Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Incredibly annoying Trojan! Please help!


  • This topic is locked This topic is locked
5 replies to this topic

#1 sebastiankiro

sebastiankiro

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 23 March 2018 - 05:58 PM

Hello, it's been a few days since i got this virus(no ideea from where) called winime.exe.. or at least that's what it says in my task manager.

 

It's been sucking on my cpu for a few days now and i just can't seem to get rid of it. 

Tried a bunch of antivirus softwares and antimalware ones but they wont even recognise it as a virus, tried end task but acces is denied, tried killtask on the command prompt but nothing works! 

 

I really could use some help because this cpu-leech is really frustrating and every site that i've tried is either fake or just a bunch of bs trying to sell it's "incredible" virus removal software.

 

:smash:



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:24 PM

Posted 23 March 2018 - 07:55 PM

Hi sebastiankiro :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Follow the instructions in the thread below, and provide me both FRST logs (FRST.txt and Addition.txt). You can attach them in your next post, or copy/paste their content.

https://www.bleepingcomputer.com/forums/topic34773.html

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 sebastiankiro

sebastiankiro
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 24 March 2018 - 04:16 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Sebastian (administrator) on SEBASTIAN-PC (24-03-2018 11:11:22)
Running from C:\Users\Sebastian\Downloads
Loaded Profiles: Sebastian (Available Profiles: Sebastian)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7883296 2009-06-16] (Realtek Semiconductor)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-22] (AVAST Software)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3076896 2016-10-31] (IObit)
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\...\MountPoints2: {7ba10b6d-1bea-11e8-8924-cc52af46ada9} - F:\Install.exe
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\...\MountPoints2: {d0e34257-1b67-11e8-9179-cc52af46ada9} - D:\setup.exe
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\ProgramData\DreamScreen\DreamCompress.scr
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2F484089-5B33-4BD2-AF87-103DEFFE562A}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8
 
Internet Explorer:
==================
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-03-22] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-03-22] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
Handler: WSKVAllmytubechrome - No CLSID Value
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-08-29] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-08-29] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-08-29] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-08-29] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: knrsofd1.default
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default [2018-03-23]
FF user.js: detected! => C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default\user.js [2018-03-23]
FF Extension: (Yandex.Market Adviser) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default\Extensions\sovetnik-yandex@yandex.ru.xpi [2018-03-10]
FF Extension: (Avast SafePrice) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default\Extensions\sp@avast.com.xpi [2018-03-22]
FF Extension: (Visual Bookmarks) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default\Extensions\vb@yandex.ru.xpi [2018-03-23]
FF Extension: (Avast Online Security) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\knrsofd1.default\Extensions\wrc@avast.com.xpi [2018-03-22]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-26] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.softpedia.com/
CHR StartupUrls: Default -> "hxxp://www.google.ro/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default [2018-03-24]
CHR Extension: (Slides) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-26]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Session Buddy) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-02-26]
CHR Extension: (Sheets) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Google Docs Offline) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-23]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-03-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-26]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-26]
CHR Extension: (Chrome Media Router) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
CHR HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKLM\SYSTEM\CurrentControlSet\Services\sp_rsdrv2 <==== ATTENTION (Rootkit!)
"xijtbctc" => service could not be unlocked. <==== ATTENTION
 
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-22] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-30] (Disc Soft Ltd)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-22] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [215320 2018-03-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-22] (AVAST Software)
R3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-02-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-02-26] (Disc Soft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-24] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2018-02-26] ()
U3 a36q9zhc; no ImagePath
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
R5 xijtbctc;  <==== ATTENTION: Locked Service
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-24 11:11 - 2018-03-24 11:11 - 002403328 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe
2018-03-24 11:06 - 2018-03-24 11:06 - 000033809 _____ C:\Users\Sebastian\Downloads\Addition.txt
2018-03-24 11:05 - 2018-03-24 11:11 - 000014542 _____ C:\Users\Sebastian\Downloads\FRST.txt
2018-03-24 11:05 - 2018-03-24 11:11 - 000000000 ____D C:\FRST
2018-03-24 11:04 - 2018-03-24 11:04 - 002403328 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2018-03-24 10:58 - 2018-03-24 10:58 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-24 00:37 - 2018-03-24 00:37 - 009694960 _____ (Crawler Group ) C:\Users\Sebastian\Downloads\SpywareTerminatorSetup.exe
2018-03-24 00:36 - 2018-03-24 00:36 - 001652843 _____ C:\Users\Sebastian\Downloads\Autoruns.zip
2018-03-24 00:36 - 2018-03-24 00:36 - 000000000 ____D C:\Users\Sebastian\Downloads\Autoruns
2018-03-24 00:35 - 2018-03-24 00:35 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-24 00:35 - 2018-03-24 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-24 00:35 - 2018-03-24 00:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-24 00:35 - 2018-01-18 09:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-24 00:32 - 2018-03-24 00:32 - 071234984 _____ (Malwarebytes ) C:\Users\Sebastian\Downloads\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4458.exe
2018-03-24 00:32 - 2018-03-24 00:32 - 071234984 _____ (Malwarebytes ) C:\Users\Sebastian\Downloads\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4458 (1).exe
2018-03-24 00:24 - 2018-03-24 00:25 - 000003146 _____ C:\Windows\System32\Tasks\Trojan Remover
2018-03-24 00:24 - 2018-03-24 00:24 - 050237880 _____ (Loaris, LLC. ) C:\Users\Sebastian\Downloads\setup-ltr-3.0.43.exe
2018-03-24 00:24 - 2018-03-24 00:24 - 000000000 ____D C:\ProgramData\Loaris
2018-03-24 00:12 - 2018-03-24 00:12 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Sebastian\Downloads\SpyHunter-Installer (2).exe
2018-03-23 23:53 - 2018-03-23 23:53 - 000001924 _____ C:\Users\Sebastian\Desktop\Process Hacker 2.lnk
2018-03-23 23:53 - 2018-03-23 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2018-03-23 23:53 - 2018-03-23 23:53 - 000000000 ____D C:\Program Files\Process Hacker 2
2018-03-23 23:52 - 2018-03-23 23:52 - 002267848 _____ (wj32 ) C:\Users\Sebastian\Downloads\processhacker-2.39-setup (1).exe
2018-03-23 23:34 - 2018-03-23 23:34 - 000270976 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-23 23:08 - 2018-03-23 23:08 - 044904448 _____ C:\Windows\system32\config\SOFTWARE.iobit
2018-03-23 23:08 - 2018-03-23 23:08 - 029384704 _____ C:\Windows\system32\config\COMPONENTS.iobit
2018-03-23 23:08 - 2018-03-23 23:08 - 000159744 _____ C:\Windows\system32\config\DEFAULT.iobit
2018-03-23 23:08 - 2018-03-23 23:08 - 000024576 _____ C:\Windows\system32\config\SECURITY.iobit
2018-03-23 23:08 - 2018-03-23 23:08 - 000024576 _____ C:\Windows\system32\config\SAM.iobit
2018-03-23 23:01 - 2018-03-23 23:01 - 000000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2018-03-23 23:00 - 2018-03-23 23:37 - 000000000 ____D C:\ProgramData\IObit
2018-03-23 23:00 - 2018-03-23 23:05 - 000000000 ____D C:\ProgramData\ProductData
2018-03-23 23:00 - 2018-03-23 23:04 - 000002266 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
2018-03-23 23:00 - 2018-03-23 23:00 - 000059520 _____ C:\Users\Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-23 23:00 - 2018-03-23 23:00 - 000003040 _____ C:\Windows\System32\Tasks\ASC10_PerformanceMonitor
2018-03-23 23:00 - 2018-03-23 23:00 - 000002920 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Sebastian
2018-03-23 23:00 - 2018-03-23 23:00 - 000002844 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_Sebastian
2018-03-23 23:00 - 2018-03-23 23:00 - 000001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2018-03-23 23:00 - 2018-03-23 23:00 - 000001358 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\IObit
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\IObit
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2018-03-23 23:00 - 2018-03-23 23:00 - 000000000 ____D C:\Program Files (x86)\IObit
2018-03-23 22:55 - 2018-03-23 22:55 - 000001390 _____ C:\Users\Sebastian\Desktop\CCleaner.lnk
2018-03-23 22:53 - 2018-03-23 22:54 - 000087288 _____ C:\Users\Sebastian\Documents\cc_20180323_225354.reg
2018-03-23 22:50 - 2018-03-23 22:51 - 000000000 ____D C:\Program Files\CCleaner
2018-03-23 22:50 - 2018-03-23 22:50 - 000002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-03-23 22:50 - 2018-03-23 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-23 22:37 - 2018-03-23 22:37 - 000042231 _____ C:\Windows\system32\FNTCACHE.rar
2018-03-23 22:37 - 2018-03-23 22:37 - 000042231 _____ C:\Users\Sebastian\Desktop\FNTCACHE.rar
2018-03-23 21:13 - 2018-03-23 21:16 - 000000000 ____D C:\Users\Sebastian\Desktop\EaW V1.0.5 +5Trainer
2018-03-23 21:13 - 2018-03-23 21:13 - 000608855 _____ C:\Users\Sebastian\Downloads\EaW V1.0.5 +5Trainer.rar
2018-03-23 21:13 - 2018-03-23 21:13 - 000608855 _____ C:\Users\Sebastian\Desktop\EaW V1.0.5 +5Trainer.rar
2018-03-23 21:09 - 2018-03-23 21:09 - 004590282 _____ C:\Users\Sebastian\Downloads\Star Wars Empire At War V1.120 Trainer +3.rar
2018-03-23 21:09 - 2018-03-23 21:09 - 004590282 _____ C:\Users\Sebastian\Desktop\Star Wars Empire At War V1.120 Trainer +3.rar
2018-03-23 21:09 - 2018-03-23 21:09 - 000000000 ____D C:\Users\Sebastian\Desktop\Star Wars Empire At War V1.120 Trainer +3
2018-03-23 17:29 - 2018-03-23 17:29 - 000000000 ____D C:\Users\Sebastian\Documents\Paradox Interactive
2018-03-23 17:28 - 2018-03-23 17:39 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Petroglyph
2018-03-23 17:28 - 2018-03-23 17:28 - 000000927 _____ C:\Users\Public\Desktop\Star Wars - Empire At War.lnk
2018-03-23 17:28 - 2018-03-23 17:28 - 000000901 _____ C:\Users\Public\Desktop\Star Wars - Empire At War - Forces of Corruption.lnk
2018-03-23 17:20 - 2018-03-23 17:20 - 000000668 _____ C:\Users\Sebastian\Desktop\Europa Universalis IV Rule Britannia.lnk
2018-03-23 17:20 - 2018-03-23 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Rule Britannia
2018-03-22 21:04 - 2018-03-22 21:04 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\LaRuina
2018-03-22 20:31 - 2018-03-22 20:31 - 000000000 ____D C:\Users\Sebastian\Documents\Amnesia
2018-03-22 20:27 - 2018-03-22 20:27 - 000000000 ____D C:\Users\Sebastian\Documents\Penumbra
2018-03-22 20:18 - 2018-03-22 20:18 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\Krillbite Studio
2018-03-22 19:51 - 2018-03-22 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krillbite Studio
2018-03-22 19:14 - 2018-03-22 19:14 - 000013834 _____ C:\Users\Sebastian\Downloads\Penumbra_Collection_2007-2014.torrent
2018-03-22 19:04 - 2018-03-22 19:04 - 000012428 _____ C:\Users\Sebastian\Downloads\Renegade Ops.torrent
2018-03-22 19:03 - 2018-03-22 19:03 - 000048896 _____ C:\Users\Sebastian\Downloads\Mortal Kombat Komplete Edition-FLT-[rarbg.to].torrent
2018-03-22 19:02 - 2018-03-22 19:02 - 000013038 _____ C:\Users\Sebastian\Downloads\Among.The.Sleep.MULTi13-PROPHET.torrent
2018-03-22 18:58 - 2018-03-22 18:58 - 000017506 _____ C:\Users\Sebastian\Downloads\Kane.&.Lynch.Dead.Men - SKIDROW.torrent
2018-03-22 18:33 - 2018-03-22 18:39 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\bizarre creations
2018-03-22 18:26 - 2018-03-23 23:53 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Process Hacker 2
2018-03-22 18:25 - 2018-03-22 18:25 - 000000000 ____D C:\ProgramData\TEMP
2018-03-22 18:23 - 2018-03-23 22:40 - 000000000 ____D C:\Program Files (x86)\Trojan Remover
2018-03-22 18:23 - 2018-03-22 18:23 - 000000000 ____D C:\Users\Sebastian\Documents\Simply Super Software
2018-03-22 18:22 - 2018-03-22 18:22 - 010970704 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup695.exe
2018-03-22 18:21 - 2018-03-22 18:21 - 002267848 _____ (wj32 ) C:\Users\Sebastian\Downloads\processhacker-2.39-setup.exe
2018-03-22 18:20 - 2018-03-22 18:20 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\AVAST Software
2018-03-22 18:19 - 2018-03-23 17:38 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-03-22 18:19 - 2018-03-22 20:17 - 000001966 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-03-22 18:19 - 2018-03-22 18:19 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-03-22 18:19 - 2018-03-22 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-03-22 18:19 - 2018-03-22 18:18 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000196648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000146656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000110328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-03-22 18:19 - 2018-03-22 18:17 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 000215320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-03-22 18:19 - 2018-03-22 18:16 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-03-22 18:18 - 2018-03-22 18:18 - 000907264 _____ C:\Windows\winime.exe
2018-03-22 18:18 - 2018-03-22 18:17 - 000380768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-22 18:15 - 2018-03-22 18:15 - 000000000 ____D C:\Program Files\AVAST Software
2018-03-22 18:14 - 2018-03-22 18:14 - 007302848 _____ (AVAST Software) C:\Users\Sebastian\Downloads\avast_free_antivirus_setup_online.exe
2018-03-22 17:58 - 2018-03-22 17:58 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Sebastian\Downloads\SpyHunter-Installer (1).exe
2018-03-22 17:57 - 2018-03-22 17:58 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Sebastian\Downloads\SpyHunter-Installer.exe
2018-03-22 17:57 - 2018-03-22 17:57 - 000000000 ____D C:\Windows\pss
2018-03-22 17:49 - 2018-03-22 17:49 - 000000000 ____D C:\Windows\system32\appmgmt
2018-03-20 23:05 - 2018-03-20 23:05 - 000000747 _____ C:\Users\Public\Desktop\Elder Scrolls V Skyrim Legenday Edition.lnk
2018-03-16 21:38 - 2018-03-23 23:04 - 000000000 ___RD C:\Users\Sebastian\Desktop\Recycle Bin
2018-03-16 21:34 - 2018-03-17 05:46 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Winamp
2018-03-16 21:34 - 2018-03-16 21:34 - 000000983 _____ C:\Users\Public\Desktop\Winamp.lnk
2018-03-16 21:34 - 2018-03-16 21:34 - 000000000 ____D C:\Program Files (x86)\Winamp
2018-03-14 23:44 - 2018-03-14 23:44 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\DryGin Studios
2018-03-14 22:40 - 2018-03-14 22:40 - 000000826 _____ C:\Users\Public\Desktop\League of Legends.lnk
2018-03-14 22:40 - 2018-03-14 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-03-14 22:35 - 2018-03-14 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive Studios
2018-03-14 22:32 - 2018-03-14 22:37 - 000001028 _____ C:\Windows\disney.ini
2018-03-14 22:31 - 2018-03-14 22:31 - 000000194 _____ C:\Windows\disneysy.ini
2018-03-14 21:56 - 2018-03-14 21:56 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Yacht Club Games
2018-03-12 20:55 - 2018-03-12 20:55 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\Obsidian Entertainment
2018-03-11 15:05 - 2018-03-11 15:05 - 000000000 ____D C:\Users\Sebastian\AppData\Local\ElevatedDiagnostics
2018-03-11 13:13 - 2018-03-11 13:20 - 000000116 _____ C:\Users\Sebastian\Desktop\New Text Document (2).txt
2018-03-11 05:04 - 2018-03-11 05:04 - 000000000 ____D C:\Users\Sebastian\Documents\CPY_SAVES
2018-03-11 01:18 - 2018-03-11 01:18 - 000000000 ____D C:\Windows\OvtCam
2018-03-11 01:17 - 2018-03-11 01:17 - 000000000 ____D C:\Program Files (x86)\Hercules
2018-03-11 01:17 - 2007-08-29 15:56 - 000139264 _____ (Guillemot Corporation) C:\Windows\system32\Drivers\camfilt2.sys
2018-03-11 01:17 - 2007-07-13 11:45 - 000172928 _____ (OmniVision Technology Inc.) C:\Windows\system32\Drivers\ov530vx.sys
2018-03-11 01:17 - 2007-07-13 11:45 - 000018944 _____ (OmniVision Technologies Inc.) C:\Windows\SysWOW64\msext534.ax
2018-03-11 01:11 - 2018-03-11 01:11 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\NoBrakesGames
2018-03-11 00:37 - 2018-03-11 00:37 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2018-03-11 00:37 - 2018-03-11 00:37 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2018-03-11 00:37 - 2018-03-11 00:37 - 000122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2018-03-11 00:37 - 2018-03-11 00:37 - 000109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2018-03-11 00:37 - 2018-03-11 00:37 - 000000000 ____D C:\ProgramData\Codemasters
2018-03-11 00:37 - 2018-03-11 00:37 - 000000000 ____D C:\Program Files (x86)\OpenAL
2018-03-10 23:15 - 2018-03-10 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2018-03-10 23:12 - 2018-03-10 23:12 - 000000000 ____D C:\Program Files (x86)\directx
2018-03-10 23:11 - 2018-03-10 23:11 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-03-10 23:06 - 2018-03-10 23:06 - 000000000 ____D C:\ProgramData\X360CE
2018-03-10 22:48 - 2018-03-10 22:48 - 000000000 ____D C:\Users\Sebastian\Documents\How To Survive Saves
2018-03-10 22:48 - 2018-03-10 22:48 - 000000000 ____D C:\Users\Sebastian\AppData\Local\SKIDROW
2018-03-10 21:25 - 2018-03-10 21:25 - 000000000 ____D C:\Users\Sebastian\AppData\Local\EMU
2018-03-10 21:01 - 2018-03-20 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-03-10 20:20 - 2018-03-10 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\505 Games
2018-03-10 03:24 - 2018-03-23 00:26 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\Mozilla
2018-03-10 03:23 - 2018-03-10 03:24 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Mozilla
2018-03-10 01:38 - 2018-03-11 04:36 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Pillars.Of.Eternity.Royal.Edition.v3.05.1186+AllDLC
2018-03-10 00:56 - 2018-03-14 22:26 - 000000000 ____D C:\Users\Sebastian\Documents\Almost Human
2018-03-09 15:20 - 2018-03-09 15:20 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2018-03-09 15:03 - 2018-03-14 22:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-07 21:39 - 2018-03-07 21:39 - 000000000 ____D C:\Users\Sebastian\Documents\NBGI
2018-03-07 21:39 - 2018-03-07 21:39 - 000000000 ____D C:\Users\Sebastian\AppData\Local\NBGI
2018-03-07 21:34 - 2018-03-22 17:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-03-07 21:34 - 2018-03-07 21:34 - 000001338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2018-03-07 21:34 - 2018-03-07 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2018-03-07 18:39 - 2018-03-07 18:39 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-03-07 18:38 - 2018-03-11 14:41 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-07 17:11 - 2018-03-07 17:11 - 000000000 ____D C:\Users\Sebastian\AppData\LocalLow\South East Games
2018-03-07 17:11 - 2018-03-07 17:11 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-03-05 22:37 - 2018-03-11 21:11 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Black_Tree_Gaming
2018-03-05 22:37 - 2018-03-05 22:37 - 000000000 ____D C:\Users\Sebastian\Documents\Nexus Mod Manager
2018-03-05 22:25 - 2018-03-05 22:25 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Todoist
2018-03-05 22:25 - 2018-03-05 22:25 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Todoist
2018-03-04 08:21 - 2018-03-04 08:21 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\WinRAR
2018-03-04 08:20 - 2018-03-04 08:20 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-04 08:20 - 2018-03-04 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-04 08:20 - 2018-03-04 08:20 - 000000000 ____D C:\Program Files\WinRAR
2018-03-04 08:14 - 2018-03-09 15:27 - 000000000 ____D C:\Users\Sebastian\Documents\Rockstar Games
2018-03-04 01:49 - 2018-03-04 01:49 - 000000678 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2018-03-04 01:36 - 2018-03-04 01:36 - 000000000 _____ C:\autoexec.bat
2018-03-04 01:34 - 2018-03-04 01:34 - 000000000 ____D C:\ProgramData\RegRun
2018-03-04 01:34 - 2018-02-27 18:26 - 000001320 _____ C:\Windows\system32\Drivers\etc\hosts.old
2018-03-04 01:33 - 2018-03-04 01:54 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2018-03-04 01:33 - 2018-03-04 01:39 - 000000000 ____D C:\Users\Sebastian\Documents\RegRun2
2018-03-04 01:24 - 2018-03-04 01:24 - 000000000 ____D C:\Users\Sebastian\Documents\DeadIslandDIR
2018-03-03 21:31 - 2018-03-04 01:57 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-03-03 21:31 - 2018-03-03 21:31 - 000001089 _____ C:\Users\Sebastian\Desktop\Cheat Engine.lnk
2018-03-03 21:31 - 2018-03-03 21:31 - 000000000 ____D C:\Users\Sebastian\Documents\My Cheat Tables
2018-03-03 21:31 - 2018-03-03 21:31 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Opera Software
2018-03-03 21:31 - 2018-03-03 21:31 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Opera Software
2018-03-03 21:31 - 2018-03-03 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.7
2018-03-03 01:34 - 2018-03-03 01:34 - 000000000 ____D C:\Users\Sebastian\Documents\Electronic Arts
2018-03-02 22:41 - 2018-03-03 00:32 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\BSplayer
2018-03-02 22:41 - 2018-03-02 22:41 - 000001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2018-03-02 22:41 - 2018-03-02 22:41 - 000001126 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2018-03-02 22:41 - 2018-03-02 22:41 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\BSplayer Pro
2018-03-02 22:41 - 2018-03-02 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2018-03-02 22:41 - 2018-03-02 22:41 - 000000000 ____D C:\Program Files (x86)\Webteh
2018-03-02 22:04 - 2018-03-10 19:28 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Spotify
2018-03-02 22:04 - 2018-03-04 14:49 - 000001787 _____ C:\Users\Sebastian\Desktop\Spotify.lnk
2018-03-02 22:04 - 2018-03-04 14:49 - 000001773 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-03-02 22:03 - 2018-03-22 21:18 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Spotify
2018-03-01 21:05 - 2018-03-23 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-01 21:05 - 2018-03-01 21:05 - 000000000 ____D C:\ProgramData\GOG.com
2018-02-28 23:51 - 2018-02-28 23:51 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Steam
2018-02-28 18:37 - 2018-02-28 18:51 - 000000016 _____ C:\Users\Sebastian\Desktop\New Text Document.txt
2018-02-28 12:45 - 2018-03-23 22:53 - 000000000 ____D C:\Windows\Minidump
2018-02-27 23:21 - 2018-02-27 23:21 - 000000000 ____D C:\Users\Sebastian\Documents\League of Legends
2018-02-27 23:15 - 2018-02-27 23:15 - 000000000 ____D C:\ProgramData\Riot Games
2018-02-27 23:14 - 2018-02-27 23:14 - 000000000 ____D C:\Riot Games
2018-02-27 23:14 - 2008-07-12 09:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-02-27 23:14 - 2008-07-12 09:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-02-27 23:14 - 2008-07-12 09:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-02-27 20:09 - 2018-02-27 20:09 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Skyrim
2018-02-27 19:45 - 2018-03-20 22:41 - 000000000 ____D C:\Program Files (x86)\Mr DJ
2018-02-27 19:45 - 2018-03-20 22:40 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-02-27 19:45 - 2018-02-27 19:45 - 000000000 ___HD C:\Windows\msdownld.tmp
2018-02-27 19:03 - 2018-02-27 19:03 - 000000000 ____D C:\Users\Sebastian\AppData\Local\ASHelper
2018-02-27 18:53 - 2018-02-27 18:53 - 000000000 ___HD C:\$AV_ASW
2018-02-27 18:46 - 2018-02-27 18:46 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-27 18:43 - 2018-02-27 19:00 - 000000000 ____D C:\ProgramData\DreamScreen
2018-02-27 18:43 - 2018-02-27 18:57 - 000000000 ____D C:\ProgramData\DreamCompress
2018-02-27 18:43 - 2018-02-27 18:43 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\DreamScreen
2018-02-27 18:40 - 2018-03-09 14:09 - 000070232 _____ C:\Windows\system32\Drivers\fmucovwd.sys
2018-02-27 18:39 - 2018-03-23 17:38 - 000003116 _____ C:\Windows\System32\Tasks\{D8E78E65-BA3E-4A3D-A128-AF3A8673D524}
2018-02-27 18:29 - 2018-02-27 18:57 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\ylb40udospp
2018-02-27 18:27 - 2018-02-27 18:57 - 000000000 ____D C:\Windat
2018-02-27 18:27 - 2018-02-27 18:57 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\jxxft3uipci
2018-02-27 18:27 - 2018-02-27 18:57 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\cczdgib1ozg
2018-02-27 18:27 - 2018-02-27 18:57 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\2bycn3u2i2z
2018-02-27 18:27 - 2018-02-27 18:27 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\FastDataX
2018-02-27 18:26 - 2018-02-27 18:26 - 000000000 ____D C:\Program Files (x86)\Script
2018-02-27 18:25 - 2018-03-23 00:26 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Mozilla
2018-02-27 18:25 - 2018-02-27 19:08 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\DarkSoulsIII
2018-02-27 18:25 - 2018-02-27 18:55 - 000000000 ____D C:\WinSys
2018-02-27 18:25 - 2018-02-27 18:25 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Steam
2018-02-27 18:24 - 2018-02-27 18:24 - 001895382 _____ C:\Users\Sebastian\AppData\Local\Sailzamex.bin
2018-02-27 18:24 - 2018-02-27 18:24 - 000000000 ____D C:\Users\Sebastian\AppData\Local\AdvinstAnalytics
2018-02-27 18:23 - 2018-02-27 18:53 - 000000000 ___HD C:\Windows\rss
2018-02-27 18:23 - 2018-02-27 18:23 - 000140800 _____ C:\Users\Sebastian\AppData\Local\installer.dat
2018-02-27 17:03 - 2018-03-22 18:40 - 000000000 ____D C:\Users\Sebastian\Documents\My Games
2018-02-27 13:31 - 2018-02-27 13:31 - 000000000 ____D C:\Users\Sebastian\.cache
2018-02-27 13:30 - 2018-02-27 13:30 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Keepvid
2018-02-27 13:30 - 2018-02-27 13:30 - 000000000 ____D C:\ProgramData\Aimersoft
2018-02-27 13:29 - 2018-02-27 13:29 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Aimersoft
2018-02-27 13:29 - 2018-02-27 13:29 - 000000000 ____D C:\ProgramData\KeepVid
2018-02-27 13:28 - 2018-02-27 13:29 - 000000000 ____D C:\Users\Public\Documents\Keepvid
2018-02-26 21:12 - 2018-02-26 21:12 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Disc_Soft_Ltd
2018-02-26 21:12 - 2018-02-26 21:12 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2018-02-26 21:10 - 2018-02-26 21:10 - 000000000 ____D C:\Users\Public\Documents\Catch!
2018-02-26 21:06 - 2018-03-05 22:34 - 000773536 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-26 21:02 - 2018-02-26 21:02 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2018-02-26 21:01 - 2018-03-03 19:59 - 000001817 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2018-02-26 21:01 - 2018-02-26 21:12 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2018-02-26 21:01 - 2018-02-26 21:01 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2018-02-26 20:46 - 2018-03-24 01:13 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\BitComet
2018-02-26 20:46 - 2018-03-23 17:38 - 000002846 _____ C:\Windows\System32\Tasks\Launch BitComet
2018-02-26 20:46 - 2018-03-03 19:59 - 000000856 _____ C:\Users\Public\Desktop\BitComet.lnk
2018-02-26 20:46 - 2018-02-26 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
2018-02-26 20:46 - 2018-02-26 20:46 - 000000000 ____D C:\Program Files\BitComet
2018-02-26 20:38 - 2018-02-26 20:38 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Sniper3
2018-02-26 20:38 - 2018-02-26 20:38 - 000000000 ____D C:\ProgramData\Steam
2018-02-26 20:35 - 2010-06-02 05:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2018-02-26 20:35 - 2010-06-02 05:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2018-02-26 20:35 - 2010-06-02 05:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-02-26 20:35 - 2010-06-02 05:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-02-26 20:35 - 2010-06-02 05:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2018-02-26 20:35 - 2010-06-02 05:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-02-26 20:35 - 2010-05-26 12:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2018-02-26 20:35 - 2010-02-04 11:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-02-26 20:35 - 2009-09-04 18:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-02-26 20:35 - 2009-09-04 18:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-02-26 20:35 - 2009-03-16 15:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-02-26 20:35 - 2009-03-09 16:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-02-26 20:35 - 2008-10-27 11:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-02-26 20:35 - 2008-10-15 07:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-02-26 20:34 - 2008-10-27 11:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-02-26 20:34 - 2008-10-27 11:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-02-26 20:34 - 2008-07-31 11:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-02-26 20:34 - 2008-07-31 11:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-02-26 20:34 - 2008-07-31 11:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-02-26 20:34 - 2008-07-31 11:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-02-26 20:34 - 2008-07-31 11:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-02-26 20:34 - 2008-07-31 11:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-02-26 20:34 - 2008-07-10 12:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-02-26 20:34 - 2008-07-10 12:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-02-26 20:34 - 2008-07-10 12:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-02-26 20:34 - 2008-05-30 15:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-02-26 20:34 - 2008-05-30 15:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-02-26 20:34 - 2008-05-30 15:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-02-26 20:34 - 2008-05-30 15:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-02-26 20:34 - 2008-05-30 15:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-02-26 20:34 - 2008-05-30 15:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-02-26 20:34 - 2008-05-30 15:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-02-26 20:34 - 2008-05-30 15:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-02-26 20:34 - 2008-05-30 15:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-02-26 20:34 - 2008-03-05 17:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-02-26 20:34 - 2008-03-05 17:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-02-26 20:34 - 2008-03-05 17:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-02-26 20:34 - 2008-03-05 17:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-02-26 20:34 - 2008-03-05 17:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-02-26 20:34 - 2008-03-05 17:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-02-26 20:34 - 2008-03-05 16:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-02-26 20:34 - 2008-03-05 16:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-02-26 20:34 - 2008-03-05 16:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-02-26 20:34 - 2008-03-05 16:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-02-26 20:34 - 2008-02-06 00:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-02-26 20:34 - 2008-02-06 00:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-02-26 20:34 - 2007-10-22 04:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-02-26 20:34 - 2007-10-22 04:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-02-26 20:34 - 2007-10-22 04:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-02-26 20:34 - 2007-10-22 04:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-02-26 20:34 - 2007-10-12 16:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-02-26 20:34 - 2007-10-12 16:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-02-26 20:34 - 2007-10-12 16:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-02-26 20:34 - 2007-10-12 16:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-02-26 20:34 - 2007-10-02 10:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-02-26 20:34 - 2007-10-02 10:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-02-26 20:34 - 2007-07-20 01:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-02-26 20:34 - 2007-07-20 01:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-02-26 20:34 - 2007-07-19 19:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-02-26 20:34 - 2007-06-20 21:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-02-26 20:34 - 2007-06-20 21:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-02-26 20:34 - 2007-05-16 17:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-02-26 20:34 - 2007-05-16 17:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-02-26 20:34 - 2007-05-16 17:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-02-26 20:34 - 2007-05-16 17:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-02-26 20:33 - 2007-05-16 17:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-02-26 20:33 - 2007-05-16 17:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-02-26 20:33 - 2007-04-04 19:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-02-26 20:33 - 2007-04-04 19:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-02-26 20:33 - 2007-04-04 19:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2018-02-26 20:33 - 2007-04-04 19:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2018-02-26 20:33 - 2007-03-15 17:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-02-26 20:33 - 2007-03-15 17:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-02-26 20:33 - 2007-03-12 17:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-02-26 20:33 - 2007-03-12 17:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-02-26 20:33 - 2007-03-12 17:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-02-26 20:33 - 2007-03-12 17:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-02-26 20:33 - 2007-03-05 13:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-02-26 20:33 - 2007-03-05 13:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-02-26 20:33 - 2007-01-24 16:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-02-26 20:33 - 2007-01-24 16:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-02-26 20:33 - 2006-12-08 13:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-02-26 20:33 - 2006-12-08 13:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-02-26 20:33 - 2006-11-29 14:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-02-26 20:33 - 2006-11-29 14:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-02-26 20:33 - 2006-11-29 14:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-02-26 20:33 - 2006-11-29 14:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-02-26 20:33 - 2006-09-28 17:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-02-26 20:33 - 2006-09-28 17:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-02-26 20:33 - 2006-09-28 17:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-02-26 20:33 - 2006-09-28 17:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-02-26 20:33 - 2006-07-28 10:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-02-26 20:33 - 2006-07-28 10:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-02-26 20:33 - 2006-07-28 10:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-02-26 20:33 - 2006-07-28 10:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-02-26 20:33 - 2006-05-31 08:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-02-26 20:33 - 2006-05-31 08:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-02-26 20:33 - 2006-03-31 13:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-02-26 20:33 - 2006-03-31 13:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-02-26 20:33 - 2006-03-31 13:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-02-26 20:33 - 2006-03-31 13:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-02-26 20:33 - 2006-03-31 13:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-02-26 20:33 - 2006-03-31 13:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-02-26 20:33 - 2006-02-03 09:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-02-26 20:33 - 2006-02-03 09:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-02-26 20:33 - 2006-02-03 09:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-02-26 20:33 - 2006-02-03 09:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-02-26 20:33 - 2006-02-03 09:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-02-26 20:33 - 2006-02-03 09:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-02-26 20:33 - 2005-12-05 19:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-02-26 20:33 - 2005-12-05 19:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-02-26 20:33 - 2005-07-22 20:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-02-26 20:33 - 2005-07-22 20:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-02-26 20:33 - 2005-05-26 16:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-02-26 20:33 - 2005-05-26 16:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-02-26 20:33 - 2005-03-18 18:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-02-26 20:33 - 2005-03-18 18:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-02-26 20:33 - 2005-02-05 20:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-02-26 20:33 - 2005-02-05 20:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-02-26 20:06 - 2018-02-26 20:06 - 000001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rules of Survival.lnk
2018-02-26 20:06 - 2018-02-26 20:06 - 000001360 _____ C:\Users\Public\Desktop\Rules of Survival.lnk
2018-02-26 20:06 - 2018-02-26 20:06 - 000000016 _____ C:\ProgramData\mntemp
2018-02-26 20:06 - 2018-02-26 20:06 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Netease
2018-02-26 20:06 - 2018-02-26 20:06 - 000000000 ____D C:\Users\Sebastian\AppData\Local\NVIDIA
2018-02-26 20:04 - 2018-03-21 17:45 - 000000000 ____D C:\ros
2018-02-26 19:54 - 2018-02-26 19:56 - 000007605 _____ C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2018-02-26 19:29 - 2018-02-26 19:29 - 000000000 ____D C:\Users\Sebastian\AppData\Local\CEF
2018-02-26 19:28 - 2018-02-26 19:28 - 000000000 ____D C:\Users\Sebastian\AppData\Local\NVIDIA Corporation
2018-02-26 19:23 - 2018-02-26 19:23 - 001142072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-02-26 19:23 - 2018-02-26 19:23 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-02-26 19:23 - 2018-02-26 19:22 - 001001272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-02-26 19:22 - 2018-03-23 17:38 - 000003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2018-02-26 19:22 - 2018-03-23 17:38 - 000003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2018-02-26 19:22 - 2018-02-26 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2018-02-26 19:21 - 2018-03-22 18:14 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-26 19:21 - 2018-02-26 19:21 - 000000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2018-02-26 19:21 - 2018-02-26 19:21 - 000000000 ____D C:\Intel
2018-02-26 19:21 - 2014-09-10 09:14 - 000163480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 001070232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000660120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000222360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2018-02-26 19:21 - 2013-11-25 06:27 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2018-02-26 19:21 - 2013-11-25 06:27 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2018-02-26 19:21 - 2013-11-25 06:27 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2018-02-26 19:21 - 2011-01-12 12:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2018-02-26 19:21 - 2011-01-12 12:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2018-02-26 19:21 - 2011-01-12 12:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2018-02-26 19:21 - 2011-01-12 12:19 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2018-02-26 19:21 - 2011-01-12 11:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2018-02-26 19:21 - 2008-04-15 05:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2018-02-26 19:21 - 2007-02-01 09:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2018-02-26 19:21 - 2007-02-01 06:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2018-02-26 19:21 - 2007-01-30 09:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2018-02-26 19:21 - 2006-08-25 13:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2018-02-26 19:21 - 2006-08-25 13:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2018-02-26 19:21 - 2006-08-25 13:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2018-02-26 19:21 - 2006-08-25 12:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2018-02-26 19:21 - 2005-01-20 08:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2018-02-26 19:21 - 2002-01-04 18:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2018-02-26 19:21 - 1996-01-11 17:00 - 000935632 _____ (Microsoft Corporation) C:\Windows\system\Vb40016.dll
2018-02-26 19:21 - 1996-01-11 17:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2018-02-26 19:21 - 1994-11-17 14:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2018-02-26 19:21 - 1993-05-11 10:00 - 000398416 _____ (Microsoft Corporation) C:\Windows\system\Vbrun300.dll
2018-02-26 19:21 - 1992-10-20 15:00 - 000356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2018-02-26 19:21 - 1991-05-09 16:00 - 000271264 _____ C:\Windows\system\vbrun100.dll
2018-02-26 19:20 - 2018-03-24 10:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-26 19:20 - 2018-03-23 17:38 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 19:20 - 2018-03-23 17:38 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 19:20 - 2018-03-23 17:38 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 19:20 - 2018-03-23 17:38 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 19:20 - 2018-03-23 17:38 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-26 19:20 - 2018-02-26 19:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-26 19:20 - 2018-02-26 19:20 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-26 19:20 - 2018-01-23 17:19 - 000532976 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-02-26 19:20 - 2018-01-23 17:19 - 000438768 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-02-26 19:20 - 2018-01-23 16:11 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-02-26 19:20 - 2018-01-23 15:57 - 005950024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 001766288 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 000633328 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 000450352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 000122768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-02-26 19:20 - 2018-01-23 15:57 - 000082744 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-02-26 19:20 - 2018-01-21 22:46 - 007947791 _____ C:\Windows\system32\nvcoproc.bin
2018-02-26 19:20 - 2017-11-02 13:15 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-02-26 19:20 - 2017-11-02 13:15 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-02-26 19:20 - 2017-11-02 13:15 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-02-26 19:20 - 2017-11-02 13:14 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-02-26 19:19 - 2018-02-26 19:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-26 19:19 - 2018-02-26 19:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-26 19:19 - 2018-02-26 19:19 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-02-26 19:18 - 2009-11-25 12:47 - 001942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 001130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2018-02-26 19:18 - 2009-11-25 12:47 - 000297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2018-02-26 19:18 - 2009-11-25 12:47 - 000109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2018-02-26 19:18 - 2009-11-25 12:47 - 000048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2018-02-26 19:17 - 2018-02-26 19:17 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-26 19:17 - 2018-02-26 19:17 - 000000000 ____D C:\Program Files\Realtek
2018-02-26 19:16 - 2018-02-26 19:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2018-02-26 19:11 - 2018-03-22 16:05 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-26 19:11 - 2018-03-22 16:05 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-26 19:11 - 2018-02-26 19:11 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Google
2018-02-26 19:10 - 2018-03-23 17:38 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-26 19:10 - 2018-03-23 17:38 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-26 19:10 - 2018-02-26 20:28 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Google
2018-02-26 19:10 - 2018-02-26 19:10 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Deployment
2018-02-26 19:10 - 2018-02-26 19:10 - 000000000 ____D C:\Users\Sebastian\AppData\Local\Apps\2.0
2018-02-26 19:10 - 2018-02-26 19:10 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-26 19:08 - 2018-02-26 19:08 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2018-02-26 19:08 - 2018-02-26 19:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2018-02-26 19:08 - 2017-09-05 14:39 - 000430656 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2018-02-26 19:08 - 2013-07-24 17:08 - 000073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2018-02-26 19:08 - 2013-07-10 17:27 - 000089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2018-02-26 19:08 - 2012-07-25 21:55 - 000785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2018-02-26 19:08 - 2012-07-25 21:55 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2018-02-26 19:08 - 2012-07-25 19:36 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2018-02-26 19:08 - 2012-06-02 07:35 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2018-02-26 19:08 - 2012-01-06 04:02 - 000003114 _____ C:\Windows\system32\e1c62x64.din
2018-02-26 19:08 - 2009-05-26 00:05 - 000036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2018-02-26 19:07 - 2015-07-07 10:45 - 000178976 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2018-02-26 19:07 - 2012-08-17 01:57 - 001795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2018-02-26 19:05 - 2018-03-23 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-26 19:05 - 2018-02-26 21:01 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-02-26 19:03 - 2018-03-23 22:53 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\DAEMON Tools Lite
2018-02-26 19:03 - 2018-02-26 19:03 - 000871408 _____ C:\Windows\system32\Drivers\sptd.sys
2018-02-26 19:01 - 2018-02-26 19:01 - 000001413 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2018-02-26 19:00 - 2018-03-04 04:53 - 000000000 ____D C:\Users\Sebastian
2018-02-26 19:00 - 2018-02-27 18:59 - 000001423 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-02-26 19:00 - 2018-02-26 19:00 - 000000020 ___SH C:\Users\Sebastian\ntuser.ini
2018-02-26 19:00 - 2018-02-26 19:00 - 000000000 ____D C:\Users\Sebastian\AppData\Local\VirtualStore
2018-02-26 19:00 - 2009-07-14 00:45 - 000000000 ____D C:\Users\Sebastian\AppData\Roaming\Media Center Programs
2018-02-26 18:35 - 2018-02-26 18:35 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-02-26 18:34 - 2018-02-26 18:34 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-02-26 18:33 - 2018-02-26 18:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-02-26 18:31 - 2018-03-23 23:04 - 000000000 ____D C:\Windows\Panther
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-03-24 10:57 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-24 01:13 - 2009-07-13 21:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-24 01:13 - 2009-07-13 21:45 - 000009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-24 00:35 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-03-23 17:28 - 2009-07-13 22:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-22 21:15 - 2009-07-13 22:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-07 21:34 - 2009-07-13 20:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-03-03 03:12 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2018-02-26 19:21 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system
2018-02-26 19:20 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\Help
2018-02-26 18:34 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\sysprep
2018-02-26 18:32 - 2009-07-14 00:46 - 000000000 ____D C:\Windows\CSC
2018-02-26 18:31 - 2009-07-13 22:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
 
==================== Files in the root of some directories =======
 
2018-02-27 18:23 - 2018-02-27 18:23 - 000140800 _____ () C:\Users\Sebastian\AppData\Local\installer.dat
2018-02-26 19:54 - 2018-02-26 19:56 - 000007605 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2018-02-27 18:24 - 2018-02-27 18:24 - 001895382 _____ () C:\Users\Sebastian\AppData\Local\Sailzamex.bin
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\fmucovwd.sys -> Access Denied <======= ATTENTION
 
LastRegBack: 2018-03-11 12:34
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Sebastian (24-03-2018 11:11:40)
Running from C:\Users\Sebastian\Downloads
Windows 7 Ultimate (X64) (2018-02-27 01:59:57)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2769833704-2738755251-2132237712-500 - Administrator - Disabled)
Guest (S-1-5-21-2769833704-2738755251-2132237712-501 - Limited - Enabled)
Sebastian (S-1-5-21-2769833704-2738755251-2132237712-1000 - Administrator - Enabled) => C:\Users\Sebastian
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.0.3 - IObit)
Among the Sleep (HKLM-x32\...\Among the Sleep_is1) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
BitComet 1.48 (HKLM-x32\...\BitComet_x64) (Version: 1.48 - CometNetwork)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0340 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Europa Universalis IV Rule Britannia (HKLM-x32\...\Europa Universalis IV Rule Britannia_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hercules Webcam Deluxe (HKLM-x32\...\{E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}) (Version: 3.2.2.5 - Hercules)
How to Survive (HKLM-x32\...\How to Survive_is1) (Version:  - )
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA Graphics Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Power Rangers Super Legends (HKLM-x32\...\{EBA6AB82-DC5C-4120-AEB0-DF487D3C45AD}) (Version: 1.0 - Disney Interactive Studios)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5874 - Realtek Semiconductor Corp.)
Rules of Survival version 1.134042.136949 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.134042.136949 - Hong Kong Netease Interactive Entertainment Limited)
Spotify (HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
STAR WARS® - Empire At War™ Gold (HKLM-x32\...\1421404887_is1) (Version: 2.0.0.3 - GOG.com)
The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ)
Todoist (HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.6.0 - Doist Ltd.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-22] (AVAST Software)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-22] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-30] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-22] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-30] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-22] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3339FC31-FF0A-4DAF-B743-7731C084D2DA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-23] (NVIDIA Corporation)
Task: {336C650B-644A-4DDB-818E-E73933F788A1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {44AFEF8D-B8BC-40DD-AB55-E615097EFEA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {503C7C01-E932-4DC1-A4E4-83B586EEBCE5} - System32\Tasks\ASC10_SkipUac_Sebastian => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-11-11] (IObit)
Task: {53DEB5CB-480B-4B0F-8A1C-9DF9DD33F17E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-02-26] (AVAST Software)
Task: {74911256-0579-4A3E-91BC-C9C52176C046} - System32\Tasks\Launch BitComet => C:\Program Files\BitComet\BitComet.exe [2017-12-28] (www.BitComet.com)
Task: {8405593C-9D14-4E53-A81C-E59E5B4E99C5} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-11-10] (IObit)
Task: {9CCF59F1-089D-421E-9EBA-87CBD8330F74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {9E689EC3-0A52-4D65-AD09-894FD2001EF3} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe
Task: {B1728F23-0853-4388-9EE9-67B94C707196} - System32\Tasks\Uninstaller_SkipUac_Sebastian => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {B70D4207-167A-4CFF-AD92-9BAA39B31D63} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {C483AF61-9F06-49C9-956C-4003C3EFDE00} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-23] (NVIDIA Corporation)
Task: {D79259BF-5866-41C9-8FEC-DB1FF19B9813} - System32\Tasks\{D8E78E65-BA3E-4A3D-A128-AF3A8673D524} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\BearUnInstall.exe"
Task: {DA7776EE-1D44-4C5D-AE3A-B8EDBDB1E0B1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-23] (NVIDIA Corporation)
Task: {E3ADB066-F270-4351-9281-BDF172125C08} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-23] (NVIDIA Corporation)
Task: {E3C41F68-556F-4BF8-A91D-ACB258A22EB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {F040F32B-8ED7-4E5C-97C2-AA9EA8A267C9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-22] (AVAST Software)
Task: {FC302DFB-3DB4-4C66-9705-CB11588D65FC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-23] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-02-26 19:20 - 2018-01-23 17:19 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-03-24 00:35 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-22 16:05 - 2018-03-19 23:00 - 004435288 _____ () C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\65.0.3325.181\libglesv2.dll
2018-03-22 16:05 - 2018-03-19 23:00 - 000099672 _____ () C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\65.0.3325.181\libegl.dll
2018-03-22 18:16 - 2018-03-22 18:16 - 000721624 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000912088 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000341720 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-23 19:38 - 2018-03-23 19:38 - 005803152 _____ () C:\Program Files\AVAST Software\Avast\defs\18032304\algo.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-03-22 18:16 - 2018-03-22 18:16 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000964824 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000475352 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 000339672 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-03-23 23:00 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2018-03-23 23:00 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2018-03-23 23:00 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2018-03-23 23:00 - 2016-11-01 10:11 - 000078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
2018-03-23 23:00 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2018-03-23 23:00 - 2016-09-26 13:59 - 000631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2018-03-22 18:17 - 2018-03-22 18:17 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-22 18:16 - 2018-03-22 18:16 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-03-23 23:00 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-03-23 23:00 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-03-23 23:00 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-03-23 23:00 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-03-23 23:00 - 2016-09-26 13:59 - 000631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [138]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2018-03-23 23:01 - 000001868 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
127.0.0.1       www.asc55.iobit.com 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 
127.0.0.1       is360.iobit.com 
127.0.0.1       asc.iobit.com 
127.0.0.1       pf.iobit.com 
127.0.0.1       98.129.229.186 
127.0.0.1       www.iana.org 
127.0.0.1       iana.org 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 
127.0.0.1       is360.iobit.com 
127.0.0.1       asc.iobit.com 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2769833704-2738755251-2132237712-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Spotify => C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{AA1B74DF-12AA-4AF8-A678-6368806F8505}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe
FirewallRules: [UDP Query User{2A79233A-49F4-4F1C-90C7-CA9B5129BDF7}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe
FirewallRules: [TCP Query User{51E9FA67-E261-4C7B-B0DD-0FFC065679C6}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe
FirewallRules: [UDP Query User{7FAAA95B-9AFF-429F-BBCD-CA2CA91F60E2}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe
FirewallRules: [{953062CC-C03E-4925-B151-B7B9DEA8C334}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{1DEC5A17-2A72-4E91-B49F-978211024F36}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{E369D574-F0C5-45E4-9263-471223FA655E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{5BC481A8-B59B-4E7D-93A8-28FF9097DCD4}] => (Allow) LPort=10922
FirewallRules: [{9F065887-7178-4213-A8B1-0BD2974A656D}] => (Allow) LPort=10922
FirewallRules: [TCP Query User{0D832C10-BD9C-456A-8E9A-CAB94CD9F33A}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2C604A73-D8E1-41C5-A25A-05DA39A81FD0}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A573FC9D-8726-48DC-99E9-062E31872036}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{A6E9E508-3936-48A8-9C7D-B5434E24895F}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{FCF613A1-05E0-4842-AFCC-102AA3E90EA0}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{82E429F9-4A50-4DE9-A7FE-8810D894FCB7}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe
FirewallRules: [{2E3423DD-F7ED-4A74-B0A9-5694EE6F2BA5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D036A944-1F47-4F8E-BE04-F123B94E0924}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{496409E8-1FF1-4A6E-84D2-83E764EDAC09}] => (Allow) E:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{9894FA75-F336-4137-8B2A-422C9245DD5C}] => (Allow) E:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{BD25A19D-BB52-4C67-9681-D1449E5673AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{74FDA599-A61E-43E4-A7BD-0CC72FE82B1F}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{A2015E01-98B0-4433-9304-93027AD57A3D}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: AM1Y7XOM IDE Controller
Description: AM1Y7XOM IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a36q9zhc
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/24/2018 12:36:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\Sebastian\Downloads\Autoruns\autorunsc.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error: (03/24/2018 12:36:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\Sebastian\Downloads\Autoruns\Autoruns.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error: (03/23/2018 11:11:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
Error: (03/23/2018 11:11:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
Error: (03/23/2018 11:11:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
Error: (03/23/2018 11:11:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
Error: (03/23/2018 11:11:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
Error: (03/23/2018 11:11:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The specified procedure could not be found.
.
 
 
System errors:
=============
Error: (03/24/2018 11:04:52 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (03/24/2018 11:00:52 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (03/24/2018 10:59:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Spyware Terminator 2015 Realtime Shield Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/24/2018 10:58:52 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (03/24/2018 10:58:05 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (03/24/2018 10:57:52 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (03/24/2018 12:38:45 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (03/24/2018 12:06:45 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
 
CodeIntegrity:
===================================
 
Date: 2018-03-17 15:03:23.953
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk64.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-17 15:03:23.953
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk64.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-17 15:03:23.906
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk32.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-17 15:03:23.891
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk32.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-11 16:56:27.427
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk64.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-11 16:56:27.411
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk64.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-11 16:56:27.364
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk32.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-11 16:56:27.333
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Cheat Engine 6.7\dbk32.sys because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 44%
Total physical RAM: 6102.35 MB
Available physical RAM: 3410.24 MB
Total Virtual: 12202.84 MB
Available Virtual: 9164.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.43 GB) (Free:25.58 GB) NTFS
Drive e: (Games) (Fixed) (Total:111.79 GB) (Free:51.21 GB) NTFS
 
\\?\Volume{00a50b5b-1b5e-11e8-88b5-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 9ED00D79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 78737873)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=42)
 
==================== End of Addition.txt ============================


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:24 PM

Posted 24 March 2018 - 12:42 PM

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located)
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Fix button
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
  • Copy and paste its content in your next reply

Attached Files


animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:24 PM

Posted 28 March 2018 - 07:07 AM

Hi sebastiankiro,

Are you still with me?

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:24 PM

Posted 30 March 2018 - 12:27 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users