Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am i Infected?


  • Please log in to reply
7 replies to this topic

#1 Nyjal-

Nyjal-

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 02:36 AM

my cousin installed some applications and now my pc is kinda milliseconds slow? 

how do i check if i am infected please help :D

something is not right

i tried scanning with malware bytes and avast none found 

 

CHROME IS LAGGING LIKE 2 SECONDS OF LAG WHEN OPENING A NEW TAB FIRST OPEN CHROME IS INSTALLED ON SSD

 

 

ASWMBR LOG

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2017-01-15 17:11:16
-----------------------------
17:11:16.451    OS Version: Windows x64 6.2.9200 
17:11:16.451    Number of processors: 8 586 0x3C03
17:11:16.451    ComputerName: DANIEL  UserName: Daniel
17:11:16.569    Initialize success
17:11:16.574    VM: initialized successfully
17:11:16.574    VM: Intel CPU supported virtualized 
17:11:17.671    VM: disk I/O iaStorA.sys
17:11:24.958    AVAST engine defs: 17011400
17:11:33.419    Disk 0  \Device\Harddisk0\DR0 -> \Device\0000003c
17:11:33.420    Disk 0 Vendor: ST2000VX000-1ES164 CV26 Size: 1907729MB BusType: 11
17:11:33.422    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\0000003d
17:11:33.423    Disk 1 Vendor: KINGSTON_SV300S37A120G 603ABBF0 Size: 114473MB BusType: 11
17:11:33.429    Disk 1 MBR read successfully
17:11:33.431    Disk 1 MBR scan
17:11:34.050    Disk 1 Windows 7 default MBR code
17:11:34.055    Disk 1 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
17:11:34.120    Disk 1 Partition 2 00     07      HPFS/NTFS NTFS       113921 MB offset 206848
17:11:34.123    Disk 1 Partition 3 00     27 Hidden NTFS WinRE NTFS          450 MB offset 233517056
17:11:34.181    Disk 1 scanning C:\WINDOWS\system32\drivers
17:11:36.964    Service scanning
17:11:41.166    Modules scanning
17:11:41.169    Disk 1 trace - called modules:
17:11:41.174    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
17:11:41.177    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffaa8956edd060]
17:11:41.179    3 CLASSPNP.SYS[fffff80898b65efb] -> nt!IofCallDriver -> [0xffffaa895368d040]
17:11:41.181    5 ACPI.sys[fffff80897804571] -> nt!IofCallDriver -> [0xffffaa89549f8e40]
17:11:41.189    7 ACPI.sys[fffff80897804571] -> nt!IofCallDriver -> \Device\0000003d[0xffffaa89549ec060]
17:11:41.314    AVAST engine scan C:\
17:25:46.297    Disk 1 statistics 9836488/0/0 @ 16.35 MB/s
17:25:46.327    Scan finished successfully
17:26:28.234    Disk 1 MBR has been saved successfully to "C:\Users\Daniel\Desktop\MBR.dat"
17:26:28.251    The log file has been saved successfully to "C:\Users\Daniel\Desktop\aswMBR.txt"

Edited by Nyjal-, 15 January 2017 - 05:10 AM.


BC AdBot (Login to Remove)

 


#2 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 04:08 AM

FRST LOG 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017

Ran by Daniel (administrator) on DANIEL (15-01-2017 17:30:40)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() D:\Program Files (x86)\Pingzapper\PZService.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Spotify Ltd) C:\Users\Daniel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Corsair Components, Inc.) D:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Carifred) E:\Daniel Files\TechTool Store.exe
(Carifred) E:\Daniel Files\TechTool Store64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [12348112 2016-10-12] (Corsair Components, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-07] (AVAST Software)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [21431912 2012-10-01] (Microsoft Corporation)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248 2015-11-10] (Tonec Inc.)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [Spotify Web Helper] => C:\Users\Daniel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-09] (Spotify Ltd)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\RunOnce: [Uninstall C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\MountPoints2: {a3720b70-681e-11e5-be82-448a5b9ac8ba} - "I:\setup.exe" 
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-07] (AVAST Software)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-01]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy\User: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 114.108.195.1 114.108.193.201
Tcpip\..\Interfaces\{431a2cbf-1da8-4673-9648-bf2212cf3f72}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{431a2cbf-1da8-4673-9648-bf2212cf3f72}: [DhcpNameServer] 114.108.195.1 114.108.193.201
Tcpip\..\Interfaces\{7e8c3aab-ae2e-47d3-ba12-9f99ea68de1d}: [DhcpNameServer] 8.8.8.8 8.8.4.4
 
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-15] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-15] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - D:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - D:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
FF HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Daniel\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Daniel\AppData\Roaming\IDM\idmmzcc5 [2017-01-15] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-15] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-12] (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> D:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-23] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> D:\Program Files (x86)\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> D:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchKeyword: Profile 1 -> lp
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-15]
CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-08]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-08]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (uBlock Origin) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-19]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-01-02]
CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-08]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-01-10]
CHR Extension: (IDM Integration Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-08]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-07] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2017-01-12] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2017-01-11] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [39888 2016-05-19] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [54200 2016-07-22] (Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-12] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-03-10] (The OpenVPN Project)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2016-12-20] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2016-12-20] (Electronic Arts)
R2 PingzapperSvc; D:\Program Files (x86)\Pingzapper\PZService.exe [632320 2016-05-22] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-14] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-12-22] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-16] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-07] (AVAST Software)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45056 2016-10-06] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22520 2016-10-06] (Corsair)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-10-01] (Disc Soft Ltd)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2015-11-25] (Highresolution Enterprises [www.highrez.co.uk])
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows ® Win 7 DDK provider)
U5 rzudd; C:\Windows\System32\Drivers\rzudd.sys [202952 2015-08-13] (Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\system32\DRIVERS\ssudobex.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2015-12-29] (Splashtop Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [File not signed]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133064 2016-05-28] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-07-23] (Wellbia.com Co., Ltd.)
S3 xspirit; C:\WINDOWS\xspirit.sys [19176 2016-07-14] ()
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
U3 aswMBR; D:\Temp\aswMBR.sys [62728 2017-01-15] () [File not signed]
S3 GGSAFERDriver; \??\D:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\D:\Temp\gkernel.sys [X]
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]
S3 X6va063; \??\C:\WINDOWS\SysWOW64\Drivers\X6va063 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-15 17:30 - 2017-01-15 17:30 - 00025918 _____ C:\Users\Daniel\Desktop\FRST.txt
2017-01-15 17:30 - 2017-01-15 17:30 - 00000000 ____D C:\FRST
2017-01-15 17:29 - 2017-01-15 17:29 - 02419200 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2017-01-15 17:26 - 2017-01-15 17:26 - 00002221 _____ C:\Users\Daniel\Desktop\aswMBR.txt
2017-01-15 17:26 - 2017-01-15 17:26 - 00000512 _____ C:\Users\Daniel\Desktop\MBR.dat
2017-01-15 17:09 - 2017-01-15 17:09 - 05200384 _____ (AVAST Software) C:\Users\Daniel\Desktop\aswmbr.exe
2017-01-15 13:28 - 2017-01-15 15:24 - 00000000 ____D C:\Users\Daniel\Desktop\Cracking Files
2017-01-15 11:31 - 2017-01-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Net Seal
2017-01-12 20:08 - 2017-01-12 20:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OBS
2017-01-12 18:59 - 2017-01-12 19:03 - 00000000 ____D C:\Users\Daniel\Documents\FIFA 17 Demo
2017-01-12 16:32 - 2017-01-12 16:32 - 00000233 _____ C:\Users\Daniel\Desktop\Tom Clancy's Rainbow Six Siege.url
2017-01-11 22:47 - 2017-01-11 20:43 - 00395024 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-01-11 22:44 - 2017-01-11 22:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-11 22:44 - 2016-12-12 02:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-01-11 22:44 - 2016-09-10 02:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-11 22:44 - 2016-09-10 02:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-11 22:44 - 2016-09-10 02:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-01-11 22:44 - 2016-09-10 02:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-01-11 22:42 - 2016-12-12 11:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-01-11 22:42 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-01-11 22:42 - 2016-12-12 11:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-01-11 22:33 - 2017-01-11 22:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-11 22:33 - 2017-01-11 22:33 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2017-01-06 09:10 - 00158264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-11 22:33 - 2017-01-06 09:10 - 00126008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-11 22:33 - 2017-01-06 09:10 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-01-11 22:33 - 2017-01-06 08:09 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-11 20:42 - 2017-01-11 20:42 - 00000234 _____ C:\Users\Daniel\Desktop\WATCH_DOGS® 2.url
2017-01-11 15:11 - 2017-01-11 15:11 - 00000000 ____D C:\Users\Daniel\Desktop\GTA_FORCE_ELITE_8.1_Hotfix
2017-01-11 14:51 - 2017-01-11 14:51 - 11307291 _____ C:\Users\Daniel\Desktop\GTA_FORCE_ELITE_8.1_Hotfix.rar
2017-01-11 06:07 - 2016-12-21 16:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 06:07 - 2016-12-21 16:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 06:07 - 2016-12-21 15:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 06:07 - 2016-12-21 15:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 06:07 - 2016-12-21 15:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 06:07 - 2016-12-21 15:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 06:07 - 2016-12-21 15:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 06:07 - 2016-12-21 15:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 06:07 - 2016-12-21 15:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 06:07 - 2016-12-21 15:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 06:07 - 2016-12-21 15:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 06:07 - 2016-12-21 15:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 06:07 - 2016-12-21 15:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 06:07 - 2016-12-21 15:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 06:07 - 2016-12-21 15:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 06:07 - 2016-12-21 15:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 06:07 - 2016-12-21 15:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 06:07 - 2016-12-21 15:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 06:07 - 2016-12-21 15:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 06:07 - 2016-12-21 15:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 06:07 - 2016-12-21 15:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 06:07 - 2016-12-21 15:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 06:07 - 2016-12-21 15:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 06:07 - 2016-12-21 15:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 06:07 - 2016-12-21 15:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 06:07 - 2016-12-21 15:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 06:07 - 2016-12-21 15:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 06:07 - 2016-12-21 15:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 06:07 - 2016-12-21 15:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 06:07 - 2016-12-21 15:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 06:07 - 2016-12-21 15:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 06:07 - 2016-12-21 14:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 06:07 - 2016-12-21 14:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 06:07 - 2016-12-21 14:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 06:07 - 2016-12-21 14:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 06:07 - 2016-12-21 14:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 06:07 - 2016-12-21 14:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 06:07 - 2016-12-21 14:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 06:07 - 2016-12-21 14:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 06:07 - 2016-12-21 14:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 06:07 - 2016-12-21 14:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 06:07 - 2016-12-21 14:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 06:07 - 2016-12-21 14:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 06:07 - 2016-12-21 14:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 06:07 - 2016-12-21 14:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 06:07 - 2016-12-21 14:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 06:07 - 2016-12-21 14:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 06:07 - 2016-12-21 14:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 06:07 - 2016-12-21 14:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 06:07 - 2016-12-21 13:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 06:07 - 2016-12-21 13:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 06:07 - 2016-12-21 13:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 06:07 - 2016-12-21 13:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 06:07 - 2016-12-21 12:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 06:07 - 2016-12-21 12:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 06:07 - 2016-12-21 12:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 06:07 - 2016-12-21 12:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 06:07 - 2016-12-21 12:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 06:07 - 2016-12-21 12:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 06:07 - 2016-12-21 12:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 06:07 - 2016-12-21 12:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 06:07 - 2016-12-21 12:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 06:07 - 2016-12-21 12:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 06:07 - 2016-12-21 12:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 06:07 - 2016-12-21 12:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 06:07 - 2016-12-21 12:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 06:07 - 2016-12-21 12:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 06:07 - 2016-12-21 12:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 06:07 - 2016-12-21 12:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 06:07 - 2016-12-21 12:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 06:07 - 2016-12-21 12:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 06:07 - 2016-12-21 12:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 06:07 - 2016-12-21 12:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 06:07 - 2016-12-21 12:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 06:07 - 2016-12-21 12:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 06:07 - 2016-12-21 12:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 06:07 - 2016-12-21 12:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 06:07 - 2016-12-14 13:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 06:07 - 2016-12-14 13:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 06:07 - 2016-12-14 13:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 06:07 - 2016-12-14 13:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 06:07 - 2016-12-14 13:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 06:07 - 2016-12-14 13:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 06:07 - 2016-12-14 13:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 06:07 - 2016-12-14 13:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 06:07 - 2016-12-14 13:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 06:07 - 2016-12-14 13:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 06:07 - 2016-12-14 13:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 06:07 - 2016-12-14 13:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 06:07 - 2016-12-14 13:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 06:07 - 2016-12-14 13:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 06:07 - 2016-12-14 13:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 06:07 - 2016-12-14 13:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 06:07 - 2016-12-14 13:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 06:07 - 2016-12-14 13:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 06:07 - 2016-12-14 12:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 06:07 - 2016-12-14 12:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 06:07 - 2016-12-14 12:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 06:07 - 2016-12-14 12:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 06:07 - 2016-12-14 12:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 06:07 - 2016-12-14 12:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 06:07 - 2016-12-14 12:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 06:07 - 2016-12-14 12:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 06:07 - 2016-12-14 12:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 06:07 - 2016-12-14 12:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 06:07 - 2016-12-14 12:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 06:07 - 2016-12-14 12:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 06:07 - 2016-12-14 12:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 06:07 - 2016-12-14 12:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 06:07 - 2016-12-14 12:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 06:07 - 2016-12-14 12:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 06:07 - 2016-12-14 12:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 06:07 - 2016-12-14 12:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 06:07 - 2016-12-14 12:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 06:07 - 2016-12-14 12:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 06:07 - 2016-12-14 12:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 06:07 - 2016-12-14 12:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 06:07 - 2016-12-14 12:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 06:07 - 2016-12-14 12:35 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2017-01-11 06:07 - 2016-12-14 12:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 06:07 - 2016-12-14 12:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 06:07 - 2016-12-14 12:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 06:07 - 2016-12-14 12:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 06:07 - 2016-12-14 12:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 06:07 - 2016-12-14 12:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 06:07 - 2016-12-14 12:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 06:07 - 2016-12-14 12:25 - 02795520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-01-11 06:07 - 2016-12-14 12:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 06:07 - 2016-12-14 12:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 06:07 - 2016-12-14 12:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 06:07 - 2016-12-14 12:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 06:07 - 2016-12-14 12:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 06:07 - 2016-12-14 12:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 06:07 - 2016-12-14 12:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 06:07 - 2016-12-14 12:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 06:07 - 2016-12-14 12:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 06:07 - 2016-12-14 12:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 06:07 - 2016-11-02 20:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 06:07 - 2016-11-02 19:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 06:07 - 2016-11-02 18:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 06:07 - 2016-11-02 18:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 06:07 - 2016-11-02 18:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 06:07 - 2016-08-02 12:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 06:06 - 2016-12-21 16:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 06:06 - 2016-12-21 15:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 06:06 - 2016-12-21 15:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 06:06 - 2016-12-21 15:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 06:06 - 2016-12-21 15:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 06:06 - 2016-12-21 15:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 06:06 - 2016-12-21 15:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 06:06 - 2016-12-21 15:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 06:06 - 2016-12-21 14:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 06:06 - 2016-12-21 14:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 06:06 - 2016-12-21 12:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 06:06 - 2016-12-21 12:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 06:06 - 2016-12-21 12:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 06:06 - 2016-12-21 12:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 06:06 - 2016-12-14 13:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 06:06 - 2016-12-14 13:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 06:06 - 2016-12-14 13:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 06:06 - 2016-12-14 13:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 06:06 - 2016-12-14 12:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 06:06 - 2016-12-14 12:42 - 00384000 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2017-01-11 06:06 - 2016-12-14 12:41 - 00362496 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2017-01-11 06:06 - 2016-12-14 12:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 06:06 - 2016-12-14 12:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 06:06 - 2016-12-14 12:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 06:06 - 2016-12-14 12:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 06:06 - 2016-12-14 12:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-09 20:56 - 2017-01-09 20:56 - 00000735 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-09 15:37 - 2017-01-09 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2017-01-09 15:37 - 2017-01-09 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2017-01-09 15:37 - 2017-01-09 15:37 - 00000000 ____D C:\Program Files\TAP-Windows
2017-01-09 15:37 - 2017-01-09 15:37 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2017-01-09 15:22 - 2017-01-09 15:32 - 00000000 ____D C:\Program Files\OpenVPN
2017-01-09 15:19 - 2017-01-09 15:36 - 00001967 _____ C:\Users\Daniel\Desktop\Cryptic's VPN.lnk
2017-01-09 15:19 - 2017-01-09 15:19 - 00000000 ____D C:\Program Files (x86)\CrypticVPN
2017-01-08 15:57 - 2017-01-08 15:57 - 00000885 _____ C:\Users\Public\Desktop\Far Cry Primal.lnk
2017-01-08 11:06 - 2017-01-08 11:06 - 00002108 _____ C:\Users\Public\Desktop\Action!.lnk
2017-01-08 11:06 - 2017-01-08 11:06 - 00000000 ____D C:\Program Files (x86)\Mirillis
2017-01-07 19:05 - 2017-01-07 19:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HandBrake Team
2017-01-07 12:19 - 2017-01-07 12:19 - 00000000 ____D C:\Menyoo
2017-01-07 12:18 - 2017-01-07 12:18 - 00000000 ____D C:\Users\Daniel\Desktop\force
2017-01-07 01:10 - 2017-01-10 09:29 - 00000000 ____D C:\Users\Daniel\Desktop\Files
2017-01-07 00:56 - 2017-01-07 00:56 - 00001037 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-07 00:56 - 2017-01-07 00:56 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-07 00:56 - 2017-01-07 00:56 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2017-01-07 00:55 - 2017-01-07 00:56 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-01-07 00:55 - 2017-01-07 00:56 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-01-07 00:55 - 2017-01-07 00:56 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-07 00:55 - 2017-01-07 00:55 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-07 00:55 - 2017-01-07 00:55 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-07 00:55 - 2017-01-07 00:55 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-01 22:55 - 2017-01-09 20:39 - 00000106 _____ C:\Users\Daniel\Desktop\paypals.txt
2016-12-31 21:06 - 2016-12-31 21:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_system32WtfEngineDrv_01009.Wdf
2016-12-29 02:44 - 2017-01-08 11:28 - 00000102 _____ C:\Users\Daniel\Desktop\fhfghf.txt
2016-12-28 19:15 - 2014-01-23 15:34 - 00427376 _____ (Network Tunnel Lab) C:\WINDOWS\SysWOW64\networkdlllsp.dll
2016-12-28 19:10 - 2016-12-28 19:10 - 00000783 _____ C:\Users\Public\Desktop\Pingzapper.lnk
2016-12-23 20:05 - 2016-12-23 20:05 - 00000219 _____ C:\Users\Daniel\Desktop\Left 4 Dead 2.url
2016-12-22 17:26 - 2016-12-22 17:28 - 00000000 ____D C:\Users\Daniel\Documents\Battlefield 3
2016-12-22 17:24 - 2016-12-22 17:24 - 00000912 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2016-12-22 12:38 - 2016-12-22 12:38 - 00000441 _____ C:\Users\Public\Desktop\Mafia III.lnk
2016-12-20 11:21 - 2017-01-06 13:10 - 00000000 ____D C:\Users\Daniel\Desktop\memes
2016-12-16 15:07 - 2016-12-16 15:07 - 00000000 ____D C:\Users\Daniel\Documents\WB Games
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-15 17:27 - 2015-11-02 15:51 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2017-01-15 16:36 - 2016-08-04 10:47 - 07708224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-15 16:31 - 2016-08-04 10:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-15 16:30 - 2016-08-04 10:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-15 16:30 - 2016-08-04 10:48 - 00000000 ____D C:\Users\Daniel
2017-01-15 16:30 - 2016-07-26 20:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DMCache
2017-01-15 16:30 - 2016-07-16 14:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-15 15:37 - 2016-08-08 07:48 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\discord
2017-01-15 15:16 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-15 15:16 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-15 15:16 - 2015-11-13 10:54 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IDM
2017-01-15 15:03 - 2015-10-20 13:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-15 15:01 - 2016-08-04 10:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-15 14:50 - 2016-08-04 10:52 - 00005194 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel
2017-01-15 12:51 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-14 12:11 - 2015-10-11 10:56 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Origin
2017-01-14 12:11 - 2015-10-11 10:49 - 00000000 ____D C:\ProgramData\Origin
2017-01-14 11:02 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-14 10:59 - 2015-11-02 15:48 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 23:50 - 2016-12-12 19:17 - 00000222 _____ C:\Users\Daniel\Desktop\Rockstar acc.txt
2017-01-12 21:37 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 20:01 - 2016-10-02 19:42 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2017-01-12 16:33 - 2016-07-05 22:54 - 00534264 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-01-12 14:36 - 2016-11-06 09:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Infinity
2017-01-12 13:00 - 2016-10-21 17:32 - 00001230 _____ C:\Users\Daniel\Desktop\Grand Theft Auto Online.lnk
2017-01-12 10:51 - 2016-08-08 07:48 - 00002274 _____ C:\Users\Daniel\Desktop\Discord.lnk
2017-01-12 10:51 - 2016-08-08 07:48 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-01-12 10:43 - 2016-07-14 22:52 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-01-12 10:43 - 2016-03-05 19:12 - 00001831 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-01-12 10:40 - 2016-08-04 10:52 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 22:43 - 2016-08-04 10:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-11 22:43 - 2016-08-04 10:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-11 22:33 - 2016-11-08 00:34 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-11 22:33 - 2016-10-09 09:54 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-10-09 09:54 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-10-09 09:54 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-10-09 09:54 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-10-09 09:54 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-10-09 09:54 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-11 22:33 - 2016-08-04 10:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-11 18:00 - 2016-07-18 17:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-11 14:49 - 2015-09-10 13:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 14:48 - 2016-08-04 10:46 - 05020840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 08:54 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 06:14 - 2016-07-16 19:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 06:12 - 2015-09-27 13:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 06:11 - 2015-09-27 13:23 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 23:27 - 2015-09-27 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2017-01-10 09:08 - 2016-12-02 20:50 - 00000000 ____D C:\Users\Daniel\Desktop\Trainers
2017-01-09 20:58 - 2016-02-10 22:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-09 20:58 - 2015-11-11 01:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2017-01-09 20:49 - 2016-11-19 20:00 - 00000000 ____D C:\Users\Daniel\Documents\Heroes of the Storm
2017-01-09 19:52 - 2016-07-22 00:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2017-01-08 11:06 - 2016-02-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2017-01-08 07:40 - 2016-11-13 11:37 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-01-07 19:05 - 2016-01-26 21:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HandBrake
2017-01-07 00:54 - 2015-09-28 16:51 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-07 00:12 - 2015-09-27 13:37 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-06 09:10 - 2016-05-28 16:44 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-01-06 09:10 - 2015-11-20 21:50 - 00121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-06 09:10 - 2015-09-28 06:54 - 01855544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-06 09:10 - 2015-09-28 06:54 - 01756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-06 09:10 - 2015-09-28 06:54 - 01454136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-06 09:10 - 2015-09-28 06:54 - 01318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-31 09:14 - 2016-11-06 09:47 - 00002323 _____ C:\Users\Daniel\Desktop\Infinity.lnk
2016-12-31 09:14 - 2016-11-06 09:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daring Development Inc
2016-12-31 00:23 - 2016-09-24 11:38 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-31 00:23 - 2015-09-27 15:16 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-29 18:08 - 2015-12-26 10:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-26 15:09 - 2015-12-13 09:20 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-12-26 15:09 - 2015-12-13 09:10 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-12-25 19:47 - 2015-12-13 09:10 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-12-23 09:12 - 2015-11-23 14:34 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-23 09:12 - 2015-11-23 14:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-23 09:05 - 2016-08-04 10:52 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-23 09:05 - 2016-08-04 10:52 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-23 09:05 - 2012-07-26 16:12 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-23 07:13 - 2016-07-16 19:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 07:13 - 2016-07-16 19:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 17:33 - 2015-12-13 09:10 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
 
==================== Files in the root of some directories =======
 
2016-04-14 17:52 - 2016-04-14 17:52 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-04-06 14:25 - 2016-11-20 00:40 - 0000500 _____ () C:\Users\Daniel\AppData\Local\pref.data
2017-01-03 21:12 - 2017-01-03 21:12 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2015-11-17 15:36 - 2017-01-14 21:25 - 0007596 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2016-09-19 09:08 - 2016-09-19 09:08 - 0000113 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-01-12 14:44
 
==================== End of FRST.txt ============================

Edited by Nyjal-, 15 January 2017 - 04:35 AM.


#3 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 04:33 AM

ADDITION LOG

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2017

Ran by Daniel (15-01-2017 17:31:08)
Running from C:\Users\Daniel\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-04 02:54:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-903814144-441885261-1225124989-500 - Administrator - Disabled)
Daniel (S-1-5-21-903814144-441885261-1225124989-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-903814144-441885261-1225124989-503 - Limited - Disabled)
Guest (S-1-5-21-903814144-441885261-1225124989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-903814144-441885261-1225124989-1005 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 2.0.7 - Mirillis)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.2.4.1118 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Corsair Utility Engine (HKLM-x32\...\{73CED964-AF50-43D1-B475-31175F5D8903}) (Version: 2.6.70 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version:  - id Software)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HandBrake 0.10.3 (HKLM-x32\...\HandBrake) (Version: 0.10.3 - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IDM Patch 6.25 build 03 (HKLM-x32\...\IDM Patch 6.25 build 03) (Version: build 03 - SandySeedings Team)
Infinity (HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Infinity) (Version: 2.3.1 - Daring Development Inc.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Just Cause 3 (HKLM\...\Steam App 225540) (Version:  - Avalanche Studios)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Mafia III Racing Update v20161221 (HKLM\...\bWFmaWFpaWk_is1) (Version: 1 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Menyoo (HKLM-x32\...\Menyoo 1.7.9) (Version: 1.7.9 - Menyoo)
Menyoo (Version: 1.7.9 - Menyoo) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{02A39130-2CF3-30CA-8623-30F6071A4221}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
MSI Afterburner 4.3.0 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 4 - MSI Co., LTD)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.17 - MSI)
NBA 2K15 (HKLM\...\Steam App 282350) (Version:  - Visual Concepts)
NBA 2K17 (HKLM\...\Steam App 385760) (Version:  - Visual Concepts)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenVPN 2.3.10-I603  (HKLM-x32\...\OpenVPN) (Version: 2.3.10-I603 - )
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pingzapper version 2.1.1 (HKLM-x32\...\{7FD61982-5436-439B-B5D0-36F0536FF8BF}_is1) (Version: 2.1.1 - Pingzapper)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version:  - Square Enix)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spotify (HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 25.0.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version:  - Ubisoft)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-903814144-441885261-1225124989-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0CE1C64F-8D24-44C5-9D8C-6C1CB58290F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {14762BBF-84BB-4B27-BD3B-981109B9E214} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {1F0E9456-E728-490D-9E0B-1FA1600FD356} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-23] (Google Inc.)
Task: {25910875-9D6D-45CA-B60E-272F4658F3A1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2D8A984E-7FBD-450D-BB5B-090A74022072} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {2F8F86B7-3065-438C-BF1B-CAF156B9C43B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {414EDC26-B9D5-412C-8E7C-A51D27B962CB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-06] (NVIDIA Corporation)
Task: {42772D5C-A573-4378-97E6-3E84896A6595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {49B28173-5C45-4257-B700-9E5BAA35CD51} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-07] (AVAST Software)
Task: {6939035B-C78C-4E32-AAF4-04B90E81E006} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {69749BED-7EBC-4FDE-943C-1FF34A12C0DF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-06] (NVIDIA Corporation)
Task: {745CEC91-A541-4D9F-B097-147D9CD45D6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-23] (Google Inc.)
Task: {7E2B5F38-80F3-4CCB-B506-7A5F77F4A27C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8802236B-20D6-4373-B201-F53ABBDED712} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06] (NVIDIA Corporation)
Task: {8CB59047-F571-4016-903D-F80E264F39C9} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe
Task: {90627F34-360E-4F17-9348-387D6CE299E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {9D4C7B59-40F6-4BB8-88CE-924B4F1FEC9F} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {9FFE3C48-5638-4B3C-A506-9A2D1798A499} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A54A5BB8-093B-480C-8E69-5BFEF81D345F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {B1434ECD-1CBA-4837-8F0C-492978E7D51B} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {B22ACFEF-E418-4E99-8E1B-06D43CA60770} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B455B1B7-3C15-4FAD-BB95-9B7A49D05EF7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {C2EF75D3-62A7-4D52-A185-D99F0FA58A31} - \{B45EA0A6-3B3B-4DE9-8545-A88476D307F0} -> No File <==== ATTENTION
Task: {CB2F389F-8F4E-4EA4-939D-B39962287495} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DANIEL-Daniel Daniel => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {CB6C544D-55B3-4A0F-8480-3533EBEEAE34} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {CF846CAD-AADA-431B-92EC-7EFAAADD2868} - System32\Tasks\CAM => D:\Program Files (x86)\NZXT\CAM\CAM_Client_V3.exe
Task: {D8E1F676-440C-4046-8A4A-2A20DEE9DDE8} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {E315787F-79C0-4F68-B6E3-FAB39561186A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {EE9B9144-F813-47BD-9272-4A8DC331A023} - \{73BD1564-94F3-4C5E-A2FB-846F09850071} -> No File <==== ATTENTION
Task: {F5F53C3F-1EA0-4DF9-949A-1E628CCF8A07} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {FB6C5CAE-2C46-4549-9FD6-E10865B4EACE} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWoW64\muachost.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 06:39 - 2016-12-09 18:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-04 10:47 - 2016-12-12 02:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-09 09:54 - 2017-01-06 09:10 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-09 09:54 - 2017-01-06 09:10 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-13 09:10 - 2016-12-22 17:33 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-12-28 19:10 - 2016-05-22 15:27 - 00632320 ___SH () D:\Program Files (x86)\Pingzapper\PZService.exe
2016-12-14 06:39 - 2016-12-09 18:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-24 19:04 - 2016-08-24 19:04 - 01864384 _____ () C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-28 19:10 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2016-08-24 17:54 - 2016-06-14 16:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2016-09-15 08:07 - 2016-09-07 12:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 06:07 - 2016-12-21 15:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 06:06 - 2016-12-21 14:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 06:06 - 2016-12-21 14:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 06:06 - 2016-12-21 14:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 06:06 - 2016-12-21 14:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 06:06 - 2016-12-21 14:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 06:06 - 2016-12-21 14:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-15 10:26 - 2016-12-15 10:27 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-15 10:26 - 2016-12-15 10:27 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-15 10:26 - 2016-12-15 10:27 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-15 10:26 - 2016-12-15 10:27 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-07 00:55 - 2017-01-07 00:55 - 00169064 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-15 10:53 - 2017-01-15 10:53 - 04444072 _____ () D:\Program Files\AVAST Software\Avast\defs\17011400\algo.dll
2017-01-07 00:55 - 2017-01-07 00:55 - 00482928 _____ () D:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-20 11:19 - 2016-12-20 11:19 - 02493440 _____ () D:\Program Files (x86)\Origin\libGLESv2.dll
2015-09-28 06:57 - 2017-01-06 09:10 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-09 09:54 - 2017-01-06 09:10 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-09 09:54 - 2017-01-06 09:10 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-08-24 17:54 - 2016-06-14 16:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2016-10-09 09:54 - 2017-01-06 09:10 - 64246840 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-09 09:54 - 2017-01-06 08:09 - 00527416 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-09 09:54 - 2017-01-06 08:09 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-09 09:54 - 2017-01-06 08:09 - 02807232 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-09 09:54 - 2017-01-06 08:09 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-09 09:54 - 2017-01-06 08:09 - 00449080 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-09 09:54 - 2017-01-06 08:09 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-09 09:54 - 2017-01-06 08:09 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-11 22:33 - 2017-01-06 08:09 - 00954816 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-10-12 16:44 - 2016-10-12 16:44 - 00037376 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2016-10-12 16:45 - 2016-10-12 16:45 - 00211456 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-10-12 16:44 - 2016-10-12 16:44 - 00093184 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2016-06-10 10:19 - 2016-06-10 10:19 - 00011264 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2016-06-10 10:19 - 2016-06-10 10:19 - 01990144 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2017-01-07 00:55 - 2017-01-07 00:55 - 48936448 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2016-12-23 09:12 - 2016-12-08 15:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-23 09:12 - 2016-12-08 15:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-02-24 19:30 - 2016-07-22 00:41 - 00000898 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-903814144-441885261-1225124989-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{d89ee609-a819-46f5-a862-3b407281f00a}.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-903814144-441885261-1225124989-1001\...\StartupApproved\Run: => "GarenaPlus"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{7B92ED9D-F5C3-4241-BAD5-E5C82EAC2FDD}] => LPort=2333
FirewallRules: [{5F5B397C-C0AF-4441-B175-549CD7EDA8C4}] => LPort=9143
FirewallRules: [UDP Query User{6995B8C9-063E-423C-A83B-BE06B2683FE3}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5283864A-9D3F-488D-A319-CFE1CFC7F34A}C:\users\daniel\appdata\roaming\spotify\spotify.exe] => C:\users\daniel\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D22B429D-97F1-4548-A953-6F8232F02321}] => LPort=8370
FirewallRules: [{AF9BA81A-D89D-4CBE-A642-EB5A0C77163A}] => LPort=8370
FirewallRules: [UDP Query User{DEE6FE04-DCA3-456A-96E1-23EBECF041DD}C:\program files (x86)\msi\gaming app\gamingapp.exe] => C:\program files (x86)\msi\gaming app\gamingapp.exe
FirewallRules: [TCP Query User{573E5669-F7DF-4939-BC50-F25963FFDE37}C:\program files (x86)\msi\gaming app\gamingapp.exe] => C:\program files (x86)\msi\gaming app\gamingapp.exe
FirewallRules: [UDP Query User{DFAF83F5-142E-4017-AC0E-8745872D4D7B}G:\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => G:\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [TCP Query User{ABFCADB4-E40E-49DA-A81D-640498A38A6E}G:\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => G:\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [{B4AA7285-786B-40BC-BC88-5002AB302461}] => %ProgramFiles% (x86)\Mirillis\Action!\Action.exe
FirewallRules: [{79F71172-0C7F-4420-863B-B1C176571EB5}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5282FF8-F17A-4CF2-A6A8-14B921F69F8E}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2A974BB9-6C54-417C-BFDD-F421C912784B}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A3483AED-F984-4D2D-AE56-30F3373A1805}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{83A9DA99-4942-476C-90A6-5BE87C13F9A7}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{2EC5C71B-0D9D-4885-8592-B2506A57C007}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{026A429C-18EE-4D07-BEB9-A3EACB31F71F}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{107BC8FD-3340-409B-9374-1FD0D4FC9948}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CB783713-A216-4130-8245-0E1120E69633}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19D615C1-EF8F-4D4D-984E-173169E507DE}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FD23E41-D774-48D8-8F4B-2245E96564F3}] => C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFBA4C1B-FE5D-4E64-B5AE-59688778CE94}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{914E95E8-2B73-4E64-A4B2-246B3B4B10EB}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3395845D-F3D7-4057-B1EC-D35DD4A8BBE2}] => D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6644DFE6-C123-4838-8CFC-2E3F7555639A}] => D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{90497EA6-7C75-48C0-B221-07E5CE95D6FB}] => D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90982748-EAFA-4965-8F7A-61FEC88CD5F0}] => D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1164E475-0760-4E90-BDE4-1F9CE89446C7}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7FC25B50-C04E-4071-B09A-761986B437B5}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{031E7F25-7B21-48A7-A06D-A522ACA3A65D}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F6FF9B01-2821-47DC-B943-F55C5F2DFAA4}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{218DDA84-16B2-4853-8E0A-1E925954F4D4}E:\games\doom\doomx64.exe] => E:\games\doom\doomx64.exe
FirewallRules: [UDP Query User{F77B1F73-C8FC-43B1-8ABC-FCB0B0A767B1}E:\games\doom\doomx64.exe] => E:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{53F9D61F-7CFD-41FE-9632-C4D33A552BEF}E:\games\doom\doomx64vk.exe] => E:\games\doom\doomx64vk.exe
FirewallRules: [UDP Query User{1EF30413-7B2C-4A7D-8EAE-46F58BD41E20}E:\games\doom\doomx64vk.exe] => E:\games\doom\doomx64vk.exe
FirewallRules: [{EE0B8ED6-6804-44E7-A0D5-EF352BF7F218}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F2F7E28F-1E9A-4E6D-8EBA-221EB1C88D29}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{119358A0-DA99-4855-B5A2-AA4B326CCB17}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{50AC9067-13ED-4618-885A-77395478A87B}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C2512797-7E8D-4D79-A47E-2383E182CBB4}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2C0BDE5D-1914-4330-AC9C-243FBCFB7A70}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{51211198-22DE-4184-A70D-501CC921C189}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A5EDF8C7-2312-4E2E-9779-BF18FCA17C76}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{6C158580-4922-4E2B-870A-C6D9C6A9627E}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{AC843C56-A91A-4F8A-93CF-854D0CBA923A}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{23EAB8E6-4C91-4F0C-A3D8-DB6F28F0C094}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => D:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{1D1A5E11-FD20-4903-B519-B0683949E180}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => D:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{9C9AF53E-EB69-4331-81C4-73A1DCDDE700}] => D:\Program Files (x86)\Steam\steamapps\common\NBA 2K17\NBA2K17.exe
FirewallRules: [{F6DEC09A-9234-4A45-8F6E-BA74E013BB9E}] => D:\Program Files (x86)\Steam\steamapps\common\NBA 2K17\NBA2K17.exe
FirewallRules: [TCP Query User{8DCE9306-2BFF-4AA4-ABB7-932781EC66EB}E:\games\grand theft auto v\gta5.exe] => E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3F35D5BD-3EC0-41B6-ABFC-2DB34DBE7D82}E:\games\grand theft auto v\gta5.exe] => E:\games\grand theft auto v\gta5.exe
FirewallRules: [{D12FC4A9-0A69-402E-A586-5A74A46F2CB3}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{962FA5A7-0291-4503-A002-D6832A74B146}] => D:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{5DA9CD05-B60C-4B2E-B91A-98365CA57098}E:\games\grand theft auto v - copy\gta5.exe] => E:\games\grand theft auto v - copy\gta5.exe
FirewallRules: [UDP Query User{1CE703B5-7E27-4A89-BA00-79EEC1693F79}E:\games\grand theft auto v - copy\gta5.exe] => E:\games\grand theft auto v - copy\gta5.exe
FirewallRules: [{D48B524A-F576-4805-ACA7-4481FEAC41F8}] => D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{077DCE4F-287D-45D1-B520-8BC28DD34F55}] => D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{A3E7E9BF-BEE1-4CA8-BCFD-DF02D0F37BE0}D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{E8B30B4D-0AC0-4504-85DC-3B8E382BA5C2}D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => D:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{4EDBC874-243F-479B-AE32-4B211034B459}E:\games\overwatch\overwatch.exe] => E:\games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{490C4976-DF08-4F67-A541-196F5593AD9A}E:\games\overwatch\overwatch.exe] => E:\games\overwatch\overwatch.exe
FirewallRules: [{9F2FF221-673E-4DF4-A6B0-5EB8D28B70FD}] => D:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{5500D853-C3D6-4D0E-ADFD-A291C07C67AD}] => D:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{BFE81EBE-2648-48D9-9C70-74C410A1F396}] => D:\Program Files (x86)\Steam\steamapps\common\NBA2K15\NBA2K15.exe
FirewallRules: [{EF23D422-8D62-477E-B478-FCA40B0436F1}] => D:\Program Files (x86)\Steam\steamapps\common\NBA2K15\NBA2K15.exe
FirewallRules: [{28389DC2-1FF9-44BA-8C26-E068B3786DC1}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{ADCB51AC-0906-47CB-96ED-C8E502E7561F}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CA60F632-C026-408B-8940-F045868822B8}] => LPort=26789
FirewallRules: [{A86EB587-494B-40B2-9883-DC136E308FD8}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1F4F0307-8B25-4A93-89E9-25BB016FF473}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2ACDC8B-C782-445F-89E0-2AF3D0E08C74}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0E33384F-765F-42E6-9312-6C5217007D3D}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A6E1F979-75AD-4F27-8E4A-9C87F75E001B}] => D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{FBE823D3-8B42-430A-93B3-2E24724B4BD6}] => D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{B59A4412-3AD4-4210-BC73-A2B911885AC3}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{702AC4AE-DDB4-4B06-AF58-44BF78DB07AB}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FFBFB559-6A53-4580-B759-283F1F7E2CAD}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C80713A6-3C4F-4CC2-91B8-7AE980E710C2}] => D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5329DC71-7B5E-4C21-A515-3A1D2329BB4F}] => D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4B436155-00E1-476E-8E01-1082ECE336B9}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{DCDAD7DD-8D74-45F6-ACEF-971674D06C70}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{3EC63B1D-86D8-4079-A3E0-82B43B75CE95}E:\games\far cry primal\bin\fcprimal.exe] => E:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{0208171D-9084-48DE-A35C-88473D26FA4B}E:\games\far cry primal\bin\fcprimal.exe] => E:\games\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{274418B0-1E7A-4A3A-8ACD-642F965589E5}E:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => E:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{28F4571D-2E6C-46D4-A913-C1F176B58CD2}E:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe] => E:\games\heroes of the storm\versions\base49278\heroesofthestorm_x64.exe
FirewallRules: [{B40E9046-581B-4E59-A759-BB20CC181952}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{A97F6C27-C3A3-461A-9225-0A8488C084CE}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{1FEA05A4-2E9B-408B-B519-26BB284600D9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EDE76BE4-94AE-4E6B-A8E7-0211252AC371}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12FBD44D-842F-48BB-882C-C28A752121E5}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{38464D70-7CD2-4DD2-8FDF-9FABD4AC2DA1}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe
FirewallRules: [{C985CA37-DFCD-4F41-A974-F04CC9E643AE}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe
FirewallRules: [TCP Query User{D1F4A95E-FC02-4E38-8D6F-BA6CFBED2611}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [UDP Query User{71C8A42B-3D60-4482-865C-35D4ABAF08C8}D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => D:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [{5DB75D0F-8681-4FAA-87C1-3F12BCE4AD23}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4836A5FD-591E-4B49-AE41-8ADADC93E67E}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{D7F3DD09-A3D7-4A89-B778-9DF6B47A5E7C}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{227EFD16-7EA9-4402-A7EA-AE551062F3A2}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{FA46C336-A9C4-454D-9738-3CE87A55F716}] => D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{31C41E4F-AE1F-41A6-961C-20ACF1670FFA}] => D:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{49628BC8-4ADF-4E45-B539-188171FF8500}] => E:\Daniel Files\TechTool Store64.exe
FirewallRules: [{BE3602DB-6EBE-4097-9A91-8F5272BD2C0D}] => E:\Daniel Files\TechTool Store64.exe
FirewallRules: [{70AA3395-C768-404C-9FD1-1F96B07CAA87}] => E:\Daniel Files\TechTool Store64.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: TSSTcorp CDDVDW SH-224FB
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/15/2017 04:45:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GTA5.exe version 1.0.944.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 189c
 
Start Time: 01d26f0a8b88e5f0
 
Termination Time: 4294967295
 
Application Path: E:\Games\Grand Theft Auto V\GTA5.exe
 
Report Id: 0718bbfd-daff-11e6-8391-f63026c29cec
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (01/15/2017 04:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Faulting module name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Exception code: 0xc0000005
Fault offset: 0x0000000001281600
Faulting process id: 0x202c
Faulting application start time: 0x01d26f0a7bbd7050
Faulting application path: E:\Games\Grand Theft Auto V\GTA5.exe
Faulting module path: E:\Games\Grand Theft Auto V\GTA5.exe
Report Id: 134cf445-a250-40bf-ba0e-6dbd7b718d31
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/15/2017 04:36:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Faulting module name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Exception code: 0xc0000005
Fault offset: 0x0000000001281600
Faulting process id: 0x55c
Faulting application start time: 0x01d26f0a718f6382
Faulting application path: E:\Games\Grand Theft Auto V\GTA5.exe
Faulting module path: E:\Games\Grand Theft Auto V\GTA5.exe
Report Id: 6bd0b8df-1766-448a-a465-a8bad7efe0fd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/15/2017 04:36:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Faulting module name: GTA5.exe, version: 1.0.944.2, time stamp: 0x5847f8aa
Exception code: 0xc0000005
Fault offset: 0x0000000001281600
Faulting process id: 0xfe8
Faulting application start time: 0x01d26f0a5ca0d993
Faulting application path: E:\Games\Grand Theft Auto V\GTA5.exe
Faulting module path: E:\Games\Grand Theft Auto V\GTA5.exe
Report Id: e373e4d2-300f-4f0e-b24f-6b7b0387c124
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/15/2017 04:30:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/15/2017 02:27:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/15/2017 02:27:32 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (01/15/2017 02:27:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/15/2017 02:27:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/15/2017 02:27:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (01/15/2017 04:32:48 PM) (Source: DCOM) (EventID: 10010) (User: DANIEL)
Description: The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.
 
Error: (01/15/2017 04:30:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/15/2017 04:30:04 PM) (Source: DCOM) (EventID: 10010) (User: DANIEL)
Description: The server App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.
 
Error: (01/15/2017 04:30:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/15/2017 03:01:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/15/2017 03:01:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:00:17 PM on ‎1/‎15/‎2017 was unexpected.
 
Error: (01/15/2017 02:52:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (01/15/2017 02:46:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (01/15/2017 10:53:22 AM) (Source: DCOM) (EventID: 10010) (User: DANIEL)
Description: The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.
 
Error: (01/15/2017 10:51:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
  Date: 2017-01-13 14:17:11.222
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-13 14:17:10.312
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-13 14:17:10.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-10 19:25:38.429
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-05 09:49:13.113
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-05 09:49:12.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-01 23:04:20.700
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-01 23:04:19.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-12-31 14:06:29.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-12-30 13:28:22.540
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 71%
Total physical RAM: 8140.68 MB
Available physical RAM: 2320.73 MB
Total Virtual: 14028.68 MB
Available Virtual: 8045.46 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.25 GB) (Free:75.77 GB) NTFS
Drive d: () (Fixed) (Total:976.56 GB) (Free:109.56 GB) NTFS
Drive e: (My Files) (Fixed) (Total:886.45 GB) (Free:178.97 GB) NTFS
Drive h: () (Removable) (Total:29.82 GB) (Free:29.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1C4EA9A9)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 409DABD2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: FDC01076)
Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by Nyjal-, 15 January 2017 - 04:36 AM.


#4 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 05:29 AM

is this normal?a little lag on chrome when you open a new tab 79e94fbb844d0f3525cc2bfefbfba12d.gif



#5 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 07:38 AM

help pls :D



#6 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 15 January 2017 - 07:05 PM

help pls :D



#7 Nyjal-

Nyjal-
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 17 January 2017 - 04:09 AM

help :(



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:23 PM

Posted 17 January 2017 - 08:43 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

No need for you to bump your topic.
We are all helpers that work for free. It's normal to not get an answer withing 3 days when we have an overload.

ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
GroupPolicy\User: Restriction <======= ATTENTION
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> D:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
S3 GGSAFERDriver; \??\D:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\D:\Temp\gkernel.sys [X]
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]
S3 X6va063; \??\C:\WINDOWS\SysWOW64\Drivers\X6va063 [X]
Task: {C2EF75D3-62A7-4D52-A185-D99F0FA58A31} - \{B45EA0A6-3B3B-4DE9-8545-A88476D307F0} -> No File <==== ATTENTION
Task: {EE9B9144-F813-47BD-9272-4A8DC331A023} - \{73BD1564-94F3-4C5E-A2FB-846F09850071} -> No File <==== ATTENTION


Reboot:


End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
___

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old version(s) of Java via the Control Panel > Programs > Programs and Features.
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
===

Please post the logs and let me know if the problem persists.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users