 11:17 - 2016-06-25 13:40 - 00000000 ____D C:\Users\Dominic\Desktop\Y1Animation
2016-06-24 11:16 - 2016-06-24 11:16 - 252009833 _____ C:\Users\Dominic\Desktop\1517 (1517) - Y1-Animation Practical Assignment - 1st Submission-145613.zip
2016-06-23 10:48 - 2016-06-24 11:44 - 01335638 _____ C:\Users\Dominic\Desktop\Storyboard.pdf
2016-06-22 22:03 - 2016-06-22 22:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-22 15:56 - 2016-06-22 15:56 - 00009944 _____ C:\Users\Dominic\Desktop\Y2AnimationGrades1stAttempt.xlsx
2016-06-19 19:29 - 2016-06-19 19:36 - 00000000 ____D C:\Users\Dominic\Documents\Witcher 2
2016-06-19 19:29 - 2016-06-19 19:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\The Witcher 2
2016-06-18 14:21 - 2016-06-18 14:21 - 00001071 _____ C:\Users\Public\Desktop\DVSA Car Theory Test DVD.lnk
2016-06-18 14:21 - 2016-06-18 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVSA Car Theory Test
2016-06-18 12:14 - 2016-06-18 12:14 - 00001719 _____ C:\Users\Public\Desktop\Media Go.lnk
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\Users\Dominic\AppData\Local\Sony
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-06-18 12:14 - 2016-06-18 12:14 - 00000000 ____D C:\Program Files (x86)\Sony
2016-06-18 12:13 - 2016-06-18 12:14 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Sony
2016-06-18 12:13 - 2016-06-18 12:14 - 00000000 ____D C:\Program Files (x86)\Sony Media Go Install
2016-06-17 18:47 - 2016-06-17 18:47 - 00299144 _____ C:\Users\Dominic\Desktop\Unit_67_3D_Animation.pdf
2016-06-17 15:38 - 2016-06-19 15:28 - 00000000 ____D C:\Users\Dominic\Desktop\Animation
2016-06-17 15:37 - 2016-06-17 15:37 - 171449056 _____ C:\Users\Dominic\Desktop\1517 (1416) - Y2-Animation Practical Submission - 1st Submission-133088(2).zip
2016-06-15 17:05 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 17:05 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 17:05 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-15 17:05 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 17:05 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-15 17:05 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-15 17:05 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-15 17:05 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-15 17:05 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 17:05 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 17:05 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 17:05 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 17:05 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-15 17:05 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 17:05 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 17:05 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-15 17:05 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 17:05 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-15 17:05 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 17:05 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 17:05 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 17:05 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 17:05 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 17:05 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-15 17:05 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 17:05 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 17:05 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 17:05 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 17:05 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 17:05 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 17:05 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 17:05 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 17:05 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 17:05 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-15 17:05 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 17:05 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-15 17:05 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 17:05 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-15 17:05 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-15 17:05 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-15 17:05 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 17:05 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 17:05 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 17:05 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-15 17:05 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-15 17:05 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 17:05 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 17:05 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 17:05 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-15 17:05 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-15 17:05 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-15 17:05 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-15 17:05 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-15 17:05 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-15 17:05 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 17:05 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-15 17:05 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 17:05 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 17:05 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 17:05 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-15 17:05 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-15 17:05 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-15 17:05 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-15 17:05 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 17:05 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-15 17:05 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-15 17:05 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 17:05 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 17:05 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 17:05 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 17:05 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 17:05 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 17:05 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 17:05 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-15 17:05 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 17:05 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 17:05 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-15 17:05 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-15 17:05 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 17:05 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-15 17:05 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-15 17:05 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-15 17:05 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-15 17:05 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 17:05 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-15 17:05 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 17:05 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 17:05 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-15 17:05 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-15 17:05 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-15 17:05 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 17:05 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-15 17:05 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 17:15 - 2016-06-30 23:01 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\MPC-HC
2016-06-14 17:14 - 2016-06-14 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-06-12 11:24 - 2016-06-12 11:24 - 00000000 ____D C:\Users\Dominic\AppData\Local\RzStats
2016-06-12 09:00 - 2016-06-12 09:00 - 00000000 ____D C:\Users\Dominic\AppData\Local\TheGuardian
2016-06-10 11:34 - 2016-06-10 11:34 - 00001684 _____ C:\Users\Dominic\AppData\Local\recently-used.xbel
2016-06-09 20:55 - 2015-12-14 22:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-06-09 20:55 - 2015-09-22 22:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-06-09 20:52 - 2016-06-09 20:57 - 00000000 ____D C:\Users\Dominic\AppData\Local\Razer
2016-06-09 20:52 - 2016-06-09 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-06-09 09:01 - 2016-06-09 16:03 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Synthesia
2016-06-07 04:08 - 2016-06-07 04:08 - 00015816 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 17:19 - 2016-04-30 19:27 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-06 17:17 - 2016-05-06 15:47 - 00000000 ____D C:\ProgramData\Adobe
2016-07-06 17:17 - 2016-05-06 15:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-06 17:17 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Adobe
2016-07-06 17:16 - 2016-05-15 12:45 - 00000000 ____D C:\Program Files\Adobe
2016-07-06 17:16 - 2016-05-01 00:34 - 00000000 ____D C:\Users\Dominic\AppData\Local\Adobe
2016-07-06 16:59 - 2016-04-30 19:54 - 00000932 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-06 16:56 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness
2016-07-06 16:51 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-06 16:50 - 2016-04-30 20:16 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 16:50 - 2016-04-30 19:54 - 00000928 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-05 23:26 - 2016-04-30 20:16 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 22:04 - 2016-04-30 19:14 - 00000000 ____D C:\Users\Dominic\AppData\Local\Battle.net
2016-07-05 15:24 - 2016-04-30 19:42 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Skype
2016-07-05 15:23 - 2016-04-30 19:42 - 00000000 ____D C:\ProgramData\Skype
2016-07-05 15:23 - 2016-04-30 19:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-04 21:13 - 2016-05-01 00:29 - 00526056 _____ C:\Windows\system32\perfh011.dat
2016-07-04 21:13 - 2016-05-01 00:29 - 00142792 _____ C:\Windows\system32\perfc011.dat
2016-07-04 21:13 - 2016-04-30 23:03 - 01531668 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-04 21:13 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF
2016-07-04 18:22 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic\AppData\Local\Packages
2016-07-04 00:01 - 2016-04-30 16:13 - 00000000 ____D C:\Users\Dominic
2016-07-02 01:00 - 2016-04-30 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 01:00 - 2016-02-13 18:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-02 01:00 - 2016-02-13 18:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-02 00:59 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-02 00:58 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\NDF
2016-07-01 12:08 - 2016-05-11 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-06-30 23:43 - 2016-04-30 16:46 - 00004010 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462031162
2016-06-30 23:43 - 2016-04-30 16:46 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-30 23:42 - 2016-04-30 16:51 - 00001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-06-30 23:42 - 2016-04-30 16:44 - 00004004 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-30 23:41 - 2016-05-19 13:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-30 23:41 - 2016-05-03 16:29 - 00000000 ____D C:\Users\Dominic\Documents\Overwatch
2016-06-30 23:41 - 2016-05-01 00:48 - 00000000 ____D C:\ProgramData\FLEXnet
2016-06-30 23:41 - 2016-04-30 19:13 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Battle.net
2016-06-30 23:41 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\security
2016-06-30 23:41 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration
2016-06-30 23:03 - 2016-05-11 18:01 - 00000000 ____D C:\Users\Dominic\AppData\Local\ElevatedDiagnostics
2016-06-29 17:11 - 2016-04-30 16:51 - 00572120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-06-29 17:11 - 2016-04-30 16:45 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146721669829602
2016-06-29 17:11 - 2016-04-30 16:44 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-29 17:11 - 2016-04-30 16:44 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid(27).sys
2016-06-26 17:49 - 2016-05-30 19:22 - 00624321 _____ C:\Users\Dominic\Desktop\PSO2GateArea.ma
2016-06-26 17:38 - 2016-04-30 21:29 - 00000000 ____D C:\Users\Dominic\AppData\Local\UnrealEngine
2016-06-26 17:18 - 2016-05-08 16:55 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-26 17:18 - 2016-04-30 21:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-26 17:15 - 2016-04-30 21:29 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-06-26 10:59 - 2016-05-02 20:27 - 00000000 ____D C:\tmp
2016-06-25 01:00 - 2016-04-30 19:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-23 03:30 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI(34)
2016-06-22 16:15 - 2016-04-30 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-22 16:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-19 19:30 - 2016-05-15 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-06-19 19:29 - 2016-05-01 17:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-19 11:51 - 2016-04-30 19:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 16:57 - 2016-04-30 21:25 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2016-06-17 09:35 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-16 09:21 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache
2016-06-16 00:25 - 2016-02-13 10:23 - 04919088 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\en-GB
2016-06-16 00:00 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-15 18:08 - 2016-04-30 19:09 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 18:06 - 2016-04-30 19:09 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 11:18 - 2016-04-30 23:09 - 00000000 ____D C:\Program Files (x86)\Razer
2016-06-09 20:59 - 2016-05-01 14:41 - 00000000 ____D C:\Users\Dominic\AppData\Roaming\steelseries-engine-3-client
2016-06-09 20:55 - 2016-04-30 23:09 - 00000000 ____D C:\ProgramData\Razer
2016-06-09 17:59 - 2016-05-01 14:41 - 00000000 ____D C:\Windows\Cnxt
2016-06-09 09:11 - 2016-05-04 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Files in the root of some directories =======

2016-05-15 15:53 - 2016-05-15 15:53 - 0000132 _____ () C:\Users\Dominic\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-27 14:40 - 2016-06-27 17:00 - 0000132 _____ () C:\Users\Dominic\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-06-10 11:34 - 2016-06-10 11:34 - 0001684 _____ () C:\Users\Dominic\AppData\Local\recently-used.xbel
2016-06-30 23:42 - 2016-06-30 23:42 - 0000000 _____ () C:\Users\Dominic\AppData\Local\{B0F2B02F-FF46-42E9-91FD-0249DABC9D4B}
2016-05-11 18:20 - 2016-05-11 18:23 - 0000041 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-03 21:45

==================== End of FRST.txt ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:18 PM

Posted 09 July 2016 - 07:54 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF SearchPlugin: C:\Users\Dominic\AppData\Roaming\Mozilla\Firefox\Profiles\w73lk7tp.default\searchplugins\google-avast.xml [2016-06-03]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "D:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
S3 MSICDSetup; \??\G:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X]


End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

---

Do the Windows updates from this site.
https://support.microsoft.com/en-us

Restart the computer normally after the updates.

How is the volume mixer now?

Please let me know what problem persists with this computer.

#5 deltahydra

deltahydra
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:18 PM

Posted 09 July 2016 - 08:23 AM

Hi nasdaq,

I appreciate the help. I opted to reset Win 10 due to unnecessary and cluttered installs which I hope will remove the issue with it.

Will this cause issues? If not, I'm happy to close the thread.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,225 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:18 PM

Posted 09 July 2016 - 12:47 PM

I will leave the topic open for 5 days if you need to return please do.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users