Many Thanks for your reply I already have a copy of ADWCleaner on my desk Top , In the past its found " Task Man file " , " mystart.incredibar.com/mb118 and uk.ask.com " in the past I have deleted these files but they seem to return . If its to large I can send it in files .
Many Thanks for all your time and help .
# AdwCleaner v6.041 - Logfile created 04/01/2017 at 09:49:06
# Updated on 16/12/2016 by Malwarebytes
# Database : 2017-01-03.1 [Local]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\adwcleaner_6.041.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mystart.incredibar.com/mb118
[-] [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2094 Bytes] - [21/12/2016 10:22:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [1213 Bytes] - [21/12/2016 14:33:04]
C:\AdwCleaner\AdwCleaner[C3].txt - [1754 Bytes] - [28/12/2016 10:39:45]
C:\AdwCleaner\AdwCleaner[C4].txt - [1973 Bytes] - [28/12/2016 22:51:09]
C:\AdwCleaner\AdwCleaner[C5].txt - [2192 Bytes] - [31/12/2016 10:22:26]
C:\AdwCleaner\AdwCleaner[C6].txt - [2287 Bytes] - [01/01/2017 19:24:58]
C:\AdwCleaner\AdwCleaner[C7].txt - [2755 Bytes] - [03/01/2017 11:57:39]
C:\AdwCleaner\AdwCleaner[C8].txt - [3272 Bytes] - [03/01/2017 23:44:23]
C:\AdwCleaner\AdwCleaner[C9].txt - [1602 Bytes] - [04/01/2017 09:49:06]
C:\AdwCleaner\AdwCleaner[S0].txt - [2102 Bytes] - [21/12/2016 10:22:32]
C:\AdwCleaner\AdwCleaner[S10].txt - [2259 Bytes] - [31/12/2016 11:53:03]
C:\AdwCleaner\AdwCleaner[S11].txt - [2406 Bytes] - [01/01/2017 19:24:17]
C:\AdwCleaner\AdwCleaner[S12].txt - [2553 Bytes] - [03/01/2017 11:11:59]
C:\AdwCleaner\AdwCleaner[S13].txt - [2806 Bytes] - [03/01/2017 11:40:32]
C:\AdwCleaner\AdwCleaner[S14].txt - [2701 Bytes] - [03/01/2017 12:10:11]
C:\AdwCleaner\AdwCleaner[S15].txt - [2775 Bytes] - [03/01/2017 12:31:21]
C:\AdwCleaner\AdwCleaner[S16].txt - [2849 Bytes] - [03/01/2017 12:45:28]
C:\AdwCleaner\AdwCleaner[S17].txt - [2923 Bytes] - [03/01/2017 13:10:23]
C:\AdwCleaner\AdwCleaner[S18].txt - [2997 Bytes] - [03/01/2017 14:33:36]
C:\AdwCleaner\AdwCleaner[S19].txt - [3323 Bytes] - [03/01/2017 23:43:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [1308 Bytes] - [21/12/2016 14:06:07]
C:\AdwCleaner\AdwCleaner[S20].txt - [3219 Bytes] - [04/01/2017 00:12:13]
C:\AdwCleaner\AdwCleaner[S21].txt - [3292 Bytes] - [04/01/2017 07:08:35]
C:\AdwCleaner\AdwCleaner[S22].txt - [3366 Bytes] - [04/01/2017 07:55:31]
C:\AdwCleaner\AdwCleaner[S23].txt - [3440 Bytes] - [04/01/2017 09:26:24]
C:\AdwCleaner\AdwCleaner[S24].txt - [3508 Bytes] - [04/01/2017 09:38:54]
C:\AdwCleaner\AdwCleaner[S25].txt - [3588 Bytes] - [04/01/2017 09:41:17]
C:\AdwCleaner\AdwCleaner[S26].txt - [3842 Bytes] - [04/01/2017 09:48:19]
C:\AdwCleaner\AdwCleaner[S2].txt - [1381 Bytes] - [21/12/2016 14:31:52]
C:\AdwCleaner\AdwCleaner[S3].txt - [1527 Bytes] - [22/12/2016 21:35:34]
C:\AdwCleaner\AdwCleaner[S4].txt - [1781 Bytes] - [24/12/2016 11:47:57]
C:\AdwCleaner\AdwCleaner[S5].txt - [1853 Bytes] - [28/12/2016 10:39:26]
C:\AdwCleaner\AdwCleaner[S6].txt - [1820 Bytes] - [28/12/2016 11:08:04]
C:\AdwCleaner\AdwCleaner[S7].txt - [2072 Bytes] - [28/12/2016 22:50:57]
C:\AdwCleaner\AdwCleaner[S8].txt - [2039 Bytes] - [30/12/2016 10:43:49]
C:\AdwCleaner\AdwCleaner[S9].txt - [2291 Bytes] - [31/12/2016 10:22:08]
########## EOF - C:\AdwCleaner\AdwCleaner[C9].txt - [3663 Bytes] ##########
Junkware-Removal-Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Owner (Administrator) on 04/01/2017 at 10:15:19.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/01/2017 at 10:17:01.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Owner (administrator) on OWNER-PC (04-01-2017 10:29:09)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Max Secure Software) C:\Program Files\Max Registry Cleaner\RCVistaService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
(SparkLabs) C:\Program Files\WiTopia\WiTopiaService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-04-10] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011312 2013-04-08] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-30] (Alienware)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RCAutoLiveUpdate] => C:\Program Files\Max Registry Cleaner\MaxLURC.exe [1819176 2014-12-24] (Max Secure Software)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [243216 2008-12-18] (Logitech, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-24] (Intel Corporation)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [4434224 2013-08-21] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-28] (ArcSoft Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2016-04-05] (Seagate Technology LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{742E9E9D-C325-4860-8B9E-37AF8EE072A7}: [DhcpNameServer] 10.118.0.1
Tcpip\..\Interfaces\{A9883C7F-E971-4335-BC1A-A1D52F0A5D58}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000 -> {3F03010E-69A6-4E9E-9B2F-7E94FF5B51BE} URL = hxxps://th.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-09] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\TomTom\HOME\Profiles\bq1l63w1.default [2016-03-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [2016-02-17] [not signed]
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 [2017-01-04]
FF NewTab: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> Avast Search
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> Avast Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> Avast Search
FF Homepage: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> hxxps://www.google.co.uk/
FF Keyword.URL: Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6i4yverv.default-1469598597873\Extensions\[email protected] [2017-01-01]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-15] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-12] (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-11-28] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-02-01] ()
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2017-01-04]
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-23]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-23]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-23]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-23]
CHR Extension: (Foxit PDF Creator) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2016-12-23]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-23]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-23]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23]
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-31]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-06-23]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-06-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2016-12-27] (ESET)
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [172784 2016-07-23] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-08] (Qualcomm Atheros) [File not signed]
R2 RCVistaSvc; C:\Program Files\Max Registry Cleaner\RCVistaService.exe [2306088 2014-12-24] (Max Secure Software)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-04-05] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-04-05] (Seagate Technology LLC)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe [145984 2012-01-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WiTopiaService; C:\Program Files\WiTopia\WiTopiaService.exe [106696 2016-10-07] (SparkLabs)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2008-04-24] (ArcSoft, Inc.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-10-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1545704 2016-04-27] (Motorola Solutions, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-12-27] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-12-27] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153216 2016-12-27] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208520 2016-12-27] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61568 2016-12-27] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84616 2016-12-27] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-10] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [355080 2016-07-31] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R1 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2017-01-03] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-04] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-04] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-01-04] (Malwarebytes)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3426576 2016-05-03] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 RsProxy; C:\Windows\system32\drivers\RsProxy.sys [15976 2015-03-19] ()
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-04-08] (Synaptics Incorporated)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [87776 2013-04-11] (STMicroelectronics)
S3 visctap0901; C:\Windows\System32\DRIVERS\visctap0901.sys [50416 2016-08-11] (The OpenVPN Project)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
U0 aswVmm; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-04 10:14 - 2017-01-04 10:17 - 00000554 _____ C:\Users\Owner\Desktop\JRT.txt
2017-01-04 10:11 - 2017-01-04 10:11 - 01663040 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
2017-01-04 10:09 - 2017-01-04 10:09 - 00000000 ____D C:\Users\Owner\Desktop\New folder
2017-01-04 09:35 - 2017-01-04 09:36 - 03977168 _____ C:\Users\Owner\Desktop\AdwCleaner.exe
2017-01-03 12:33 - 2017-01-03 12:33 - 00224968 _____ (ESET) C:\Users\Owner\Desktop\ESETPoweliksCleaner(1).exe
2017-01-03 12:32 - 2017-01-03 12:32 - 00224968 _____ (ESET) C:\Users\Owner\Downloads\ESETPoweliksCleaner.exe
2017-01-03 12:00 - 2017-01-04 10:29 - 00024096 _____ C:\Users\Owner\Desktop\FRST.txt
2017-01-03 12:00 - 2017-01-03 12:15 - 00040044 _____ C:\Users\Owner\Desktop\Addition.txt
2017-01-03 11:59 - 2017-01-04 10:29 - 00000000 ____D C:\FRST
2017-01-03 11:54 - 2017-01-03 11:54 - 02418176 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2017-01-03 11:31 - 2017-01-04 09:53 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-03 11:31 - 2017-01-04 09:52 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-03 11:31 - 2017-01-04 09:52 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-03 11:31 - 2017-01-03 11:31 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-03 11:26 - 2017-01-04 09:52 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-03 11:25 - 2017-01-03 11:25 - 00001828 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-03 11:25 - 2017-01-03 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-03 11:25 - 2017-01-03 11:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-03 11:25 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-03 11:16 - 2017-01-03 11:17 - 54199488 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-consumer-3.0.5.1299.exe
2017-01-02 15:36 - 2017-01-02 15:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-02 15:01 - 2017-01-02 15:01 - 00000000 ____D C:\NPE
2017-01-02 15:00 - 2016-12-31 10:39 - 00000118 _____ C:\Windows\ntbtlog.txt
2017-01-02 14:59 - 2017-01-02 15:12 - 00000000 ____D C:\Users\Owner\AppData\Local\NPE
2017-01-02 14:59 - 2017-01-02 14:59 - 00000000 ____D C:\ProgramData\Norton
2017-01-01 09:23 - 2017-01-01 09:23 - 00001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2017-01-01 09:23 - 2017-01-01 09:23 - 00001140 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2017-01-01 09:23 - 2017-01-01 09:23 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2017-01-01 09:22 - 2017-01-01 09:22 - 02840616 _____ C:\Users\Owner\Downloads\SecurityTaskManager_Setup.exe
2016-12-31 12:06 - 2017-01-04 09:49 - 03212857 ____H C:\Users\Owner\AppData\Local\IconCache.db
2016-12-31 11:21 - 2016-12-31 11:21 - 00003704 _____ C:\Windows\System32\Tasks\Owner
2016-12-31 10:48 - 2017-01-04 10:09 - 00355014 _____ C:\Windows\WindowsUpdate.log
2016-12-31 10:46 - 2016-12-31 10:46 - 00069456 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-31 10:40 - 2017-01-04 09:52 - 00001546 _____ C:\Windows\setupact.log
2016-12-31 10:40 - 2016-12-31 10:40 - 00000000 _____ C:\Windows\setuperr.log
2016-12-31 10:39 - 2017-01-03 23:45 - 00002650 _____ C:\Windows\PFRO.log
2016-12-31 10:39 - 2016-12-31 10:40 - 00317368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-31 10:17 - 2016-12-31 10:17 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-31 10:17 - 2016-12-12 01:23 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-31 10:17 - 2016-09-10 01:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-31 10:17 - 2016-09-10 01:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-31 10:17 - 2016-09-10 01:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-31 10:17 - 2016-09-10 01:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-31 10:16 - 2016-12-12 09:37 - 00041334 _____ C:\Windows\system32\nvinfo.pb
2016-12-31 08:05 - 2016-12-31 08:05 - 00108702 _____ C:\Users\Owner\Desktop\Desk Top Icons.JPG
2016-12-30 23:15 - 2017-01-03 16:05 - 00000000 ____D C:\Users\Owner\Desktop\Max Registry Cleaner
2016-12-30 12:21 - 2016-12-30 12:21 - 00003120 _____ C:\Windows\System32\Tasks\{A2C39715-CC36-4DBA-B963-4961EFD84C41}
2016-12-30 09:41 - 2016-12-30 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-12-30 09:40 - 2016-12-30 09:41 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2016-12-30 09:40 - 2016-12-30 09:40 - 00000000 ____D C:\Program Files\Logitech
2016-12-28 18:22 - 2016-12-28 18:22 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ESET
2016-12-28 18:20 - 2017-01-04 10:18 - 00524288 ___SH C:\Windows\system32\config\components{2418c57f-ccef-11e6-ab8f-a0a8cde36c96}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 18:20 - 2017-01-04 10:18 - 00065536 ___SH C:\Windows\system32\config\components{2418c57f-ccef-11e6-ab8f-a0a8cde36c96}.TM.blf
2016-12-28 18:20 - 2016-12-28 18:30 - 00524288 ___SH C:\Windows\system32\config\components{2418c57f-ccef-11e6-ab8f-a0a8cde36c96}.TMContainer00000000000000000002.regtrans-ms
2016-12-27 17:32 - 2016-12-27 17:32 - 00153216 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2016-12-27 17:29 - 2016-12-27 17:29 - 00000000 ____D C:\Users\Owner\AppData\Local\ESET
2016-12-27 17:28 - 2016-12-27 17:28 - 00001988 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2016-12-27 17:28 - 2016-12-27 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-12-27 17:28 - 2016-12-27 17:28 - 00000000 ____D C:\ProgramData\ESET
2016-12-27 17:28 - 2016-12-27 17:28 - 00000000 ____D C:\Program Files\ESET
2016-12-27 16:57 - 2016-12-31 06:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-27 16:57 - 2016-12-27 16:57 - 00001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-12-27 16:57 - 2016-12-27 16:57 - 00001036 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2016-12-27 14:46 - 2016-12-27 14:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-12-27 07:50 - 2016-12-31 11:20 - 00003492 _____ C:\Windows\System32\Tasks\Owner DBAgent 2 0
2016-12-26 13:31 - 2016-12-28 11:01 - 00001064 _____ C:\Users\Public\Desktop\Max Registry Cleaner.lnk
2016-12-26 13:31 - 2016-12-26 13:31 - 00000000 ____D C:\Windows\MaxSecureBackup
2016-12-26 13:31 - 2016-12-26 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner
2016-12-24 16:42 - 2016-12-24 21:58 - 00003836 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-24 21:58 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-24 21:58 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-24 21:58 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-24 21:58 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-24 21:58 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-24 16:42 - 2016-12-12 01:47 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-24 09:10 - 2016-12-24 09:11 - 00000000 ____D C:\Users\Owner\AppData\Local\AvastSupport
2016-12-24 06:18 - 2016-12-24 06:18 - 00000000 ____D C:\Users\Owner\AppData\Roaming\NVIDIA
2016-12-23 11:22 - 2017-01-03 16:10 - 00016024 _____ C:\Users\Owner\Desktop\hijackthis 03.01.2017.log
2016-12-23 11:16 - 2016-12-23 11:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Desktop\HijackThis.exe
2016-12-23 05:58 - 2016-12-23 05:58 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-23 05:58 - 2016-12-23 05:58 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-21 19:52 - 2016-12-21 23:32 - 00000000 ____D C:\Users\Owner\Desktop\forth Router
2016-12-21 13:57 - 2016-07-20 02:19 - 00715424 _____ (Sysinternals - www.sysinternals.com) C:\Users\Owner\Desktop\Autoruns.exe
2016-12-21 13:57 - 2006-06-26 04:05 - 00442368 _____ (Steven R. Gould) C:\Users\Owner\Desktop\Cleanup.exe
2016-12-21 13:45 - 2016-12-19 15:19 - 03977168 _____ C:\Users\Owner\Desktop\adwcleaner_6.041.exe
2016-12-21 10:35 - 2016-12-21 13:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-21 10:35 - 2016-12-21 10:35 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2016-12-21 10:35 - 2016-12-21 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-21 10:18 - 2017-01-04 09:49 - 00000000 ____D C:\AdwCleaner
2016-12-21 09:53 - 2016-12-27 16:57 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TeamViewer
2016-12-21 08:56 - 2016-12-28 11:57 - 00524288 ___SH C:\Windows\system32\config\components{3ff5b424-c720-11e6-b8cc-d823ae52fd8d}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 08:56 - 2016-12-28 11:57 - 00065536 ___SH C:\Windows\system32\config\components{3ff5b424-c720-11e6-b8cc-d823ae52fd8d}.TM.blf
2016-12-21 08:56 - 2016-12-21 08:56 - 00524288 ___SH C:\Windows\system32\config\components{3ff5b424-c720-11e6-b8cc-d823ae52fd8d}.TMContainer00000000000000000002.regtrans-ms
2016-12-20 01:38 - 2017-01-04 09:52 - 4218486784 ___SH C:\pagefile.sys
2016-12-19 19:37 - 2016-12-19 19:37 - 00000000 ____D C:\Program Files (x86)\Windows Installer Clean Up
2016-12-19 19:36 - 2016-12-19 19:36 - 00003114 _____ C:\Windows\System32\Tasks\{62D5BDD0-602B-4C6C-AAB8-469CB87A0460}
2016-12-19 19:36 - 2016-12-19 19:36 - 00000000 ____D C:\Program Files (x86)\MSECACHE
2016-12-19 07:18 - 2016-12-12 09:37 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 28138432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 14073400 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-19 07:18 - 2016-12-12 09:37 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 10345696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 09151216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 08753832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 03640376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 03206080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437633.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437633.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 01036224 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00975416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00944184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00896056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-19 07:18 - 2016-12-12 09:37 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-19 06:27 - 2016-12-24 21:58 - 00001417 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-19 06:27 - 2016-12-12 21:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-18 07:56 - 2016-12-18 09:01 - 00524288 ___SH C:\Users\Owner\ntuser.dat{1f2ac3cd-c4bc-11e6-bced-ab41cb59da8c}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 07:56 - 2016-12-18 09:01 - 00524288 ___SH C:\Users\Owner\ntuser.dat{1f2ac3cd-c4bc-11e6-bced-ab41cb59da8c}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 07:56 - 2016-12-18 09:01 - 00065536 ___SH C:\Users\Owner\ntuser.dat{1f2ac3cd-c4bc-11e6-bced-ab41cb59da8c}.TM.blf
2016-12-17 17:47 - 2017-01-04 09:52 - 00003320 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-17 17:47 - 2017-01-04 09:51 - 00003320 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-17 17:47 - 2016-12-17 17:47 - 00000000 ____D C:\Users\Owner\AppData\Local\Chromium
2016-12-17 17:46 - 2016-12-13 06:30 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-17 17:46 - 2016-12-13 06:30 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-17 17:46 - 2016-12-13 06:30 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-15 07:04 - 2016-12-15 07:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_XtuAcpiDriver_01011.Wdf
2016-12-15 07:03 - 2016-11-22 01:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-15 07:03 - 2016-11-22 01:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-15 07:03 - 2016-11-22 01:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-15 07:03 - 2016-11-22 01:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-15 07:03 - 2016-11-20 23:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-15 07:03 - 2016-11-20 23:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-15 07:03 - 2016-11-20 23:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-15 07:03 - 2016-11-20 23:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-15 07:03 - 2016-11-20 23:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-15 07:03 - 2016-11-20 23:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-15 07:03 - 2016-11-20 23:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-15 07:03 - 2016-11-20 22:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-15 07:03 - 2016-11-20 22:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-15 07:03 - 2016-11-20 22:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-15 07:03 - 2016-11-20 22:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-15 07:03 - 2016-11-20 22:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-15 07:03 - 2016-11-20 22:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-15 07:03 - 2016-11-20 21:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-15 07:03 - 2016-11-17 23:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-15 07:03 - 2016-11-15 06:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-15 07:03 - 2016-11-15 05:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-15 07:03 - 2016-11-13 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-15 07:03 - 2016-11-13 02:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-15 07:03 - 2016-11-13 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-15 07:03 - 2016-11-13 02:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-15 07:03 - 2016-11-13 02:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-15 07:03 - 2016-11-13 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-15 07:03 - 2016-11-13 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-15 07:03 - 2016-11-13 02:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-15 07:03 - 2016-11-13 02:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-15 07:03 - 2016-11-13 02:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-15 07:03 - 2016-11-13 02:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-15 07:03 - 2016-11-13 02:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-15 07:03 - 2016-11-13 02:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-15 07:03 - 2016-11-13 02:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-15 07:03 - 2016-11-13 02:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-15 07:03 - 2016-11-13 02:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-15 07:03 - 2016-11-13 01:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-15 07:03 - 2016-11-13 01:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-15 07:03 - 2016-11-13 01:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-15 07:03 - 2016-11-13 01:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-15 07:03 - 2016-11-13 01:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 07:03 - 2016-11-13 01:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-15 07:03 - 2016-11-13 01:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-15 07:03 - 2016-11-13 01:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-15 07:03 - 2016-11-13 01:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-15 07:03 - 2016-11-13 01:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-15 07:03 - 2016-11-13 01:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-15 07:03 - 2016-11-13 01:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-15 07:03 - 2016-11-13 01:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-15 07:03 - 2016-11-13 01:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-15 07:03 - 2016-11-13 01:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-15 07:03 - 2016-11-13 01:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-15 07:03 - 2016-11-13 01:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-15 07:03 - 2016-11-13 01:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-15 07:03 - 2016-11-13 01:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-15 07:03 - 2016-11-13 01:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-15 07:03 - 2016-11-13 01:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-15 07:03 - 2016-11-13 01:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-15 07:03 - 2016-11-13 01:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-15 07:03 - 2016-11-13 01:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-15 07:03 - 2016-11-13 01:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-15 07:03 - 2016-11-13 01:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-15 07:03 - 2016-11-13 01:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-15 07:03 - 2016-11-13 01:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-15 07:03 - 2016-11-13 01:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-15 07:03 - 2016-11-13 00:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 07:03 - 2016-11-13 00:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-15 07:03 - 2016-11-13 00:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-15 07:03 - 2016-11-13 00:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-15 07:03 - 2016-11-13 00:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-15 07:03 - 2016-11-13 00:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-15 07:03 - 2016-11-13 00:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-15 07:03 - 2016-11-13 00:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-15 07:03 - 2016-11-13 00:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-15 07:03 - 2016-11-13 00:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-15 07:03 - 2016-11-13 00:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-15 07:03 - 2016-11-13 00:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-15 07:03 - 2016-11-13 00:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-15 07:03 - 2016-11-13 00:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-15 07:03 - 2016-11-13 00:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-15 07:03 - 2016-11-13 00:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-15 07:03 - 2016-11-13 00:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-15 07:03 - 2016-11-13 00:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-15 07:03 - 2016-11-13 00:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-15 07:03 - 2016-11-10 23:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-15 07:03 - 2016-11-10 23:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-15 07:03 - 2016-11-09 23:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-15 07:03 - 2016-11-09 23:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-15 07:03 - 2016-11-09 23:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-15 07:03 - 2016-11-09 23:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-15 07:03 - 2016-11-09 23:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-15 07:03 - 2016-11-09 23:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-15 07:03 - 2016-11-09 23:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-15 07:03 - 2016-11-09 23:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-15 07:03 - 2016-11-09 23:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-15 07:03 - 2016-11-09 23:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-15 07:03 - 2016-11-09 23:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-15 07:03 - 2016-11-09 23:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-15 07:03 - 2016-11-09 23:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-15 07:03 - 2016-11-09 22:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-15 07:03 - 2016-11-06 23:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-15 07:03 - 2016-11-06 23:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-15 07:03 - 2016-11-06 23:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-15 07:03 - 2016-10-27 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-15 07:03 - 2016-10-27 22:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 20:10 - 2016-12-15 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 10:10 - 2016-12-14 10:10 - 00010054 _____ C:\Windows\SysWOW64\test.bmp
2016-12-14 06:43 - 2016-12-14 06:48 - 00524288 ___SH C:\Users\Owner\ntuser.dat{beb5abc2-c185-11e6-b5ff-e4d146d3197f}.TMContainer00000000000000000002.regtrans-ms
2016-12-14 06:43 - 2016-12-14 06:48 - 00524288 ___SH C:\Users\Owner\ntuser.dat{beb5abc2-c185-11e6-b5ff-e4d146d3197f}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 06:43 - 2016-12-14 06:48 - 00065536 ___SH C:\Users\Owner\ntuser.dat{beb5abc2-c185-11e6-b5ff-e4d146d3197f}.TM.blf
2016-12-13 10:12 - 2016-12-14 06:43 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-12-12 15:18 - 2016-12-12 09:37 - 17376896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-12 15:18 - 2016-12-12 09:37 - 14410472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-12 15:18 - 2016-12-03 03:42 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-12-12 15:18 - 2016-12-03 03:42 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-12-12 15:18 - 2016-12-02 02:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-12 15:18 - 2016-12-02 02:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-12 15:18 - 2016-12-02 02:52 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-12-12 15:18 - 2016-12-02 02:52 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-12-12 14:55 - 2016-12-21 08:44 - 00524288 ___SH C:\Windows\system32\config\components{e0733e4a-c036-11e6-b068-d4b2c5db6a7a}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 14:55 - 2016-12-21 08:44 - 00065536 ___SH C:\Windows\system32\config\components{e0733e4a-c036-11e6-b068-d4b2c5db6a7a}.TM.blf
2016-12-12 14:55 - 2016-12-12 14:56 - 00524288 ___SH C:\Windows\system32\config\components{e0733e4a-c036-11e6-b068-d4b2c5db6a7a}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 12:46 - 2016-12-12 13:46 - 00524288 ___SH C:\Users\Owner\ntuser.dat{b14be9c5-c02c-11e6-a112-a0a8cde36c96}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 12:46 - 2016-12-12 13:46 - 00524288 ___SH C:\Users\Owner\ntuser.dat{b14be9c5-c02c-11e6-a112-a0a8cde36c96}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 12:46 - 2016-12-12 13:46 - 00065536 ___SH C:\Users\Owner\ntuser.dat{b14be9c5-c02c-11e6-a112-a0a8cde36c96}.TM.blf
2016-12-12 12:35 - 2016-12-12 12:44 - 00524288 ___SH C:\Users\Owner\ntuser.dat{9d057f09-c027-11e6-9c74-87b9a3541b26}.TMContainer00000000000000000002.regtrans-ms
2016-12-12 12:35 - 2016-12-12 12:44 - 00524288 ___SH C:\Users\Owner\ntuser.dat{9d057f09-c027-11e6-9c74-87b9a3541b26}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 12:35 - 2016-12-12 12:44 - 00065536 ___SH C:\Users\Owner\ntuser.dat{9d057f09-c027-11e6-9c74-87b9a3541b26}.TM.blf
2016-12-10 23:48 - 2016-12-10 23:48 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-12-10 22:10 - 2016-12-12 11:19 - 00524288 ___SH C:\Windows\system32\config\components{4f6dfd67-beea-11e6-8b9a-8f0855889368}.TMContainer00000000000000000001.regtrans-ms
2016-12-10 22:10 - 2016-12-12 11:19 - 00065536 ___SH C:\Windows\system32\config\components{4f6dfd67-beea-11e6-8b9a-8f0855889368}.TM.blf
2016-12-10 22:10 - 2016-12-10 22:20 - 00524288 ___SH C:\Windows\system32\config\components{4f6dfd67-beea-11e6-8b9a-8f0855889368}.TMContainer00000000000000000002.regtrans-ms
2016-12-10 21:56 - 2016-12-10 21:56 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-04 10:27 - 2015-02-20 23:21 - 00000000 ____D C:\Users\Owner\Desktop\Winword
2017-01-04 10:25 - 2016-11-19 07:53 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
2017-01-04 10:15 - 2015-02-12 19:42 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-04 10:00 - 2009-07-14 11:45 - 00026928 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-04 10:00 - 2009-07-14 11:45 - 00026928 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-04 09:52 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-04 09:44 - 2015-02-20 18:12 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2017-01-04 07:46 - 2015-02-20 17:58 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{049A4847-1101-44F8-B703-1DAD425BE0FA}
2017-01-04 07:06 - 2016-07-04 18:26 - 00000000 ____D C:\ProgramData\Foxit Software
2017-01-02 15:36 - 2015-04-12 00:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-02 11:29 - 2015-03-19 21:56 - 00000000 ____D C:\Users\Owner\Desktop\ROV
2017-01-02 05:42 - 2016-03-10 16:45 - 00000000 ____D C:\Users\Owner\Desktop\2016 - 2017 O2 Phone Bill
2017-01-02 05:33 - 2009-07-14 12:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-01 18:14 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\inf
2016-12-31 17:27 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\LogFiles
2016-12-31 10:58 - 2015-04-02 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-31 10:56 - 2015-08-12 21:44 - 00004235 _____ C:\Users\Owner\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-12-31 10:56 - 2015-08-12 21:44 - 00004081 _____ C:\Users\Owner\AppData\Roaming\Rim.Desktop.Exception.log
2016-12-31 10:54 - 2016-04-11 09:00 - 00000000 ____D C:\Users\Owner\Desktop\Bike Lift
2016-12-31 10:48 - 2015-02-10 16:41 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-31 10:44 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\System32
2016-12-31 10:43 - 2009-07-14 11:45 - 00012288 _____ C:\Windows\system32\umstartup.etl
2016-12-31 10:18 - 2015-08-22 07:24 - 00000000 ____D C:\temp
2016-12-31 10:18 - 2015-02-12 19:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-31 10:18 - 2015-02-12 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-31 10:17 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-31 10:17 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-31 10:16 - 2015-02-19 17:08 - 00000442 ___SH C:\Users\Owner\Desktop\desktop.ini
2016-12-31 10:16 - 2009-07-14 11:54 - 00000174 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-31 10:16 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-31 10:04 - 2009-07-14 11:45 - 00021504 _____ C:\Windows\system32\umstartup000.etl
2016-12-31 08:56 - 2015-03-19 05:06 - 00000000 ___RD C:\Users\Owner\Desktop\Downloads
2016-12-31 08:32 - 2015-03-20 16:53 - 00000000 ____D C:\Users\Owner\Desktop\mis
2016-12-30 12:29 - 2016-06-27 01:09 - 00000000 ____D C:\Windows\pss
2016-12-30 12:29 - 2015-02-19 17:08 - 00000000 ___RD C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-30 12:29 - 2009-07-14 10:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-30 09:42 - 2015-11-11 11:52 - 00000000 __SHD C:\Config.Msi
2016-12-30 09:42 - 2015-02-10 16:43 - 00000000 __SHD C:\Windows\Installer
2016-12-30 09:41 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\winsxs
2016-12-30 09:40 - 2015-11-13 12:14 - 00000000 ____D C:\ProgramData\Logitech
2016-12-30 09:40 - 2015-02-10 16:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-30 09:40 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Common Files
2016-12-30 09:34 - 2015-11-13 12:11 - 00000000 ____D C:\ProgramData\Logishrd
2016-12-29 22:43 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-29 07:02 - 2009-07-14 12:13 - 00784286 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-29 07:02 - 2009-07-14 09:36 - 00668134 _____ C:\Windows\system32\perfh009.dat
2016-12-29 07:02 - 2009-07-14 09:36 - 00127276 _____ C:\Windows\system32\perfc009.dat
2016-12-28 18:49 - 2015-11-13 12:14 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-12-28 18:22 - 2015-02-19 17:08 - 00000000 ____D C:\Users\Owner\AppData\Roaming
2016-12-28 18:12 - 2015-11-13 10:27 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Logishrd
2016-12-28 10:55 - 2015-02-19 17:08 - 00000000 ___RD C:\Users\Owner\Pictures
2016-12-28 10:11 - 2009-07-14 12:32 - 00000000 ____D C:\Windows\SysWOW64\LogFiles
2016-12-27 17:32 - 2016-06-23 14:31 - 00262792 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-12-27 17:32 - 2016-06-23 14:31 - 00208520 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2016-12-27 17:32 - 2016-06-23 14:31 - 00197248 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-12-27 17:32 - 2016-06-23 14:31 - 00084616 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2016-12-27 17:32 - 2016-06-23 14:31 - 00061568 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2016-12-27 17:29 - 2009-07-14 11:45 - 00000000 ___SD C:\Windows\system32\Microsoft
2016-12-27 17:23 - 2015-02-28 03:46 - 00000966 _____ C:\Users\Owner\Documents\2FBA5EFE-0000002F.eml
2016-12-27 17:13 - 2015-02-20 17:48 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-27 16:57 - 2009-07-14 10:20 - 00000000 __RSD C:\Windows\Fonts
2016-12-26 13:31 - 2016-11-07 08:42 - 00000000 ____D C:\Program Files\Max Registry Cleaner
2016-12-24 21:58 - 2015-02-12 19:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-24 21:58 - 2015-02-12 19:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-24 13:37 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-23 05:58 - 2015-02-12 19:34 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-22 09:38 - 2016-08-16 06:48 - 00011866 _____ C:\Windows\SysWOW64\swhealthex.log
2016-12-21 14:03 - 2016-06-24 13:03 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2016-12-21 14:03 - 2015-12-03 22:17 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-12-21 14:03 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\Tasks
2016-12-21 13:29 - 2015-02-20 18:12 - 00000000 ____D C:\ProgramData\Skype
2016-12-21 10:22 - 2015-02-19 17:08 - 00000000 ___RD C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-19 07:18 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\catroot
2016-12-19 06:27 - 2015-02-19 17:08 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA Corporation
2016-12-19 06:27 - 2015-02-10 16:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-18 09:39 - 2015-03-19 23:04 - 00000000 ____D C:\Users\Owner\AppData\Local\Diagnostics
2016-12-18 07:56 - 2015-02-19 17:08 - 00000000 ____D C:\Users\Owner\AppData\Local\NVIDIA
2016-12-18 07:55 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\wfp
2016-12-18 07:55 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\wbem
2016-12-18 07:55 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\config\TxR
2016-12-18 07:54 - 2015-02-10 16:57 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2016-12-18 07:54 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\config\systemprofile
2016-12-18 07:54 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\security
2016-12-18 07:54 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\registration
2016-12-18 07:54 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\Help
2016-12-17 17:10 - 2015-04-02 22:22 - 00000801 _____ C:\Users\Owner\Desktop\CCleaner.lnk
2016-12-17 11:43 - 2016-06-26 00:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-12-15 23:08 - 2015-02-20 04:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 13:42 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\rescache
2016-12-15 07:57 - 2015-02-28 05:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-15 07:57 - 2015-02-28 05:46 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-15 07:57 - 2015-02-28 05:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-15 07:57 - 2015-02-28 05:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-15 07:42 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-15 07:41 - 2009-07-14 10:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 07:22 - 2009-07-14 11:45 - 00000000 ____D C:\Windows\debug
2016-12-15 07:09 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 07:09 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 07:09 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 07:09 - 2009-07-14 10:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 07:08 - 2015-02-20 21:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 07:08 - 2015-02-19 17:35 - 00000000 ____D C:\Windows\system32\MRT
2016-12-15 07:07 - 2015-02-19 17:35 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-15 07:05 - 2015-02-10 16:46 - 00768596 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-15 07:02 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\Logs
2016-12-14 06:43 - 2016-06-27 07:41 - 00000000 ____D C:\ProgramData\Innovative Solutions
2016-12-14 06:43 - 2015-03-19 04:32 - 00000000 ____D C:\Program Files (x86)\HP Button Manager
2016-12-13 06:30 - 2016-10-07 19:25 - 01853376 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-12-13 06:30 - 2016-10-07 19:25 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-12-13 06:30 - 2016-10-07 19:25 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-12-13 06:30 - 2016-10-07 19:25 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-12-13 06:30 - 2016-10-07 19:25 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-12-12 12:45 - 2016-06-24 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-12-12 12:45 - 2016-06-24 13:03 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-12-12 12:45 - 2015-03-19 03:57 - 00000000 ____D C:\Users\Owner\AppData\Roaming\ArcSoft
2016-12-12 12:45 - 2015-02-21 01:06 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Google
2016-12-12 12:45 - 2015-02-20 21:21 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Eusing
2016-12-12 12:45 - 2015-02-10 16:43 - 00000000 ____D C:\ProgramData\Intel
2016-12-12 12:45 - 2015-02-10 16:43 - 00000000 ____D C:\Program Files\Intel
2016-12-12 12:45 - 2015-02-10 16:43 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-12 12:45 - 2009-07-14 10:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-12 09:37 - 2015-08-22 07:23 - 17436808 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-12 09:37 - 2015-03-31 19:15 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-12 09:37 - 2015-02-12 19:41 - 19947472 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-12 09:37 - 2015-02-12 19:41 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-12 01:47 - 2016-09-22 23:03 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-12 01:47 - 2016-09-22 23:03 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-12 01:47 - 2015-02-12 19:42 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-12 01:47 - 2015-02-12 19:42 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-12 01:47 - 2015-02-12 19:42 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-12 01:47 - 2015-02-12 19:42 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-12 01:47 - 2015-02-12 19:42 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-10 21:54 - 2016-09-23 07:39 - 00524288 ___SH C:\Windows\system32\config\components{bd139d52-8125-11e6-8974-a0a8cde36c9a}.TMContainer00000000000000000002.regtrans-ms
2016-12-10 21:54 - 2016-09-23 07:39 - 00065536 ___SH C:\Windows\system32\config\components{bd139d52-8125-11e6-8974-a0a8cde36c9a}.TM.blf
2016-12-09 15:52 - 2015-02-12 19:42 - 07639617 _____ C:\Windows\system32\nvcoproc.bin
2016-12-05 13:58 - 2016-02-01 10:31 - 00000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2015-08-12 21:44 - 2016-12-31 10:56 - 0004081 _____ () C:\Users\Owner\AppData\Roaming\Rim.Desktop.Exception.log
2015-08-12 21:43 - 2015-08-12 21:43 - 0001153 _____ () C:\Users\Owner\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-08-12 21:44 - 2016-12-31 10:56 - 0004235 _____ () C:\Users\Owner\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-06-11 07:41 - 2016-06-26 23:20 - 0007606 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
2015-06-25 11:34 - 2015-06-25 11:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-10 16:49 - 2015-02-10 16:49 - 0000000 ___HC () C:\ProgramData\DP45977C.lfl
2016-12-17 17:47 - 2017-01-04 09:52 - 0003320 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 17:47 - 2017-01-04 09:51 - 0003320 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Some files in TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\libeay32.dll
C:\Users\Owner\AppData\Local\Temp\msvcr120.dll
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-24 13:37
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Owner (04-01-2017 10:29:28)
Running from C:\Users\Owner\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-02-19 10:08:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3090456578-2289362299-1625809071-500 - Administrator - Disabled)
Guest (S-1-5-21-3090456578-2289362299-1625809071-501 - Limited - Disabled)
Owner (S-1-5-21-3090456578-2289362299-1625809071-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{5DBA5090-EAB9-4E1C-8F92-C71A1423F14C}) (Version: 3.6.4.0 - Alienware Corp.)
Alienware Command Center (Version: 3.6.4.0 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.10C - )
Alienware On-Screen Display (x32 Version: 0.33.0.10C - ) Hidden
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
BBC iPlayer Downloads (HKLM-x32\...\{148784F3-3B6E-4DFA-B7A1-3400B277DAF3}) (Version: 1.14.2 - BBC)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Device Software v7.1.0 for the BlackBerry 9900 smartphone (HKLM-x32\...\{5E68751C-4CB6-485F-B2AB-3210FADC019F}) (Version: 7.1.0.1033 (Platform 5.1.0.692) - Research In Motion Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell System Detect - 1 (HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell System Detect (HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESET Smart Security (HKLM\...\{C20E6525-879A-47C3-BBC4-6B8096D3F53D}) (Version: 9.0.386.0 - ESET, spol. s r.o.)
Foxit PhantomPDF Standard (HKLM-x32\...\{EA576878-3D17-11E6-B85F-000C2992F709}) (Version: 8.0.1.628 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Button Manager (HKLM-x32\...\{465D6ACC-CAB9-40CD-ADAC-A91B071FA30E}) (Version: 3.5.00 - Hewlett-Packard)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Webcam Software Suite (HKLM-x32\...\{D10FE2E3-B2DE-4B0E-ACBD-F87A566B9649}) (Version: 1.1.1.13889 - Hewlett-Packard)
Intel® Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 19.0.1629.3590) (HKLM\...\{302600C1-6BDF-4FD1-1603-148929CC1385}) (Version: 19.0.1603.0650 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bc883058-299e-461f-8e52-4f1dbb355f86}) (Version: 19.0.1 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 4.72.40 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.72 - Logitech)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Max Registry Cleaner (HKLM\...\{8D815D9B-4DD9-437E-BFE2-E7374D3E7025}_is1) (Version: 6.0.0.065 - MaxSecure Software)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-GB)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Nemo PDF To Word (HKLM-x32\...\{6CA8C09B-FA99-49FE-9664-1CE823FAD510}_is1) (Version: - )
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{1A258050-DBDF-48E6-B9B1-E404FF5903F7}) (Version: 1.0.23.1036 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28134 - Realtek Semiconductor Corp.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.1902.0 - Seagate)
Security Task Manager 2.1h (HKLM-x32\...\Security Task Manager) (Version: 2.1h - Neuber Software)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0040 - ST Microelectronics)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
VuRoom (HKLM-x32\...\Edison) (Version: - )
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WiTopia (HKLM\...\{9F59FA4D-E431-45FA-889F-EC68D998C7D2}_is1) (Version: 2.3.10.243 - WiTopia)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1912DF20-8B66-416B-8086-76CD8EB5412F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {343A192B-B2A1-47E6-9F33-7DBAA273D505} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {592B51E9-5995-472F-A68F-C9BE997620FC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {5C3A7076-5954-43D0-BB8B-C31E6387E322} - System32\Tasks\{62D5BDD0-602B-4C6C-AAB8-469CB87A0460} => pcalua.exe -a C:\Users\Owner\Desktop\msicuu2.exe -d C:\Users\Owner\Desktop
Task: {69EDFDEA-3100-400F-A125-A06D8B9D374E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {A53B5451-2821-4714-BF3A-493727BD872F} - System32\Tasks\Owner => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-04-05] (Seagate Technology LLC)
Task: {B9DCE284-A6C9-44D7-A5CF-375A9893A187} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {C09A8DD0-C5EA-485B-A027-1B4DFA19A8A3} - System32\Tasks\Owner DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2016-04-05] (Seagate Technology LLC)
Task: {C620F59E-C26B-47E0-AA2E-0F0B99218B5D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {CA3AD195-DF4D-4625-BAFA-D31E0899C45C} - System32\Tasks\{A2C39715-CC36-4DBA-B963-4961EFD84C41} => pcalua.exe -a C:\Users\Owner\Desktop\HijackThis.exe -d C:\Users\Owner\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-04-07 23:38 - 2012-12-06 19:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-03 11:25 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-03 11:25 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-03 11:25 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-10-07 19:25 - 2016-12-13 06:30 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-07 19:25 - 2016-12-13 06:30 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-06-24 13:03 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-06-24 13:03 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-06-24 13:03 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-10-07 19:25 - 2016-12-13 06:30 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-07 19:25 - 2016-12-13 06:30 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-07 19:25 - 2016-12-13 06:30 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 ____C () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [109]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7871 more sites.
IE trusted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123simsen.com -> www.123simsen.com
There are 7871 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 09:34 - 2016-08-21 10:25 - 00450954 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15470 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk => C:\Windows\pss\HP Button Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 5520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 5520 series.lnk.Startup
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: EvtMgr6 =>
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: RCAutoLiveUpdate => C:\Program Files\Max Registry Cleaner\MaxLURC.exe -AUTO
MSCONFIG\startupreg: RCSystemTray => C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A6E61A36-FA86-4890-B2AA-CAE382FE656A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD0C55D2-8338-4583-8B63-4EDFBF732150}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9B1B944D-9DB1-420E-BA11-5A07E7B05EB7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{45BEBF8C-1A39-4C69-AF57-E0E20108F4C6}] => LPort=2869
FirewallRules: [{E8EC789D-D8C4-480E-940F-B18A100EAE20}] => LPort=1900
FirewallRules: [{6A81004E-DE23-4FF4-A004-1D481661BFD6}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{073D0EE9-FC55-456C-9AD1-D2B6C2C8542A}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{1950CD7B-5DE8-436A-9AA3-BB537FB4DCBA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AB1A9DF9-53AF-406C-953F-09DEC1829156}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{429AF49D-E621-4768-B7A4-0201CFD6924A}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{337964D4-EAE7-489C-8342-BB4E8A90184F}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{905EEBC8-5226-4AA3-A1A3-3D1F12719587}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{259BF059-7259-47B7-95EB-25BC16E59DB8}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{0191D10C-CAA8-4192-872E-D2CC7063B7B7}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{A766E8A5-0A07-42BE-BCF6-EFBDF7265106}] => LPort=4481
FirewallRules: [{90855935-7ED8-47F1-A404-AF71BE684132}] => LPort=4481
FirewallRules: [{49F4EE23-2727-408F-A8D3-467C70A4A29B}] => LPort=4482
FirewallRules: [{06C0F06E-B972-4E9D-A2F9-7ED75FBCEDD8}] => LPort=4482
FirewallRules: [{EC44A7DD-22CB-4904-A371-9391E6B87C24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{019731B2-4FB2-4E43-B087-56E4CE8DB225}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4829ECFA-9670-4549-BFF3-CDA801EE625A}] => LPort=8888
FirewallRules: [{87BF5A19-0909-4738-B061-CCAF92BA6E86}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{169834CD-AEBC-4179-8395-E6AB8CB6B95A}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{01FC2988-6DC4-48E5-854D-0F55AE0A3687}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{687BF526-21D4-4A0B-B4C2-DB64783C94F9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14BBC720-D73D-45A6-8694-AECF6022151B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7EC8112C-70A2-462F-91E7-8F6E9EBF9B85}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F3E78FF9-113C-4F4E-BA07-48BA01F990DE}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3FF07573-5F93-4871-BE22-03BD44DDDCBC}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C6DF765F-9258-4736-803E-CE16D99BE296}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8F315FF8-4DFF-4257-BEF0-3D19466F1827}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{904F5007-41A9-4C35-9B5B-92744DC62E25}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9E586F9C-21B4-4BF0-B6F4-30778CA6418A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Restore Points =========================
31-12-2016 20:03:37 Scheduled Checkpoint
02-01-2017 15:03:28 Norton_Power_Eraser_20170102150325338
04-01-2017 10:12:56 JRT Pre-Junkware Removal
04-01-2017 10:15:19 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: Viscosity Virtual Adapter V9.1
Description: Viscosity Virtual Adapter V9.1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SparkLabs Pty Ltd
Service: visctap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (01/04/2017 10:29:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:29:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:26:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:25:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:22:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:22:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:19:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:19:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:15:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
Error: (01/04/2017 10:15:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service WILLAMETTE service terminated with the following error:
%%268439557
CodeIntegrity:
===================================
Date: 2017-01-04 09:52:04.746
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 09:52:04.730
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 09:51:05.245
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 09:51:05.229
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 09:50:04.682
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 09:50:04.650
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 07:06:09.758
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 07:06:09.738
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-03 23:45:18.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-03 23:45:18.314
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i7-4910MQ CPU @ 2.90GHz
Percentage of memory in use: 12%
Total physical RAM: 32695.06 MB
Available physical RAM: 28604.82 MB
Total Virtual: 65388.31 MB
Available Virtual: 61087.4 MB
==================== Drives ================================
Drive c: © (Fixed) (Total:232.79 GB) (Free:61.48 GB) NTFS
Drive e: (DATA1) (Fixed) (Total:931.51 GB) (Free:751 GB) NTFS
Drive f: (DATA2) (Fixed) (Total:74.4 GB) (Free:38.17 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BACA22BC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A5B70F2B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 74.5 GB) (Disk ID: 66F95844)
Partition: GPT.
==================== End of Addition.txt ===========================
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/01/2017 10:53:57
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/01/2017 03:53:22
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:53:12
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:49:58
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:49:48
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:46:34
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:46:24
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:43:10
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:43:00
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:39:46
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:39:36
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:36:22
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:36:12
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:32:58
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:32:48
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:29:34
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:29:24
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:26:07
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:25:57
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:22:43
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
Log: 'System' Date/Time: 04/01/2017 03:22:33
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The event description cannot be found.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/01/2017 02:52:04
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\btmaux failed to load for the device BTHENUM\{f0b2dd71-fb14-4e30-a62d-931874bf282f}_LOCALMFG&0000\8&a49ecb&0&000000000000_00000000.
Log: 'System' Date/Time: 04/01/2017 02:51:05
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\btmaux failed to load for the device BTHENUM\{f0b2dd71-fb14-4e30-a62d-931874bf282f}_LOCALMFG&0000\8&a49ecb&0&000000000000_00000000.
Log: 'System' Date/Time: 04/01/2017 02:50:04
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\btmaux failed to load for the device BTHENUM\{f0b2dd71-fb14-4e30-a62d-931874bf282f}_LOCALMFG&0000\8&a49ecb&0&000000000000_00000000.
Log: 'System' Date/Time: 04/01/2017 02:11:32
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name ps1.pubnub.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 04/01/2017 00:49:42
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name config.connectedpdf.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 04/01/2017 00:46:00
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name config.connectedpdf.com timed out after none of the configured DNS servers responded.
Log: 'System' Date/Time: 04/01/2017 00:07:28
Type: Warning Category: 0
Event: 2 Source: HidBth
Bluetooth HID device (7c:1e:52:6f:db:8b) either went out of range or became unresponsive.
Log: 'System' Date/Time: 04/01/2017 00:06:09
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\btmaux failed to load for the device BTHENUM\{f0b2dd71-fb14-4e30-a62d-931874bf282f}_LOCALMFG&0000\8&a49ecb&0&000000000000_00000000.
Log: 'System' Date/Time: 03/01/2017 17:16:42
Type: Warning Category: 0
Event: 2 Source: HidBth
Bluetooth HID device (00:1f:20:14:41:a5) either went out of range or became unresponsive.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 6 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 7 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 5 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 4 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:47:58
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 39 seconds since the last report.
Log: 'System' Date/Time: 03/01/2017 16:45:18
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\btmaux failed to load for the device BTHENUM\{f0b2dd71-fb14-4e30-a62d-931874bf282f}_LOCALMFG&0000\8&a49ecb&0&000000000000_00000000.
Log: 'System' Date/Time: 03/01/2017 07:00:44
Type: Warning Category: 0
Event: 2 Source: HidBth
Bluetooth HID device (00:1f:20:14:41:a5) either went out of range or became unresponsive.
Log: 'System' Date/Time: 03/01/2017 06:13:06
Type: Warning Category: 0
Event: 2 Source: HidBth
Bluetooth HID device (7c:1e:52:6f:db:8b) either went out of range or became unresponsive.