My computer tabs out every 7-11th second

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.


Accept the default whitelist options,
If the additions.txt options box is not checked please select it.
Then select “Scan”



Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please Copy and Paste the contents of these logs in your next post for review by our Security Team

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by FIXIIE (administrator) on FIXIIE-PC (03-02-2017 02:29:50)
Running from D:\Downloads
Loaded Profiles: FIXIIE (Available Profiles: FIXIIE)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Hi-Rez Studios) D:\Program Files\Smite\HiPatchService.exe
(Side Effects Software Inc.) C:\Windows\System32\hserver.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\W326U Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) X:\Program Files\Steam\Steam.exe
(Valve Corporation) X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Valve Corporation) X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) X:\Program Files\Steam\GameOverlayUI.exe
(Valve Corporation) X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WellWeWeb) D:\Program Files\CheVolume\CheVolume.exe
() D:\Program Files\CheVolume\CheVolumeHelper_x86.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM...\Run: [ShadowPlay] => “C:\Windows\system32\rundll32.exe” C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
HKLM-x32...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [Akamai NetSession Interface] => “C:\Users\FIXIIE\AppData\Local\Akamai\netsession_w in.exe”
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [Steam] => X:\Program Files\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Policies\Explorer:
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: F - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {0424c103-0ca6-11e6-adc0-14dda977ff22} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {0bbf0c51-c8df-11e5-94c1-d43d7e93e91f} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {1b1edbeb-e9ad-11e6-bf85-14dda977ff22} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {4fe8f14f-89ff-11e5-8c65-b6c19a8f7e37} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {63a160a1-dee7-11e5-93dd-d43d7e93e91f} - H:\SETUP.EXE
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {64945568-bb2e-11e5-829e-d43d7e93e91f} - H:\MAXON-Start.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {74f4039c-a63e-11e5-bbc0-e71a59b7bd35} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {b405b0e3-b3c1-11e5-a119-d43d7e93e91f} - H:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {f77f826c-ed55-11e5-853d-14dda977ff22} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Control Panel\Desktop\SCRNSAVE.EXE → C:\Windows\system32\FAHScreensaver.scr
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] → {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Folding@home.lnk [2016-10-27]
ShortcutTarget: Folding@home.lnk → D:\Program Files\FAHClient\HideConsole.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.67.199.30 8.8.8.8
Tcpip..\Interfaces{3BB419ED-B9DB-4E96-89B8-E440B7AC39E5}: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{7816BBD9-6A68-4A91-8281-02D290E56F4E}: [DhcpNameServer] 195.67.199.30 8.8.8.8
Tcpip..\Interfaces{7FC0E632-6C4C-42E1-A5AE-4C83E8BAD706}: [DhcpNameServer] 195.67.199.30 8.8.8.8
[HEADING=1]Internet Explorer:[/HEADING]
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-20] (Oracle Corporation)
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-20] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-05-21] (Oracle Corporation)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper → {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} → D:\Program Files\Microsoft Visual 2015\Common7\IDE\PrivateAssemblies\Microsoft.Visua lStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-05-21] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297 [2017-01-02]
FF Extension: (uBlock) - C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297\Extensions{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2016-12-23]
FF Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-23]
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_ 213.dll [2016-05-09] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 → C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1. dll [2016-05-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 → C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_ 213.dll [2016-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 → C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-05-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 → C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-05-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect32.dll [2015-08-06] (Adobe Systems)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Default [2016-04-10]
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-02-03]
CHR Extension: (Google Translate) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-04-10]
CHR Extension: (Reverse Youtube Playlist) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ajhonbaagcobjdmbocblbebcmbmmbfmi [2017-01-11]
CHR Extension: (BetterTTV) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-18]
CHR Extension: (Google Drive) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (YouTube) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-10]
CHR Extension: (Slinky Elegant) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2016-10-10]
CHR Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-09]
CHR Extension: (uBlock Origin) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-19]
CHR Extension: (Streamkeys) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ekpipjofdicppbepocohdlgenahaneen [2017-01-10]
CHR Extension: (TweetDeck by Twitter) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-04-10]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-12-17]
CHR Extension: (Momentum) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-01-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\System Profile [2016-04-17]
[HEADING=1]Opera:[/HEADING]
OPR Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-26]
StartMenuInternet: (HKLM) OperaStable - D:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [814256 2016-05-03] (FileZilla Project)
R2 HiPatchService; D:\Program Files\Smite\HiPatchService.exe [9728 2016-08-30] (Hi-Rez Studios) [File not signed]
R2 HoudiniServer; C:\Windows\system32\hserver.exe [7731712 2015-10-10] (Side Effects Software Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 mi-raysat_3dsmax2013_64; D:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [File not signed]
S3 mi-raysat_3dsmax2016_64; D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.e xe [86016 2011-09-15] () [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3519984 2016-01-27] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [464440 2017-01-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
R2 RaAutoInstSrv_RT2870; C:\Program Files (x86)\Tenda\W326U Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe [110592 2009-10-01] (Ralink Technology, Corp.) [File not signed]
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 VSStandardCollectorService140; D:\Program Files\Microsoft Visual 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.S ervice.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; “C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe”

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-16] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [4085256 2017-01-15] ()
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [41816 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [45928 2017-01-13] (SteelSeries ApS)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys
S3 MBAMSwissArmy; ??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
S3 TEAM; system32\DRIVERS\RtTeam60.sys
S3 VGPU; System32\drivers\rdvgkmd.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-03 02:29 - 2017-02-03 02:29 - 00000000 ____D C:\FRST
2017-02-03 01:47 - 2017-02-03 01:47 - 390361163 ____N C:\Windows\MEMORY.DMP
2017-02-03 01:47 - 2017-02-03 01:47 - 00295016 _____ C:\Windows\Minidump\020317-25381-01.dmp
2017-02-03 01:47 - 2017-02-03 01:47 - 00000000 ____D C:\Windows\Minidump
2017-02-03 00:59 - 2017-02-03 02:17 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-02-02 23:14 - 2017-02-02 23:14 - 00000025 _____ C:\Users\FIXIIE\Desktop\tabdownprob.txt
2017-02-02 23:09 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-01-26 23:32 - 2017-01-26 23:32 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2017-01-24 19:37 - 2017-01-24 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-01-24 17:58 - 2017-01-24 17:58 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-24 17:58 - 2017-01-20 15:07 - 00134080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-01-24 17:58 - 2016-12-16 01:33 - 00273696 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-24 17:58 - 2016-12-16 01:33 - 00266528 _____ C:\Windows\system32\vulkan-1.dll
2017-01-24 17:58 - 2016-12-16 01:33 - 00111392 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-24 17:58 - 2016-12-16 01:32 - 00125728 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-24 17:56 - 2017-01-24 00:04 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-01-24 17:56 - 2017-01-24 00:04 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 34934720 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 28209720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 19092912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 19008392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 16403200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 14677456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 14286392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-01-24 17:56 - 2017-01-20 17:36 - 11123424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 11019192 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 09308896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 08990584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 03623992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 03185720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437849.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437849.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01051072 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00990264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00960568 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00909760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00609216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00412720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00173272 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00156792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00150760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00135840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-01-24 17:56 - 2017-01-20 17:36 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-01-24 14:15 - 2017-01-24 14:15 - 00000000 ____D C:\Users\FIXIIE\Documents\4A Games
2017-01-24 14:06 - 2017-01-24 14:06 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\4A Games
2017-01-23 17:57 - 2017-01-23 18:33 - 00000487 _____ C:\Users\FIXIIE\Desktop\Emulator Dator.txt
2017-01-23 16:13 - 2017-01-23 16:13 - 00000000 ____D C:\ProgramData\IntelDLM
2017-01-23 16:11 - 2017-01-23 16:15 - 00003212 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Users\FIXIIE\Downloads\Intel Components
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\ProgramData\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-01-23 16:11 - 2016-10-18 17:14 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2017-01-23 15:38 - 2017-01-06 02:10 - 00158264 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-01-23 15:38 - 2017-01-06 02:10 - 00126008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-01-23 15:38 - 2017-01-06 02:10 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-01-23 15:34 - 2017-01-23 15:44 - 00000000 ____D C:\Users\FIXIIE\Documents\Monitor-Driver
2017-01-23 15:34 - 2017-01-23 15:34 - 00000000 ____D C:\Intel
2017-01-15 15:34 - 2017-01-15 15:34 - 04085256 _____ C:\Windows\system32\Drivers\FACEIT.sys
2017-01-15 15:34 - 2017-01-15 15:34 - 00000727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT Client.lnk
2017-01-13 13:09 - 2017-01-13 13:09 - 00000000 ____D C:\Users\FIXIIE\Documents\PS3 x64
2017-01-13 06:24 - 2017-01-13 06:24 - 00000000 ____D C:\Nexon
2017-01-13 06:23 - 2017-01-13 06:23 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\NexonLauncher
2017-01-13 06:23 - 2017-01-13 06:23 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\NexonLauncher
2017-01-13 06:12 - 2017-01-13 06:12 - 00000000 ____D C:\ProgramData\X360CE
2017-01-11 19:23 - 2017-01-11 19:43 - 00000000 ____D C:\Users\FIXIIE\Documents\Adobe
2017-01-11 14:41 - 2017-01-11 14:41 - 00000000 ____D C:\Users\FIXIIE\Documents\PCSX2
2017-01-11 02:38 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 02:38 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 02:38 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 02:38 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 02:38 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 02:38 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 02:38 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 02:38 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-10 17:28 - 2017-01-10 17:28 - 00000000 ____D C:\Windows\USB Vibration
2017-01-10 17:28 - 2017-01-10 17:28 - 00000000 ____D C:\Program Files (x86)\USB Vibration
2017-01-10 17:28 - 2009-12-21 22:29 - 00000000 ____D C:\Users\FIXIIE\Documents\playstation adapter Drivers
2017-01-10 17:28 - 2007-12-12 14:04 - 00034963 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid7906.sys
2017-01-10 17:28 - 2007-12-03 08:46 - 00037024 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid8101.sys
2017-01-10 17:28 - 2007-11-28 10:52 - 00034587 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid8103.sys
2017-01-10 06:33 - 2017-01-10 06:33 - 00000000 ____D C:\Windows\USB_Vibration
2017-01-10 06:33 - 2017-01-10 06:33 - 00000000 ____D C:\Program Files (x86)\USB_Vibration
2017-01-09 17:40 - 2017-01-09 17:40 - 00040489 _____ C:\Users\FIXIIE\Documents\Charakterreferenz.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-03 02:25 - 2015-11-08 06:00 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\Skype
2017-02-03 02:17 - 2015-12-15 12:05 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Adobe
2017-02-03 02:13 - 2009-07-14 06:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-03 02:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-03 02:11 - 2015-11-08 05:04 - 00000000 ____D C:\ProgramData\MFAData
2017-02-03 02:07 - 2016-10-27 11:13 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\FAHClient
2017-02-03 02:07 - 2016-02-17 13:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-03 02:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 01:51 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-03 01:51 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-03 00:15 - 2016-04-12 07:51 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Battle.net
2017-02-02 23:51 - 2016-01-30 17:17 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\OBS
2017-02-02 23:49 - 2015-11-08 05:34 - 00000000 _D C:\Users\FIXIIE\AppData\Roaming\vlc
2017-02-02 23:27 - 2015-12-19 12:08 - 00000000 D C:\Windows\pss
2017-02-02 23:15 - 2015-11-21 10:16 - 00000390 _____ C:\Windows\Tasks\update-sys.job
2017-02-02 23:10 - 2016-12-15 19:50 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003742 _____ C:\Windows\System32\Tasks\NvNodeLauncher{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2016-12-04 02:03 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-02 23:10 - 2015-11-08 04:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-02 23:10 - 2015-11-08 04:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-02 23:10 - 2015-11-08 04:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-02 22:52 - 2015-11-21 10:16 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job
2017-02-02 20:52 - 2016-09-20 11:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-27 01:08 - 2015-11-23 06:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 23:32 - 2016-04-29 10:49 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\UnrealEngine
2017-01-26 13:23 - 2016-12-24 22:15 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\steelseries-engine-3-client
2017-01-26 02:17 - 2016-05-21 15:34 - 00000000 ____D C:\Users\FIXIIE\Desktop\Dark Thoughts
2017-01-25 18:39 - 2015-11-11 00:18 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\uTorrent
2017-01-24 17:58 - 2015-11-08 04:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-24 00:04 - 2016-12-04 03:04 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-01-23 20:57 - 2016-01-03 21:21 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\CrashDumps
2017-01-23 19:05 - 2016-01-24 02:09 - 00000000 ____D C:\Users\FIXIIE\Documents\Dolphin Emulator
2017-01-23 16:34 - 2015-12-28 22:44 - 00000000 ____D C:\Program Files\Intel
2017-01-23 15:58 - 2016-04-03 19:40 - 00310194 _____ C:\Windows\ntbtlog.txt
2017-01-23 15:16 - 2016-12-15 19:50 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-20 19:39 - 2016-12-04 02:03 - 01872320 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01464768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 16491120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 13378448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 04065808 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 03585120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00496680 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00420408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-01-20 16:13 - 2016-12-04 03:05 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-01-20 15:07 - 2016-12-04 02:03 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-01-20 14:36 - 2016-12-15 19:50 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-01-18 16:12 - 2016-03-22 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-01-18 13:57 - 2016-12-04 03:05 - 07755067 _____ C:\Windows\system32\nvcoproc.bin
2017-01-16 06:14 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-15 10:10 - 2016-04-20 19:51 - 00000132 _____ C:\Users\FIXIIE\AppData\Roaming\Adobe PNG Format CS5 Prefs
2017-01-14 07:51 - 2016-06-20 18:12 - 00000132 _____ C:\Users\FIXIIE\AppData\Roaming\Adobe Targa Format CS5 Prefs
2017-01-13 16:13 - 2016-12-07 00:57 - 01804672 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-01-13 16:13 - 2016-12-07 00:57 - 00045928 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2017-01-13 16:13 - 2016-12-07 00:57 - 00026376 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2017-01-13 06:27 - 2016-08-09 13:10 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\NXEPassportClient
2017-01-12 14:23 - 2016-05-19 17:10 - 00000000 ____D C:\Program Files (x86)\FileZilla Server
2017-01-12 11:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-11 19:53 - 2016-05-24 20:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-11 18:12 - 2015-11-08 03:38 - 00000000 ____D C:\Users\FIXIIE
2017-01-11 03:01 - 2015-11-08 16:14 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 03:00 - 2015-11-08 16:14 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 17:28 - 2015-11-08 03:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-08 06:17 - 2016-11-29 20:55 - 00000603 _____ C:\Users\FIXIIE\Desktop\prntscrn.txt
2017-01-04 18:04 - 2015-11-08 04:07 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Deployment

==================== Files in the root of some directories =======

2016-07-02 12:39 - 2016-11-15 05:23 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe BMP Format CS5 Prefs
2016-04-21 14:23 - 2016-06-25 17:52 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2016-04-20 19:51 - 2017-01-15 10:10 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-20 18:12 - 2017-01-14 07:51 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-12-05 05:30 - 2016-12-05 06:19 - 0005186 _____ () C:\Users\FIXIIE\AppData\Roaming\pixplant3settings. txt
2016-04-06 03:49 - 2016-04-07 19:29 - 0000995 _____ () C:\Users\FIXIIE\AppData\Roaming\SAS7_000.DAT
2016-02-12 19:29 - 2016-07-05 05:10 - 0001456 _____ () C:\Users\FIXIIE\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-01-26 19:49 - 2016-01-26 19:49 - 0007597 _____ () C:\Users\FIXIIE\AppData\Local\Resmon.ResmonCfg
2015-11-21 10:16 - 2015-11-21 10:16 - 0000003 _____ () C:\Users\FIXIIE\AppData\Local\updater.log
2015-11-21 10:16 - 2016-08-06 13:15 - 0000424 _____ () C:\Users\FIXIIE\AppData\Local\UserProducts.xml
2016-07-20 02:32 - 2016-07-20 02:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-08 23:06 - 2016-08-08 23:06 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-15 19:50 - 2017-01-23 15:39 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 19:50 - 2017-01-23 15:16 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-05 05:30 - 2016-12-05 05:30 - 0000000 _____ () C:\ProgramData\pixplant3settings.txt
[HEADING=1]Some files in TEMP:[/HEADING]
2016-05-19 18:25 - 2014-07-31 17:54 - 0015752 _____ (Autodesk, Inc.) C:\Users\FIXIIE\AppData\Local\Temp\AcDeltree.exe
2016-04-28 01:58 - 2015-08-06 22:30 - 2212144 _____ (Adobe Systems Incorporated) C:\Users\FIXIIE\AppData\Local\Temp\AdobeApplicatio nManager.exe
2016-04-21 15:27 - 2016-03-23 15:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0813132 94700.exe
2016-05-13 18:36 - 2016-04-14 16:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0816539 49844.exe
2016-06-01 15:34 - 2016-04-22 09:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0821361 25835.exe
2016-07-27 09:00 - 2016-06-21 17:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0846502 7878.exe
2016-08-23 00:37 - 2016-07-20 13:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0856430 8837.exe
2016-05-19 18:02 - 2016-05-19 18:15 - 0009728 _____ () C:\Users\FIXIIE\AppData\Local\Temp\bassmod.dll
2016-10-27 11:41 - 2016-10-27 11:42 - 0160888 _____ () C:\Users\FIXIIE\AppData\Local\Temp\ce-swap.exe
2016-10-26 12:54 - 2016-10-26 12:54 - 0458116 _____ (Aladdin Knowledge Systems Ltd.) C:\Users\FIXIIE\AppData\Local\Temp\haspdinst_x64.e xe
2016-04-17 21:47 - 2016-03-10 12:10 - 0037376 _____ (Microsoft) C:\Users\FIXIIE\AppData\Local\Temp\HiPatchSelfUpda teWindow.exe
2016-04-17 21:47 - 2015-10-14 12:50 - 0020480 _____ (Microsoft) C:\Users\FIXIIE\AppData\Local\Temp\HiRezLauncherCo ntrols.dll
2017-01-01 21:36 - 2017-01-01 21:36 - 2864736 _____ (Hola Networks Ltd.) C:\Users\FIXIIE\AppData\Local\Temp\Hola-Setup-x64-1.26.859.exe
2016-06-30 23:52 - 2016-06-30 23:52 - 4211112 _____ () C:\Users\FIXIIE\AppData\Local\Temp\npp.6.9.2.Insta ller.exe
2016-04-03 19:23 - 2016-12-11 19:23 - 0747648 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI.dll
2016-07-07 11:20 - 2016-09-16 23:31 - 0860776 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI64.dll
2016-09-22 00:02 - 2016-09-16 23:30 - 0426040 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvscpapisvr.exe
2016-06-07 15:08 - 2016-06-03 04:19 - 0386160 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI.dl l
2016-07-07 11:20 - 2016-08-11 12:23 - 0485344 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI64. dll
2016-05-03 20:44 - 2016-12-11 19:23 - 0353336 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStInst.exe
2016-12-04 02:03 - 2016-11-17 14:42 - 1135552 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetry.dll
2016-12-04 02:03 - 2017-01-06 02:10 - 0255032 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI3 2.dll
2016-12-04 02:03 - 2017-01-06 02:10 - 0335928 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI6 4.dll
2016-05-10 17:54 - 2016-05-10 17:55 - 45196928 _____ (Skype Technologies S.A.) C:\Users\FIXIIE\AppData\Local\Temp\SkypeSetup.exe
2016-06-13 02:23 - 2016-06-13 02:23 - 30533688 _____ () C:\Users\FIXIIE\AppData\Local\Temp\vlc-2.2.4-win32.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\FIXIIE\AppData\Local\Temp\xmlUpdater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 02:20

==================== End of FRST.txt ============================

Addition:
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by FIXIIE (03-02-2017 02:30:04)
Running from D:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-08 02:38:57)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-459705389-3442733056-3860532926-500 - Administrator - Disabled)
FIXIIE (S-1-5-21-459705389-3442733056-3860532926-1000 - Administrator - Enabled) => C:\Users\FIXIIE
Guest (S-1-5-21-459705389-3442733056-3860532926-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-459705389-3442733056-3860532926-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
3D Ripper DX v1.8.2 (HKLM-x32...\3D Ripper DX_is1) (Version: - Roman Lut)
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adblock Plus för IE (32-bitars och 64-bitars) (HKLM...{1B922A28-D60F-450B-B434-82C21BAED9BC}) (Version: 1.5 - Eyeo GmbH)
Adobe After Effects CC 2015 (HKLM-x32...{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CS6 (HKLM-x32...{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32...{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8C E.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32...{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Ansel (Version: 378.49 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM...{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32...{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32...{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32...{903D0F33-D3CF-48D6-967D-84004089428A}) (Version: 4.0.51203.1 - Microsoft Corporation)
ASIO4ALL (HKLM-x32...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 (HKLM...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM...{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk 3ds Max Design 2013 64-bit (HKLM...\Autodesk 3ds Max Design 2013 64-bit) (Version: 15.0.0.347 - Autodesk)
Autodesk 3ds Max Design 2013 64-bit (Version: 15.0.0.347 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32...{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk Backburner 2013.0.0 (HKLM-x32...{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk Backburner 2016 (HKLM-x32...{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM...{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max Design 2013 (HKLM-x32...{FE6DCC8D-427F-405C-A779-C93B6D9F77A5}) (Version: 1.0.0.2 - Autodesk)
Autodesk Content Service (HKLM...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk DirectConnect 2013 64-bit (HKLM...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk DirectConnect 2016 64-bit (HKLM...\Autodesk DirectConnect 2016 64-bit) (Version: 10.0.98.0 - Autodesk)
Autodesk DirectConnect 2016 64-bit (Version: 10.0.98.0 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max Design 2013 64-bit (HKLM...{62CBE596-1BB8-4D7B-A056-103287BAD1C4}) (Version: 1.0.0.1 - Autodesk)
Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bit (HKLM...\Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013 64-bit) (Version: - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM...{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max Design 2013 64-bit (HKLM...{BC66B242-DF13-1664-851B-00123612ED98}) (Version: 15.0 - Autodesk)
Autodesk MatchMover 2012 64-bit (HKLM...{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32...{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32...{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32...{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32...{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32...{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32...{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk Maya 2016 (HKLM...\Autodesk Maya 2016) (Version: 16.0.1312.0 - Autodesk)
Autodesk Maya 2016 (Version: 16.0.1312.0 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max (HKLM...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max (Version: 16.0.394.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (HKLM...{06E18300-BB64-1664-8E6A-2593FC67BB74}) (Version: 1.0.0.1 - Autodesk)
AVG (Version: 16.141.7998 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4756 - AVG Technologies) Hidden
AVG Protection (HKLM...\AVG) (Version: 2016.141.7998 - AVG Technologies)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
BankID säkerhetsprogram (HKLM-x32...{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB)
Battle.net (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blade & Soul (HKLM-x32...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CheVolume 0.4.1.2 (HKLM-x32...\CheVolume 0.4.1.2) (Version: - WellWeWeb)
CINEMA 4D 17.048 (HKLM...\MAXONC60D9D75) (Version: 17.048 - MAXON Computer GmbH)
Composite 2012 64-bit (HKLM...{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Composite 2013 64-bit (HKLM...{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Counter-Strike (HKLM...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive - SDK (HKLM...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM...\Steam App 730) (Version: - Valve)
Crazybump (remove only) (HKLM-x32...\Crazybump) (Version: - )
CRYENGINE Launcher (HKLM-x32...{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}) (Version: 1.0.0 - Crytek GmbH)
Curse (HKLM-x32...{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
DaVinci Resolve (HKLM...{2852CC67-7BE9-4972-BF96-8D4EC7486F97}) (Version: 10.1.0021 - Blackmagic Design)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32...{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32...{4755FB10-B694-4B0F-BCDE-F390B957CD96}) (Version: 1.1.90.0 - Epic Games, Inc.)
Europe MapleStory (HKLM-x32...\Europe MapleStory_is1) (Version: - Nexon)
FACEIT Client version 1.0 (HKLM...{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
FAHClient (HKLM-x32...\FAHClient) (Version: 7.4.4 - Stanford University)
FileZilla Server (HKLM-x32...\FileZilla Server) (Version: beta 0.9.57 - FileZilla Project)
FL Studio 12 (HKLM-x32...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32...\FL Studio ASIO) (Version: - Image-Line)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
GCFScape 1.8.5 (HKLM...\GCFScape_is1) (Version: - Ryan Gregg)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GWX Control Panel (HKLM-x32...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HiPatch (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Houdini 15.0.244.16 (HKLM...\Houdini 15.0.244.16) (Version: 15.0.244.16 - Side Effects Software)
IIS 10.0 Express (HKLM...{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IL Download Manager (HKLM-x32...\IL Download Manager) (Version: - Image-Line)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32...{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32...{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Network Connections 21.1.30.0 (HKLM...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32...{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32...{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
J2SE Development Kit 5.0 Update 22 (HKLM-x32...{32A3A4F4-B792-11D6-A78A-00B0D0150220}) (Version: 1.5.0.220 - Sun Microsystems, Inc.)
Java 7 Update 79 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 91 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KeyShot 5 64 bit (HKLM-x32...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Lightshot-5.4.0.1 (HKLM-x32...{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Livestreamer 1.12.2 (HKLM-x32...\Livestreamer) (Version: - )
Machinima Studio (HKLM...{517500ED-35B9-43C1-9F60-6B31E111E2D3}) (Version: 1.0.0 - BC)
Metro: Last Light (HKLM...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32...{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32...{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32...{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32...{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32...{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32...{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32...{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32...{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32...{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32...{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32...{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM...{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32...{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32...{90120000-001B-0000-0000-0000000FF1CE}WORD{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint 2010 (HKLM-x32...\Office14.POWERPOINT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM...{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM...{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM...{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32...{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM...{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM...{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32...{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM...{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32...{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM...{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32...{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM...{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM...{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32...{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32...{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 (HKLM-x32...{a47f6f59-0768-45af-8aa6-10ad157a603e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 sv-SE) (HKLM-x32...\Mozilla Firefox 50.1.0 (x86 sv-SE)) (Version: 50.1.0 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NaturalMotion endorphin 2.5.2 (HKLM-x32...\NaturalMotion endorphin_is1) (Version: - NaturalMotion Ltd.)
NCSOFT Game Launcher (HKLM-x32...\NCLauncher_NCWest) (Version: - NCSOFT)
Nexon Launcher (HKLM-x32...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon)
Notepad++ (HKLM-x32...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.49 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.49 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.21 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32...{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM...{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OctaneRender Demo 3.04 (HKLM-x32...\OctaneRender Demo 3.04) (Version: 3.04 - OTOY)
Opera Stable 37.0.2178.43 (HKLM-x32...\Opera 37.0.2178.43) (Version: 37.0.2178.43 - Opera Software)
Overwatch Test (HKLM-x32...\Overwatch Test) (Version: - Blizzard Entertainment)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PixPlant 3.0.11 (HKLM...\PixPlant3_is1) (Version: 3.0.11 - FaronStudio)
PowerISO (HKLM-x32...\PowerISO) (Version: 6.5 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32...{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Qpad 5K Gaming Mouse Software (HKLM-x32...{5B4277DA-8A85-44B6-8086-DAA97C20B992}) (Version: 1.06 - Qpad)
QuickTime 7 (HKLM-x32...{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealFlow 2015 (HKLM-x32...\RealFlow 2015) (Version: - )
RealFlow Plugin for 3D Studio Max (HKLM-x32...\RealFlowMax) (Version: 2014.0.3 - Next Limit)
RealFlow Plug-in for Cinema4D (HKLM-x32...\RealFlowC4D) (Version: 1.0 - Next Limit)
Red Giant Link (HKLM-x32...{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.0 - Red Giant, LLC)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24723 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32...{90140000-0018-0000-0000-0000000FF1CE}Office14.POWERPOINT{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SlimDX SDK (June 2010) (HKLM-x32...{59BB7F21-1987-4A1C-9DF3-82FEC6591C60}) (Version: 2.0.10.43 - SlimDX Group)
Smite (HKLM-x32...{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 3.16.3600.1 - Hi-Rez Studios)
Source Filmmaker (HKLM-x32...\Steam App 1840) (Version: - Valve)
Spotify (HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.9.10 (HKLM...\SteelSeries Engine 3) (Version: 3.9.10 - SteelSeries ApS)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TGA Viewer (HKLM-x32...{4FA2DAFD-2D72-4ACF-BDD8-4178E8AFD459}is1) (Version: - IdeaMK)
Tombraider (HKLM-x32...\Tombraider_is1) (Version: - )
TP-LINK 300Mbps Wireless USB Adapter Drivrutin (HKLM-x32...{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Trapcode Particular 64 bit (HKLM-x32...\InstallShield{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}) (Version: 2.1.1 - Red Giant Software)
Trapcode Particular 64 bit (Version: 2.1.1 - Red Giant Software) Hidden
Trapcode Suite v13.1.1 (HKLM-x32...{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.1.1 - Red Giant, LLC)
TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32...{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for (KB2504637) (HKLM-x32...{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32...{90120000-001B-0000-0000-0000000FF1CE}WORD{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB Network Driver (HKLM-x32...{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: 2007.07.3 - )
USB Vibration Joystick (HKLM-x32...{64B27517-3558-4A76-8641-5D161D7C9BE5}) (Version: v3.85 - Dragon rise)
W326U UnInstall (HKLM-x32...\Tenda Wireless LAN Card Setup_is1) (Version: - )
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM...{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Speech Recognition Macros (HKLM-x32...{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Visual Studio 2012 x64 Redistributables (HKLM...{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32...{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32...{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.4 - VideoLAN)
World of Warcraft (HKLM-x32...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VTFEdit 1.2.5 (HKLM-x32...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
VTFEdit 1.3.3 (HKLM...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Vulkan Run Time Libraries 1.0.37.0 (HKLM...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
ZBrush 4R7 (HKLM-x32...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 → C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (the data entry has 28 more characters).
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 → D:\Program Files\AutoDesk\AutoCad 2016\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 → D:\Program Files\AutoDesk\AutoCad 2016\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{1baa97d3-5504-47c3-9968-006c53f68ba2}\InprocServer32 → C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{5370C727-1451-4700-A960-77630950AF6D}\localserver32 → D:\Program Files\AutoDesk\AutoCad 2016\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 → C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (the data entry has 28 more characters).
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 → D:\Program Files\AutoDesk\AutoCad 2016\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-459705389-3442733056-3860532926-1000_Classes\CLSID{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 → C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (the data entry has 28 more characters).

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0210B291-3FCD-4635-965A-28A3219CF9B8} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {136F6B88-3D8D-483F-B07F-4E7D3225F301} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {1694724D-1863-4810-8FD6-6319C4425A26} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {1CEA884D-0EA4-43D2-82DF-DDB2CB31BDCD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {259118CC-8076-4395-87B7-C4AE3F372AF0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {2AC1F097-6A21-4A7E-B763-406A81CF58E7} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {35669D06-D2E1-43FE-ABA0-C5920A05E160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {3AB65712-DC07-4B43-905A-629DD324E18C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {518DFB82-8DFC-47D4-A4EA-FCD212089064} - System32\Tasks\AdobeAAMUpdater-1.0-FIXIIE-PC-FIXIIE => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [2016-03-22] (Adobe Systems Incorporated)
Task: {519E8252-0DBE-4073-9D11-AB059EEBB8BC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
Task: {55E456BB-05F1-4EBB-9FF2-CEB596E7DF3D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {6941E2E1-2903-4F0C-80CD-F34B2CEF7A3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {8A03348C-3F6E-45A6-B459-3CACA7B34BA4} - System32\Tasks\Opera scheduled Autoupdate 1444085072 => D:\Program Files\Opera\launcher.exe
Task: {961CFD4D-1976-4470-AFD6-EF852C3C9165} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {A90217D8-B2B0-47B0-9530-5C80FD627ECD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {B6AE88C8-DA2A-46AA-A614-C944DE27325F} - System32\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {ED665B10-E27F-4117-83F5-EA3DDB75AC6F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Startprogrammet för appar i Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --show-app-list
ShortcutWithArgument: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Googl e Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --profile-directory=“Profile 2”
ShortcutWithArgument: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\Nexon Launcher.lnk → D:\Program Files\Nexon Launcher\bin\nexon_client\nexon_client.exe (The NWJS Community) → --user-data-dir=“C:\Users\FIXIIE\AppData\Local\NexonLauncher\U ser Data” --profile-directory=Default --app-id=dobbaijafcbikgimjpakclacfgeagffm

==================== Loaded Modules (Whitelisted) ==============

2011-09-14 23:19 - 2011-09-14 23:19 - 00086016 _____ () D:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
2016-12-04 02:03 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-04 02:03 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-04 03:05 - 2017-01-20 16:13 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 22:05 - 2016-11-17 22:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-23 16:11 - 2016-11-17 22:16 - 00805632 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-01-23 16:11 - 2016-11-17 22:18 - 01981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-01-23 16:11 - 2016-11-17 22:11 - 00247552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-01-23 16:11 - 2016-11-17 22:10 - 00212736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-01-23 16:11 - 2016-11-17 22:11 - 00174848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-01-23 16:11 - 2016-11-17 22:10 - 00203520 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_stat e_input.dll
2017-01-23 16:11 - 2016-11-17 22:09 - 00206592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_disktrace_input.d ll
2017-01-23 16:11 - 2016-11-17 22:09 - 00336640 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-01-23 16:11 - 2016-11-17 22:06 - 00147712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-01-23 16:11 - 2016-11-17 22:11 - 00213248 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-01-23 16:11 - 2016-11-17 22:07 - 00229120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_relia bility_input.dll
2017-01-23 16:11 - 2016-11-17 22:08 - 00224000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-01-23 16:11 - 2016-11-17 22:06 - 00211712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_i nput.dll
2017-01-23 16:11 - 2016-11-17 22:08 - 00219904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2016-11-13 02:32 - 2016-11-29 12:27 - 00103424 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2016-01-13 10:30 - 2016-01-13 10:30 - 00009728 _____ () D:\Program Files\CheVolume\CheVolumeHelper_x86.exe
2016-05-19 19:06 - 2016-02-24 05:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-05-19 19:06 - 2016-02-24 05:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-11-08 04:46 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-04 02:03 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-04 02:03 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-28 12:50 - 2016-11-28 12:50 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-08-10 10:14 - 2016-08-10 10:14 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-12-04 02:03 - 2017-01-20 19:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-04 02:03 - 2017-01-20 14:36 - 00338488 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-04 02:03 - 2017-01-20 14:36 - 00254008 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-04 02:03 - 2017-01-20 14:36 - 02808888 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-04 02:03 - 2017-01-20 14:36 - 00384568 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-04 02:03 - 2017-01-20 14:36 - 00537656 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-04 02:03 - 2017-01-20 14:36 - 00468024 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-04 02:03 - 2017-01-20 14:36 - 01066552 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-15 19:50 - 2017-01-20 14:36 - 01014840 _____ () \?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-03-21 07:14 - 2015-03-21 07:14 - 00007168 _____ () D:\Program Files\CheVolume\EasyLoad32.dll
2016-12-15 01:38 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libgl esv2.dll
2016-12-15 01:38 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libeg l.dll
2016-10-25 11:12 - 2016-12-23 19:28 - 00657184 _____ () X:\Program Files\Steam\SDL2.dll
2016-10-25 11:12 - 2016-09-01 02:02 - 04969248 _____ () X:\Program Files\Steam\v8.dll
2016-10-25 11:12 - 2016-09-01 02:02 - 01563936 _____ () X:\Program Files\Steam\icui18n.dll
2016-10-25 11:12 - 2016-09-01 02:02 - 01195296 _____ () X:\Program Files\Steam\icuuc.dll
2016-10-25 11:12 - 2017-01-19 02:30 - 02327840 _____ () X:\Program Files\Steam\video.dll
2016-10-25 11:12 - 2016-01-27 08:49 - 02549760 _____ () X:\Program Files\Steam\libavcodec-56.dll
2016-10-25 11:12 - 2016-01-27 08:49 - 00442880 _____ () X:\Program Files\Steam\libavutil-54.dll
2016-10-25 11:12 - 2016-01-27 08:49 - 00491008 _____ () X:\Program Files\Steam\libavformat-56.dll
2016-10-25 11:12 - 2016-01-27 08:49 - 00332800 _____ () X:\Program Files\Steam\libavresample-2.dll
2016-10-25 11:12 - 2016-01-27 08:49 - 00485888 _____ () X:\Program Files\Steam\libswscale-3.dll
2016-10-25 11:12 - 2017-01-19 02:30 - 00838432 _____ () X:\Program Files\Steam\bin\chromehtml.DLL
2016-10-25 11:12 - 2016-07-04 23:17 - 00266560 _____ () X:\Program Files\Steam\openvr_api.dll
2016-12-13 10:11 - 2017-01-05 04:12 - 68813088 _____ () X:\Program Files\Steam\bin\cef\cef.win7\libcef.dll
2016-10-25 11:12 - 2017-01-19 02:30 - 00383776 _____ () X:\Program Files\Steam\steam.dll
2016-10-25 11:12 - 2015-09-25 00:52 - 00119208 _____ () X:\Program Files\Steam\winh264.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00198144 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00317952 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00204288 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00391168 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2016-11-13 02:32 - 2017-01-20 13:52 - 06674944 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2016-12-08 02:30 - 2016-12-08 17:05 - 25145344 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\phonon3d.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00167936 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 01173504 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00862208 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00357376 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00611328 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00165376 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00708096 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00135680 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00958976 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00395264 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 03295744 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00578048 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00143872 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00230912 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 01096192 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2016-11-13 02:32 - 2017-01-20 13:52 - 00600064 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2016-11-13 02:32 - 2017-01-30 01:08 - 12911104 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2016-11-13 02:32 - 2017-01-20 13:52 - 10579968 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00094208 _____ () X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00091136 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2016-11-13 02:32 - 2016-11-13 02:32 - 00071680 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2016-11-13 02:32 - 2016-11-13 02:32 - 00013312 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2016-11-13 02:32 - 2016-11-13 02:32 - 00055808 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2016-11-13 02:32 - 2017-01-13 15:02 - 00973312 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2016-11-13 02:32 - 2017-01-13 15:02 - 00190464 _____ () x:\program files\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [168]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [138]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Classes.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe “%1”

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\hola.org → hxxp://hola.org

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-05-19 18:15 - 00001138 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Control Panel\Desktop\Wallpaper → C:\Users\FIXIIE\AppData\Roaming\Microsoft\Windows\ Themes\TranscodedWallpaper.jpg
DNS Servers: 195.67.199.30 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SteelSeries Engine 3.lnk => C:\Windows\pss\SteelSeries Engine 3.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK trådlösa konfigurationsverktyg.lnk => C:\Windows\pss\TP-LINK trådlösa konfigurationsverktyg.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^Folding@home.lnk => C:\Windows\pss\Folding@home.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => “C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe”
MSCONFIG\startupreg: ADSKAppManager => “C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe” -showminimized -checkautorun
MSCONFIG\startupreg: APSDaemon => “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: AvgUi => “C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe” /lps=fmw
MSCONFIG\startupreg: BCSSync => “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => “D:\Program Files\DAEMON Tools Lite\DTAgent.exe” -autorun
MSCONFIG\startupreg: FileZilla Server Interface => “C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe”
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => “C:\Program Files\iTunes\iTunesHelper.exe”
MSCONFIG\startupreg: Lightshot => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: NvBackend => “C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe”
MSCONFIG\startupreg: ShadowPlay => “C:\Windows\system32\rundll32.exe” C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
MSCONFIG\startupreg: Speech Recognition => “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup
MSCONFIG\startupreg: Spotify => “C:\Users\FIXIIE\AppData\Roaming\Spotify\Spotify.e xe” -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => “C:\Users\FIXIIE\AppData\Roaming\Spotify\SpotifyWe bHelper.exe”
MSCONFIG\startupreg: USB Gamepad => C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot
MSCONFIG\startupreg: USB3MON => “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C730BE89-74FB-4E05-9F03-695E2B015FF7}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{076EC2E3-8248-44E9-B0A9-02692C50197B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EF718E83-4028-4BF0-BD64-AF6C0BAC5E14}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0D21F7F5-49C2-4903-BDA0-9DF6FB0792E2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BA2207C-A101-44F3-9659-EA42139FF8CE}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{99D0F951-3250-4D94-9C36-82F06943CF54}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{D6ACA3D6-558C-494E-9D00-CB8E58533A7D}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{34DDD7A1-86DF-4ECE-87BF-50E05526B183}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{1A7C4BEA-CFB7-4334-AF5C-2CAAF06745D6}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{182C8424-4593-4E1F-8DA7-D313AAABA78D}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41202.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41202.exe
FirewallRules: [UDP Query User{05C89008-4DF2-4E73-926D-DBE2F1DDCA42}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41202.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41202.exe
FirewallRules: [TCP Query User{2C61BE49-FD46-494C-B272-FDE820575DB7}D:\program files\hearthstone\hearthstone.exe] => D:\program files\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6CAC4410-6D6D-4D14-8402-68FE592848F0}D:\program files\hearthstone\hearthstone.exe] => D:\program files\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{F8457AC2-B7CC-4021-AF9C-BE49AF31C974}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41372.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41372.exe
FirewallRules: [UDP Query User{D39DDDE2-6698-4D18-B33F-3B6AA8921841}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41372.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41372.exe
FirewallRules: [{9339FC2D-F3C8-4FE0-8FA9-6C4F8740D9D0}] => D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\ sfm.exe
FirewallRules: [{0CA00C4B-2900-4AD3-81A4-A961D200465D}] => D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\ sfm.exe
FirewallRules: [{A64701A8-7EA0-4853-8D8E-C47C454D8909}] => D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\ bin\qsdklauncher.exe
FirewallRules: [{E324111F-7EF3-40E9-9DD3-8DF5CEBDE0A4}] => D:\Program Files\Steam\SteamApps\common\SourceFilmmaker\game\ bin\qsdklauncher.exe
FirewallRules: [TCP Query User{1CA79EF6-DD76-4DE8-94A9-F929E6FFBA80}D:\program files\hirezgames\smite\binaries\win32\smite.exe] => D:\program files\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{D35A0372-41B8-40DF-946B-0D41D4C32CDB}D:\program files\hirezgames\smite\binaries\win32\smite.exe] => D:\program files\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{611F71E9-17F9-4488-BC8C-2783C7D84762}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{E976F507-4E27-4967-895B-7337DC4CC53F}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{552315E8-3287-443B-AAFE-505D91953E7D}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{0887317C-40B2-4C07-84B6-AF3EA2CC626B}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{2EF5C394-A2C2-41F7-B92A-4576A01A878E}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{499B38BD-92F6-4F10-8775-373D3D599E29}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{2EAEA719-4D1C-4BA1-B456-07E7D1A1EE0A}] => D:\Program Files\Microsoft Visual 2015\Common7\IDE\devenv.exe
FirewallRules: [{68482DE8-A95D-49D9-B225-B42E11CB9CD5}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BC93B346-78B1-4677-A11D-52025399430A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BD9B8494-B96C-4AD2-99C1-8296608AB491}C:\users\fixiie\appdata\roaming\spoti fy\spotify.exe] => C:\users\fixiie\appdata\roaming\spotify\spotify.ex e
FirewallRules: [UDP Query User{6F257C93-468B-49D4-ADD2-992ECFCA42EA}C:\users\fixiie\appdata\roaming\spoti fy\spotify.exe] => C:\users\fixiie\appdata\roaming\spotify\spotify.ex e
FirewallRules: [TCP Query User{4ACE98A6-564B-47CD-8725-F08D82D16A3F}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41712.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41712.exe
FirewallRules: [UDP Query User{953F9BED-B93F-4470-B3DD-F21BEF29699F}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41712.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41712.exe
FirewallRules: [TCP Query User{D2B8AFD7-2B12-4655-AEC5-A28514CD7FAD}D:\program files\portal 2\portal2.exe] => D:\program files\portal 2\portal2.exe
FirewallRules: [UDP Query User{55978763-8D17-438E-B368-D000614D1F77}D:\program files\portal 2\portal2.exe] => D:\program files\portal 2\portal2.exe
FirewallRules: [TCP Query User{6CDCC8CC-4099-4CFE-8A5F-E021F15752BC}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41865.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41865.exe
FirewallRules: [UDP Query User{4CD02667-1C2B-4905-90A0-A0F7833CA4D0}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.5_41865.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.5_41865.exe
FirewallRules: [TCP Query User{8D3E249C-ACE1-4775-861A-88475E5CD148}C:\users\fixiie\appdata\roaming\spoti fy\spotify.exe] => C:\users\fixiie\appdata\roaming\spotify\spotify.ex e
FirewallRules: [UDP Query User{2376A732-963D-4E34-B8F1-2DBDCF537D4A}C:\users\fixiie\appdata\roaming\spoti fy\spotify.exe] => C:\users\fixiie\appdata\roaming\spotify\spotify.ex e
FirewallRules: [{A6A5CFBD-8CA9-47C1-BC19-BD8F2BA8D014}] => LPort=51001
FirewallRules: [{0E0B936B-12DB-4147-AE09-C9D4A23A1C52}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{63E4A1AF-5FA1-4FCF-A590-B40C9F767A2A}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{2BEFCCBB-C9EC-4340-BFE5-CDB571ACB723}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.6_42094.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.6_42094.exe
FirewallRules: [UDP Query User{4A2E6EED-66F0-408E-B474-5373D370FE47}C:\users\fixiie\appdata\roaming\utorr ent\updates\3.4.6_42094.exe] => C:\users\fixiie\appdata\roaming\utorrent\updates\3 .4.6_42094.exe
FirewallRules: [{924EDA58-EFB4-4E52-89F2-666420FCBAB4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{71661FFD-8F04-40D9-897F-F44DBB0D8A6E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3EFFDE5-FCAE-498C-8C31-A863C3260C8E}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1AE940F1-FDED-4787-81C4-429ECC6EF34F}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6C37A3C3-2D3E-4F1E-A9FC-F32FBD7FD768}] => D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.e xe
FirewallRules: [{12707B43-746B-46EB-BC94-187B6C88C674}] => D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.e xe
FirewallRules: [{6E8E1519-65BA-41D3-9D46-74420337A877}] => D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{50C44E96-A567-4A82-98BB-1BE9095EE649}] => D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{A4A39402-E48B-4FE4-934E-C1D38E144B00}] => D:\Program Files\DaVinci Resolve\Resolve.exe
FirewallRules: [{0A6603EB-A8C5-4E08-BBF8-F7D237371D6F}] => D:\Program Files\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{204DAA5B-AC41-445F-810F-D55A58CFD7ED}] => D:\Program Files\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{160F9A39-B131-4ABC-A459-34E20758E0E4}] => D:\Program Files\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{567D0FDD-76E1-4256-83A6-2030FBD3BC7C}] => D:\Program Files\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{0896F6A1-AE7D-4CCE-A482-C519A67CE784}] => D:\Program Files\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{FC2F886D-0178-4F0F-B2D0-E4F411322B70}] => D:\Program Files\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{3A371709-B599-43E5-B555-11B80AD14A83}] => C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{9A299CB4-C2DF-4CC5-80E7-8297941DAA79}] => LPort=50248
FirewallRules: [{C0D6CB36-9B06-4E0D-B1DB-D636EAF96005}] => D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
FirewallRules: [{99276054-7F05-48CE-BEB3-9575D6A79D33}] => D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
FirewallRules: [{A859C55C-CF99-4F45-8D0F-237D9003338F}] => D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64.exe
FirewallRules: [{EDEE1F6B-782C-474C-ADC0-4678A5E3B5F2}] => D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64.exe
FirewallRules: [{72F943CA-9291-4A1C-9E54-C7BFCB7ED050}] => D:\Program Files\AutoDesk\3ds Max Design 2013\3dsmax.exe
FirewallRules: [{5CD763D7-7E54-4A29-81E8-9419F0923A4F}] => D:\Program Files\AutoDesk\3ds Max Design 2013\3dsmax.exe
FirewallRules: [{24732CED-303B-4064-8654-D1782A1F7555}] => C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{12AAE6AF-211A-4CFB-81AB-A9F0AAEB5424}] => C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{DDE24B6D-7025-41D8-93BC-111EC40256B5}] => C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{27C67492-55A1-44BB-ACAE-5653A9EAED79}] => C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{1D57DB63-255F-48C3-A164-8D61A578BE8A}] => C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{B2D2FE9B-E6E2-455E-9431-296B31698E7F}] => C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{18739637-AE9C-45F8-A2E5-E48441D1E397}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [{CC6D20CC-0030-434F-8167-959EEC0265E2}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [{3E0B47C9-E201-4ECD-89F6-1F90A616E10E}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [{61139448-2066-4807-96A8-3BFB2D962CF6}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [{3DCA8C86-5A7B-4280-94E9-C72B27B7A419}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [{C4690747-8952-4FDC-A4D0-4F9E4CE1183C}] => C:\Users\FIXIIE\AppData\Roaming\uTorrent\uTorrent. exe
FirewallRules: [TCP Query User{327F6C31-2DBE-4E30-9DF7-DB62BC0E3296}C:\users\fixiie\appdata\local\akamai\ netsession_win.exe] => C:\users\fixiie\appdata\local\akamai\netsession_wi n.exe
FirewallRules: [UDP Query User{AB373BC7-8D19-4AE5-B922-AB90198E1141}C:\users\fixiie\appdata\local\akamai\ netsession_win.exe] => C:\users\fixiie\appdata\local\akamai\netsession_wi n.exe
FirewallRules: [{85AE67FA-A902-4528-BE9F-4D26B2C53147}] => D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{118628DA-3E74-4241-9FC3-C0C9907BABD8}] => D:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{AC463D7C-5597-4997-9525-B013757DFB54}] => X:\steam\Steam.exe
FirewallRules: [{BD5E780F-7FAB-495C-A227-E08C2FE3FD68}] => X:\steam\Steam.exe
FirewallRules: [{D4530D41-559A-4BB1-87D8-1C6C835EDE0A}] => X:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{6E613913-0023-40D2-9994-38B2D7EF4A5C}] => X:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{21054210-2C55-42CC-B21D-2A0480454612}D:\program files\fahclient\fahclient.exe] => D:\program files\fahclient\fahclient.exe
FirewallRules: [UDP Query User{4E83A95D-CFE1-4A0D-A2D4-EC323D427324}D:\program files\fahclient\fahclient.exe] => D:\program files\fahclient\fahclient.exe
FirewallRules: [TCP Query User{222AD0E7-EA27-4671-B3CF-1C512F3345F1}D:\program files\fahclient\fahclient.exe] => D:\program files\fahclient\fahclient.exe
FirewallRules: [UDP Query User{D0DE2ABF-29CF-4B52-B3F6-1CCFC98545B4}D:\program files\fahclient\fahclient.exe] => D:\program files\fahclient\fahclient.exe
FirewallRules: [{709D524F-D564-48B9-91D8-02B632EEEEDA}] => X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{34517D69-ACC5-4C2C-8F00-6E9DCF911A00}] => X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9302BCF5-DE17-47FB-B2EC-9BC5CD422455}] => X:\KeyShot5\bin\keyshot5.exe
FirewallRules: [{70E36FDE-7A33-482A-9AAB-3073E592DDA8}] => X:\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{4DE5A01D-81FB-4B59-8BB9-247E73B01101}] => C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{CF696391-92F7-4C8E-8B22-B776D99F2A6D}] => C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{8DA2F81F-DD37-477A-B038-F26EE2C2C7F8}] => D:\Program Files\Crazybump\CrazyBump.exe
FirewallRules: [{AAA53C65-BE6D-4337-8864-6F9A25086132}] => D:\Program Files\Crazybump\CrazyBump.exe
FirewallRules: [{A236714F-C2C3-40B8-8790-F4148E13371B}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{827FBF53-69D6-4112-9FA5-B183C0798526}D:\program files\battle.net\battle.net.8180\battle.net.exe] => D:\program files\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{298639A5-C381-4ACE-9B9D-4DDA28AF65E5}D:\program files\battle.net\battle.net.8180\battle.net.exe] => D:\program files\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [{3B102AD5-EABA-4C66-8D6C-9F11CE82711B}] => X:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D1A1315E-3A9B-4284-8732-E0064360AB89}] => X:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BE84E619-1904-42B7-B32C-D1C4A8FFDDEC}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2785F6EF-C3A8-4685-9838-7AC70D2E326D}] => X:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{D15510C4-B9A9-4E39-A63D-2EA34C1F290D}] => X:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{604FEEC6-8CD6-4B86-ADE0-ED08CD576415}] => X:\Program Files\Steam\Steam.exe
FirewallRules: [{8D291600-23CE-4ED3-9DEB-849CF738728B}] => X:\Program Files\Steam\Steam.exe
FirewallRules: [{14BFA718-E83D-48E4-A47F-4956DD2AAF78}] => X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0AA1BC88-A069-4732-91EA-85CF05058767}] => X:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7B9499B-F510-4B24-B579-854905961857}] => X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2D95F89B-2291-4B7D-9682-D334B7FAA1C8}] => X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{946D6D27-E843-4A1D-B92A-8F538DD97203}] => X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{DA78FD03-0895-4EF5-BFE4-BB70A183EE6A}] => X:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{87D1AFCD-9F3F-4E3C-A27E-F01253227935}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{007A6014-35C5-44EA-A61D-D5BFAC8EB2BD}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{6673C7D4-A4DE-425A-89A2-D1CC44B90491}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1F30B310-FC88-4AC8-A08A-20BD7937E830}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{8E43BF22-D42A-43E6-A8F3-434BB2096A0E}] => LPort=3935
FirewallRules: [{BFD31DCD-9221-412C-9CBB-107C1D00926B}] => X:\Program Files\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{56ABB496-6C65-449F-A37E-B3D8D41ECD75}] => X:\Program Files\Steam\steamapps\common\Metro Last Light\MetroLL.exe
FirewallRules: [TCP Query User{6DFEA926-58B7-4172-B9B1-1F66A958640A}D:\program files\unreal4\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => D:\program files\unreal4\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe
FirewallRules: [UDP Query User{0934BCD6-8338-46B7-8F50-E22184160126}D:\program files\unreal4\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe] => D:\program files\unreal4\epic games\launcher\portal\binaries\win64\epicgameslaun cher.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (02/03/2017 02:30:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe98b8c5c3
Faulting process id: 0xd20
Faulting application start time: 0x01d27dbd112fa98c
Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
Faulting module path: unknown
Report Id: 4ef375ed-e9b0-11e6-bf85-14dda977ff22

Error: (02/03/2017 02:30:13 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Connect.Service.ContentService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(Syst em.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threa ding.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:30:13 AM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: UNHANDLED EXCEPTION. Process is terminating: True.
EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object.
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(Object state)
at System.Threading.ExecutionContext.RunInternal(Exec utionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionCon text executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:30:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe98b6c5c3
Faulting process id: 0x21bc
Faulting application start time: 0x01d27dbd0af41cb0
Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
Faulting module path: unknown
Report Id: 48b8fa84-e9b0-11e6-bf85-14dda977ff22

Error: (02/03/2017 02:30:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Connect.Service.ContentService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(Syst em.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threa ding.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:30:03 AM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: UNHANDLED EXCEPTION. Process is terminating: True.
EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object.
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(Object state)
at System.Threading.ExecutionContext.RunInternal(Exec utionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionCon text executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:29:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe98b6c5c3
Faulting process id: 0xd7c
Faulting application start time: 0x01d27dbd04ba649a
Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
Faulting module path: unknown
Report Id: 427e7f1b-e9b0-11e6-bf85-14dda977ff22

Error: (02/03/2017 02:29:53 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Connect.Service.ContentService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(System.Object)
at System.Threading.ExecutionContext.RunInternal(Syst em.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threa ding.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:29:53 AM) (Source: Autodesk Content Service) (EventID: 0) (User: )
Description: UNHANDLED EXCEPTION. Process is terminating: True.
EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object.
at System.Data.SqlServerCe.SqlCeException.ToString()
at System.ServiceProcess.ServiceBase.ServiceQueuedMai nCallback(Object state)
at System.Threading.ExecutionContext.RunInternal(Exec utionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionCon text executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.QueueUserWorkItemCallback.System. Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (02/03/2017 02:29:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe98b8c5c3
Faulting process id: 0xd24
Faulting application start time: 0x01d27dbcfe7ed7bd
Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
Faulting module path: unknown
Report Id: 3c43405f-e9b0-11e6-bf85-14dda977ff22
[HEADING=1]System errors:[/HEADING]
Error: (02/03/2017 02:30:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 130 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:30:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 129 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 128 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 127 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 126 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 125 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 124 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:29:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 123 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:28:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 122 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/03/2017 02:28:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Autodesk Content Service service terminated unexpectedly. It has done this 121 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2017-02-03 02:07:30.096
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:07:30.066
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:03:15.998
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:03:15.968
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:01:49.112
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:01:49.082
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:00:13.951
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 02:00:13.921
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 01:57:51.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-03 01:57:51.964
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\h ardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 41%
Total physical RAM: 12230.83 MB
Available physical RAM: 7132.49 MB
Total Virtual: 24459.85 MB
Available Virtual: 18767.46 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:119.24 GB) (Free:9.43 GB) NTFS
Drive d: (Standard) (Fixed) (Total:465.66 GB) (Free:215.41 GB) NTFS
Drive x: (wonderful) (Fixed) (Total:1862.89 GB) (Free:1528.09 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D88E6ABB)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

================================================== ======
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D88E6ABF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

================================================== ======
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uuninstall the programs below with Geek Uninstaller.

µTorrent (HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Java 7 Update 79 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 91 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)

I would personally stay away from AVG. If you choose to uninstall it then use Geek Uninstaller Force mode then reboot and run the uninstaller. Having AVG on your machine will cause many issues, so to start lets remove it and replace it. You can reinstall if after this if you wish,

Here are two great free ones that I suggest.

Sophos Home.
Panda Free.

Rogue Killer Scan.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

[ul]
[li]Close all the running programs[/li][li]Double click on downloaded setup.exe file to install the program.[/li][li]Click on Start Scan button.[/li][li]Click on another Start Scan button.[/li][li]Wait until the Status box shows Scan Finished[/li][li]Click on Delete.[/li][li]Wait until the Status box shows Deleting Finished.[/li][li]Click on Report and copy/paste the content of the Notepad into your next reply.[/li][li]RKreport.txt could also be found on your desktop.[/li][li]If more than one log is produced post all logs.[/li][/ul]
ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.

1. Once you have started the program, you will need to click the scanner button.

[IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]

The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.

Clean up temp files and reduce startup load with CCleaner.

[ul]
[li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]

Step 1: FRST Fix.

Click Here To download Fixlist.txt

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Step 2:Upload File(s) to VirusTotal

[ul]
[li]Please go to VirusTotal.[/li][li]Click the Choose File button.[/li][li]Navigate to >>>>>>>> C:\Windows\System32\Drivers\FACEIT.sys[/li][li]or simply copy and paste it. [/li][li] [/li]https://pchelpforum.net/attachments/...8-22-png.1460/

[li]Click the Scan it! button.[/li][li]You might see a message saying File already analysed, if you do click Reanalyse.[/li][li]Wait for all the scans to finish then copy and paste the web address from your broswer’s address bar.[/li]Example of web address :
[IMG alt="VirusTotalresultslink" width="690px" height="19px"]http://i526.photobucket.com/albums/cc345/MPKwings/VirusTotalresultslink.jpg[/IMG]

[li]Include the link in your next reply.[/li][/ul]
Step 3: Zemana Scan.
Please download Zemana AntiMalware and save it to your Desktop.
[ul]
[li]Install the program and once the installation is complete it will start automatically.[/li][li]Click the Cog/Sproket Wheel, https://pchelpforum.net/attachments/...3-19-png.1462/ at the top right of Zemana[/li][li]Select Advanced - I have read the warning and wish to proceed.[/li][li]Place a tick next to Detect Suspicious (Root CA) Certificates.[/li][li]Then click the house icon in Zemana.[/li][li]Then, press Scan to begin.[/li][li]After the short scan is finished, if threats are detected press Next to remove them.[/li][/ul]
Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn’t required, please restart your computer manually.
[ul]
[li]Open Zemana AntiMalware again.[/li][li]Click on http://i63.tinypic.com/4zu6vb.jpg icon and double click the latest report.[/li][li]Now click File > Save As and choose your Desktop before pressing Save.[/li][li]The only left thing is to Copy Paste saved report in your next message.[/li][/ul]
[ul]
[li]This will open a logfile, post that in your next reply[/li][/ul]

On a side note. You are Running FRST D:\Downloads
The program is designed to work from the Desktop.
Make sure and have FRST & the Fixlist on the deskop, prior to pressing fix.

~ ZHPCleaner v2017.2.2.22 by Nicolas Coolman (2017/02/02)
~ Run by FIXIIE (Administrator) (03/02/2017 03:50:03)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook : ZHP
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\FIXIIE\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\FIXIIE\AppData\Roaming\ZHP\ZHPCleaner_Qua rantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)

—\ Services (0)
~ No malicious or unnecessary items found.

—\ Browser internet (0)
~ No malicious or unnecessary items found.

—\ Hosts file (1)
~ The hosts file is legitimate (30)

—\ Scheduled automatic tasks. (1)
DELETED task: [update-S-1-5-21-459705389-3442733056-3860532926-1000] [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (Not File) ] =>.Superfluous.Skillbrains

—\ Explorer ( File, Folder) (23)
MOVED file: C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [Copyright 2009 - Starter Module] =>.Superfluous.Skillbrains
MOVED file: C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [Copyright 2009 - Starter Module] =>.Superfluous.Skillbrains
MOVED file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{3540181E-340A-4E7A-B409-31663472B2F7}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED folder: C:\Program Files (x86)\Skillbrains =>.Superfluous.Skillbrains
MOVED folder: C:\Users\FIXIIE\AppData\Local\CrashReportClient =>.Superfluous.CrashReports
MOVED folder: C:\ProgramData\Microsoft\Blend =>Adware.Suspect
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
MOVED folder: C:\Windows\Installer\MSI12B8.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI1881.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI1B17.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI1BD4.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI2F5.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI44F3.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI9E80.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSI9EA.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIA055.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIBA32.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSIC6C.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSID06D.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSID11A.tmp- =>.Superfluous.Empty
MOVED folder: C:\Windows\Installer\MSID52.tmp- =>.Superfluous.Empty

—\ Registry ( Key, Value, Data) (10)
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot [C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (Not File)] =>.Superfluous.Skillbrains
DELETED key*: HKEY_USERS\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\SkillBrains =>.Superfluous.Skillbrains
DELETED key: HKCU\Software\SkillBrains =>.Superfluous.Skillbrains
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\013F0B4978CD4F642BC4FD01AF9EC688 [D:\Program Files\Autodesk\3ds Max Design 2013\UI_ln\Resources\Dark\Icons\Main\Gravity Space Warp - Gravity_Objects Space Warps - 32.png] =>PUP.Optional.GravitySpace
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains =>.Superfluous.Skillbrains
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>.Superfluous.Skillbrains
DELETED key*: HKCU\SOFTWARE\c4ad1f80810f2364727836575f208081 =>Hijacker.Browser
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \Akamai NetSession Interface [“C:\Users\FIXIIE\AppData\Local\Akamai\netsession_w in.exe”] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules\TCP Query User{327F6C31-2DBE-4E30-9DF7-DB62BC0E3296}C:\users\fixiie\appdata\local\akamai\ netsession_win.exe [C:\users\fixiie\appdata\local\akamai\netsession_wi n.exe] =>.Superfluous.AkamaiHD
DELETED value: HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules\UDP Query User{AB373BC7-8D19-4AE5-B922-AB90198E1141}C:\users\fixiie\appdata\local\akamai\ netsession_win.exe [C:\users\fixiie\appdata\local\akamai\netsession_wi n.exe] =>.Superfluous.AkamaiHD

—\ Summary of the elements found (8)
https://www.anti-malware.top/2016/04...s-skillbrains/ =>.Superfluous.Skillbrains
Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.Empty
Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.CrashReports
Redirecting... =>Adware.Suspect
https://nicolascoolman.eu/2017/01/15...are-quicktime/ =>Riskware.QuickTime
Le repaquetage ou l'empaquetage logiciel peut représenter un risque de sécurité - ZAM =>PUP.Optional.GravitySpace
Hijacker Browser, un pirate de navigateur internet. - ZAM =>Hijacker.Browser
Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.AkamaiHD

—\ Other deletions. (27)
~ Registry Keys Tracing deleted (27)
~ Remove the old reports ZHPCleaner. (0)

—\ Result of repair
~ Repair carried out successfully

—\ Statistics
~ Items scanned : 984
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 34

~ End of clean in 00h00mn18s
~====================
ZHPCleaner-[R]-03022017-03_50_21.txt
ZHPCleaner--03022017-03_48_43.txt

Zemana AntiMalware 2.72.2.101 (Installed)

---

Scan Result : Completed
Scan Date : 2017-2-3
Operating System : Windows 7 64-bit
Processor : 8X Intel(R) Core™ i7-4790K CPU @ 4.00GHz
BIOS Mode : Legacy
CUID : 1243CAAB6114CBDA31E0E8
Scan Type : System Scan
Duration : 2m 10s
Scanned Objects : 188125
Detected Objects : 5
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
un-stop.org
Status : Scanned
Object : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Ce rtificates\32E50263DB84794D3537E36AA2791F44F76E873 7\Blob
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Root CA
Cleaning Action : Delete
Related Objects :
Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Ce rtificates\32E50263DB84794D3537E36AA2791F44F76E873 7\Blob = 190000000100000010000000CD02BA74983AEAC2F4ED90ED36 3816FA0F00000001000000200000001B16C6BA05997B7FDD5D 519F5BB9F83C30410A49BE7B226B7DF345D0770A72B9030000 00010000001400000032E50263DB84794D3537E36AA2791F44 F76E8737140000000100000014000000BF5F600115C9F101AF B531C9A08100FD334997B020000000010000002F0300003082 032B30820213A003020102020900F720301936CBF15D300D06 092A864886F70D01010B0500302C3114301206035504030C0B 756E2D73746F702E6F726731143012060355040A0C0B756E2D 73746F702E6F7267301E170D3136303331383136303031315A 170D3236303331363136303031315A302C3114301206035504 030C0B756E2D73746F702E6F726731143012060355040A0C0B 756E2D73746F702E6F726730820122300D06092A864886F70D 01010105000382010F003082010A0282010100BFBB00610764 F0ADBA4BE50743A5B297248DC0E75A106A0A159DC263A8C2A6 31F5BC3BFF6BEB0E7B7968DDFC1FF066EB5C6213F6FBD0730A B322D0BAA4B1AE1ED71DEC787EC29478FCB92C4D59A122D731 BB2613D9FC58528D86EDB7DEEB9B96C6BD2FCBD950FD3453C6 03C32A2883EABDBB099AF320AD073CA56B26DAEB0A28D20FA2 521E63B5509C4A62793DD93DD667F07AE5AE95A858ED8126DC 400F3B612E4045B8187A6B7DCBC64D083CAA0E0BC340B77DF8 C49D17468F86EFDB8D51BC6A20D73D7672AD8574DA78B82441 E92BE7DE329D46BD5132363FA37D24606EA7E4018F4824D78C 3340CDDDED3A8757FAA0D7091C096570FE9251AB2BC60D8F49 0203010001A350304E301D0603551D0E04160414BF5F600115 C9F101AFB531C9A08100FD334997B0301F0603551D23041830 168014BF5F600115C9F101AFB531C9A08100FD334997B0300C 0603551D13040530030101FF300D06092A864886F70D01010B 05000382010100B34D31798E34D1AB710361C358B64BAC5389 EFE4DA33DE7FF463C3EB1EC36696FBDB2791D6A8ACAC08A5DD 803E7B97DD3F9654D444BFF1D431B0932C05C5095FF7F891E5 DF3DE23DC2BB7C17BD70229D36023879998B51D23B5AFF702B A969E10E15A691DC7744E3B99D6A95BEA0F0266513CF88EAFE B90ABDF8D9623A3E4C46A6AA06ACE0D0F6DA5B494F1524A9B8 EA6D4A5302ECD2A3E931312EDBDBB3212125C7BC0E9F3B4E1A 72A89E2030E1E1DBB1E05A9F4B35806C2A3B13079E7152E2B3 EFD10A6A179CCAB94DA59B8B4F4A4E6F88FB300B5256079284 0D16ADA3657DBAC7619A3BCEAAD2B3E20FBD1D84E1A8CEF090 6AE2DF1795F81BFE40F910C8D7

Firefox Search
Status : Scanned
Object : Tyda.se - http://tyda.se
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : Prisjakt - http://prisjakt.nu
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : Prisjakt - http://prisjakt.nu
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search

Firefox Search
Status : Scanned
Object : Allaannonser - http://allaannonser.se
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search
[HEADING=1]Cleaning Result[/HEADING]
Cleaned : 5
Reported as safe : 0
Failed : 0

Also, Rogue Killer scan wouldn’t let me report what was detected, followed the instruction perfectly. but it discovered a few and fixed it.

[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by FIXIIE (03-02-2017 04:02:27) Run:1
Running from C:\Users\FIXIIE\Desktop
Loaded Profiles: FIXIIE (Available Profiles: FIXIIE & Guest)
Boot Mode: Normal[/HEADING]
fixlist content:

---

Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
RemoveProxy:
HKLM...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM...\Run: [ShadowPlay] => “C:\Windows\system32\rundll32.exe” C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Policies\Explorer:
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: F - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {0424c103-0ca6-11e6-adc0-14dda977ff22} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {0bbf0c51-c8df-11e5-94c1-d43d7e93e91f} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {1b1edbeb-e9ad-11e6-bf85-14dda977ff22} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {4fe8f14f-89ff-11e5-8c65-b6c19a8f7e37} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {63a160a1-dee7-11e5-93dd-d43d7e93e91f} - H:\SETUP.EXE
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {64945568-bb2e-11e5-829e-d43d7e93e91f} - H:\MAXON-Start.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {74f4039c-a63e-11e5-bbc0-e71a59b7bd35} - F:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {b405b0e3-b3c1-11e5-a119-d43d7e93e91f} - H:\AutoInst.exe
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\MountPoints2: {f77f826c-ed55-11e5-853d-14dda977ff22} - F:\AutoInst.exe
Startup: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Folding@home.lnk [2016-10-27]
ShortcutTarget: Folding@home.lnk → D:\Program Files\FAHClient\HideConsole.exe ()
Tcpip\Parameters: [DhcpNameServer] 195.67.199.30 8.8.8.8
Tcpip..\Interfaces{3BB419ED-B9DB-4E96-89B8-E440B7AC39E5}: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{7816BBD9-6A68-4A91-8281-02D290E56F4E}: [DhcpNameServer] 195.67.199.30 8.8.8.8
Tcpip..\Interfaces{7FC0E632-6C4C-42E1-A5AE-4C83E8BAD706}: [DhcpNameServer] 195.67.199.30 8.8.8.8
FF Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-23]
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
CHR Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-09]
S2 NVIDIA Wireless Controller Service; “C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe”
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys
S3 MBAMSwissArmy; ??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
S3 TEAM; system32\DRIVERS\RtTeam60.sys
S3 VGPU; System32\drivers\rdvgkmd.sys
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
C:\Windows\Tasks\update-sys.job
C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8
C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job
C:\Windows\system32\MRT.exe
C:\Windows\system32\MRT
2016-07-02 12:39 - 2016-11-15 05:23 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe BMP Format CS5 Prefs
2016-04-21 14:23 - 2016-06-25 17:52 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2016-04-20 19:51 - 2017-01-15 10:10 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-06-20 18:12 - 2017-01-14 07:51 - 0000132 _____ () C:\Users\FIXIIE\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-12-05 05:30 - 2016-12-05 06:19 - 0005186 _____ () C:\Users\FIXIIE\AppData\Roaming\pixplant3settings. txt
2016-04-06 03:49 - 2016-04-07 19:29 - 0000995 _____ () C:\Users\FIXIIE\AppData\Roaming\SAS7_000.DAT
2016-02-12 19:29 - 2016-07-05 05:10 - 0001456 _____ () C:\Users\FIXIIE\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-01-26 19:49 - 2016-01-26 19:49 - 0007597 _____ () C:\Users\FIXIIE\AppData\Local\Resmon.ResmonCfg
2015-11-21 10:16 - 2015-11-21 10:16 - 0000003 _____ () C:\Users\FIXIIE\AppData\Local\updater.log
2015-11-21 10:16 - 2016-08-06 13:15 - 0000424 _____ () C:\Users\FIXIIE\AppData\Local\UserProducts.xml
2016-07-20 02:32 - 2016-07-20 02:32 - 0000000 H () C:\ProgramData\DP45977C.lfl
2016-08-08 23:06 - 2016-08-08 23:06 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-15 19:50 - 2017-01-23 15:39 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 19:50 - 2017-01-23 15:16 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-05 05:30 - 2016-12-05 05:30 - 0000000 _____ () C:\ProgramData\pixplant3settings.txt
2016-05-19 18:25 - 2014-07-31 17:54 - 0015752 _____ (Autodesk, Inc.) C:\Users\FIXIIE\AppData\Local\Temp\AcDeltree.exe
2016-04-28 01:58 - 2015-08-06 22:30 - 2212144 _____ (Adobe Systems Incorporated) C:\Users\FIXIIE\AppData\Local\Temp\AdobeApplicatio nManager.exe
2016-04-21 15:27 - 2016-03-23 15:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0813132 94700.exe
2016-05-13 18:36 - 2016-04-14 16:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0816539 49844.exe
2016-06-01 15:34 - 2016-04-22 09:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0821361 25835.exe
2016-07-27 09:00 - 2016-06-21 17:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0846502 7878.exe
2016-08-23 00:37 - 2016-07-20 13:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\FIXIIE\AppData\Local\Temp\avguirn_0856430 8837.exe
2016-05-19 18:02 - 2016-05-19 18:15 - 0009728 _____ () C:\Users\FIXIIE\AppData\Local\Temp\bassmod.dll
2016-10-27 11:41 - 2016-10-27 11:42 - 0160888 _____ () C:\Users\FIXIIE\AppData\Local\Temp\ce-swap.exe
2016-10-26 12:54 - 2016-10-26 12:54 - 0458116 _____ (Aladdin Knowledge Systems Ltd.) C:\Users\FIXIIE\AppData\Local\Temp\haspdinst_x64.e xe
2016-04-17 21:47 - 2016-03-10 12:10 - 0037376 _____ (Microsoft) C:\Users\FIXIIE\AppData\Local\Temp\HiPatchSelfUpda teWindow.exe
2016-04-17 21:47 - 2015-10-14 12:50 - 0020480 _____ (Microsoft) C:\Users\FIXIIE\AppData\Local\Temp\HiRezLauncherCo ntrols.dll
2017-01-01 21:36 - 2017-01-01 21:36 - 2864736 _____ (Hola Networks Ltd.) C:\Users\FIXIIE\AppData\Local\Temp\Hola-Setup-x64-1.26.859.exe
2016-06-30 23:52 - 2016-06-30 23:52 - 4211112 _____ () C:\Users\FIXIIE\AppData\Local\Temp\npp.6.9.2.Insta ller.exe
2016-04-03 19:23 - 2016-12-11 19:23 - 0747648 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI.dll
2016-07-07 11:20 - 2016-09-16 23:31 - 0860776 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI64.dll
2016-09-22 00:02 - 2016-09-16 23:30 - 0426040 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvscpapisvr.exe
2016-06-07 15:08 - 2016-06-03 04:19 - 0386160 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI.dl l
2016-07-07 11:20 - 2016-08-11 12:23 - 0485344 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI64. dll
2016-05-03 20:44 - 2016-12-11 19:23 - 0353336 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\nvStInst.exe
2016-12-04 02:03 - 2016-11-17 14:42 - 1135552 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetry.dll
2016-12-04 02:03 - 2017-01-06 02:10 - 0255032 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI3 2.dll
2016-12-04 02:03 - 2017-01-06 02:10 - 0335928 _____ (NVIDIA Corporation) C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI6 4.dll
2016-05-10 17:54 - 2016-05-10 17:55 - 45196928 _____ (Skype Technologies S.A.) C:\Users\FIXIIE\AppData\Local\Temp\SkypeSetup.exe
2016-06-13 02:23 - 2016-06-13 02:23 - 30533688 _____ () C:\Users\FIXIIE\AppData\Local\Temp\vlc-2.2.4-win32.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\FIXIIE\AppData\Local\Temp\xmlUpdater.exe
C:\Users\FIXIIE\AppData\Local\Temp
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {0210B291-3FCD-4635-965A-28A3219CF9B8} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {136F6B88-3D8D-483F-B07F-4E7D3225F301} - System32\Tasks\NvTmRepOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {1694724D-1863-4810-8FD6-6319C4425A26} - System32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {1CEA884D-0EA4-43D2-82DF-DDB2CB31BDCD} - System32\Tasks\NvTmMon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {259118CC-8076-4395-87B7-C4AE3F372AF0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {35669D06-D2E1-43FE-ABA0-C5920A05E160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {3AB65712-DC07-4B43-905A-629DD324E18C} - System32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {518DFB82-8DFC-47D4-A4EA-FCD212089064} - System32\Tasks\AdobeAAMUpdater-1.0-FIXIIE-PC-FIXIIE => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe [2016-03-22] (Adobe Systems Incorporated)
Task: {519E8252-0DBE-4073-9D11-AB059EEBB8BC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo “C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs”
Task: {55E456BB-05F1-4EBB-9FF2-CEB596E7DF3D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {6941E2E1-2903-4F0C-80CD-F34B2CEF7A3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-08] (Google Inc.)
Task: {8A03348C-3F6E-45A6-B459-3CACA7B34BA4} - System32\Tasks\Opera scheduled Autoupdate 1444085072 => D:\Program Files\Opera\launcher.exe
Task: {961CFD4D-1976-4470-AFD6-EF852C3C9165} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {A90217D8-B2B0-47B0-9530-5C80FD627ECD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {B6AE88C8-DA2A-46AA-A614-C944DE27325F} - System32\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {ED665B10-E27F-4117-83F5-EA3DDB75AC6F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
ShortcutWithArgument: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Startprogrammet för appar i Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --show-app-list
ShortcutWithArgument: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Googl e Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) → --profile-directory=“Profile 2”
ShortcutWithArgument: C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\Nexon Launcher.lnk → D:\Program Files\Nexon Launcher\bin\nexon_client\nexon_client.exe (The NWJS Community) → --user-data-dir=“C:\Users\FIXIIE\AppData\Local\NexonLauncher\U ser Data” --profile-directory=Default --app-id=dobbaijafcbikgimjpakclacfgeagffm
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [168]
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [138]
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Classes.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe “%1”
IE trusted site: HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\hola.org → hxxp://hola.org
Hosts:
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SteelSeries Engine 3.lnk => C:\Windows\pss\SteelSeries Engine 3.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK trådlösa konfigurationsverktyg.lnk => C:\Windows\pss\TP-LINK trådlösa konfigurationsverktyg.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^FIXIIE^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^Folding@home.lnk => C:\Windows\pss\Folding@home.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => “C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe”
MSCONFIG\startupreg: ADSKAppManager => “C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe” -showminimized -checkautorun
MSCONFIG\startupreg: APSDaemon => “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: AvgUi => “C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe” /lps=fmw
MSCONFIG\startupreg: BCSSync => “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => “D:\Program Files\DAEMON Tools Lite\DTAgent.exe” -autorun
MSCONFIG\startupreg: FileZilla Server Interface => “C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe”
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => “C:\Program Files\iTunes\iTunesHelper.exe”
MSCONFIG\startupreg: Lightshot => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: NvBackend => “C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe”
MSCONFIG\startupreg: ShadowPlay => “C:\Windows\system32\rundll32.exe” C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSyst emStart
MSCONFIG\startupreg: Speech Recognition => “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup
MSCONFIG\startupreg: Spotify => “C:\Users\FIXIIE\AppData\Roaming\Spotify\Spotify.e xe” -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => “C:\Users\FIXIIE\AppData\Roaming\Spotify\SpotifyWe bHelper.exe”
MSCONFIG\startupreg: USB Gamepad => C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot
MSCONFIG\startupreg: USB3MON => “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
EmptyTemp:
reboot:
end

---

Restore point was successfully created.
Processes closed successfully.

========= RemoveProxy: =========

HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

HKLM\Software\Microsoft\Windows\CurrentVersion\Run \AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run \ShadowPlay => value removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer\ => value removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\F => key removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{0424c103-0ca6-11e6-adc0-14dda977ff22} => key removed successfully
HKCR\CLSID{0424c103-0ca6-11e6-adc0-14dda977ff22} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{0bbf0c51-c8df-11e5-94c1-d43d7e93e91f} => key removed successfully
HKCR\CLSID{0bbf0c51-c8df-11e5-94c1-d43d7e93e91f} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{1b1edbeb-e9ad-11e6-bf85-14dda977ff22} => key removed successfully
HKCR\CLSID{1b1edbeb-e9ad-11e6-bf85-14dda977ff22} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{4fe8f14f-89ff-11e5-8c65-b6c19a8f7e37} => key removed successfully
HKCR\CLSID{4fe8f14f-89ff-11e5-8c65-b6c19a8f7e37} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{63a160a1-dee7-11e5-93dd-d43d7e93e91f} => key removed successfully
HKCR\CLSID{63a160a1-dee7-11e5-93dd-d43d7e93e91f} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{64945568-bb2e-11e5-829e-d43d7e93e91f} => key removed successfully
HKCR\CLSID{64945568-bb2e-11e5-829e-d43d7e93e91f} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{74f4039c-a63e-11e5-bbc0-e71a59b7bd35} => key removed successfully
HKCR\CLSID{74f4039c-a63e-11e5-bbc0-e71a59b7bd35} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{b405b0e3-b3c1-11e5-a119-d43d7e93e91f} => key removed successfully
HKCR\CLSID{b405b0e3-b3c1-11e5-a119-d43d7e93e91f} => key not found.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{f77f826c-ed55-11e5-853d-14dda977ff22} => key removed successfully
HKCR\CLSID{f77f826c-ed55-11e5-853d-14dda977ff22} => key not found.
C:\Users\FIXIIE\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Folding@home.lnk => moved successfully
D:\Program Files\FAHClient\HideConsole.exe => moved successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{3BB419ED-B9DB-4E96-89B8-E440B7AC39E5}\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{7816BBD9-6A68-4A91-8281-02D290E56F4E}\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{7FC0E632-6C4C-42E1-A5AE-4C83E8BAD706}\DhcpNameServer => value removed successfully
C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
HKLM\Software\MozillaPlugins@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb => moved successfully
NVIDIA Wireless Controller Service => service not found.
HKLM\System\CurrentControlSet\Services\IntcAzAudAd dService => key removed successfully
IntcAzAudAddService => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissAr my => key removed successfully
MBAMSwissArmy => service removed successfully
HKLM\System\CurrentControlSet\Services\TEAM => key removed successfully
TEAM => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully
VGPU => service removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
C:\Windows\Tasks\update-sys.job => moved successfully
C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
“C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8” => not found.
“C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job” => not found.
C:\Windows\system32\MRT.exe => moved successfully
C:\Windows\system32\MRT => moved successfully
C:\Users\FIXIIE\AppData\Roaming\Adobe BMP Format CS5 Prefs => moved successfully
C:\Users\FIXIIE\AppData\Roaming\Adobe IllExport Filter CS5 Prefs => moved successfully
C:\Users\FIXIIE\AppData\Roaming\Adobe PNG Format CS5 Prefs => moved successfully
C:\Users\FIXIIE\AppData\Roaming\Adobe Targa Format CS5 Prefs => moved successfully
C:\Users\FIXIIE\AppData\Roaming\pixplant3settings. txt => moved successfully
C:\Users\FIXIIE\AppData\Roaming\SAS7_000.DAT => moved successfully
C:\Users\FIXIIE\AppData\Local\Adobe Save for Web 12.0 Prefs => moved successfully
C:\Users\FIXIIE\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\FIXIIE\AppData\Local\updater.log => moved successfully
C:\Users\FIXIIE\AppData\Local\UserProducts.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\ProgramData\NvTelemetryContainer.log => moved successfully
C:\ProgramData\NvTelemetryContainer.log_backup1 => moved successfully
C:\ProgramData\pixplant3settings.txt => moved successfully
“C:\Users\FIXIIE\AppData\Local\Temp\AcDeltree.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\AdobeApplicati onManager.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\avguirn_081313 294700.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\avguirn_081653 949844.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\avguirn_082136 125835.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\avguirn_084650 27878.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\avguirn_085643 08837.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\bassmod.dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\ce-swap.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\haspdinst_x64. exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\HiPatchSelfUpd ateWindow.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\HiRezLauncherC ontrols.dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\Hola-Setup-x64-1.26.859.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\npp.6.9.2.Inst aller.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI.dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvSCPAPI64.dll ” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvscpapisvr.ex e” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI.d ll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvStereoApiI64 .dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\nvStInst.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetry.dl l” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI 32.dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\NvTelemetryAPI 64.dll” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\SkypeSetup.exe ” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\vlc-2.2.4-win32.exe” => not found.
“C:\Users\FIXIIE\AppData\Local\Temp\xmlUpdater.exe ” => not found.

“C:\Users\FIXIIE\AppData\Local\Temp” folder move:

Could not move “C:\Users\FIXIIE\AppData\Local\Temp” => Scheduled to move on reboot.

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{0210B29 1-3FCD-4635-965A-28A3219CF9B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{0210B29 1-3FCD-4635-965A-28A3219CF9B8} => key removed successfully
C:\Windows\System32\Tasks\Red Giant Link => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Red Giant Link => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{136F6B8 8-3D8D-483F-B07F-4E7D3225F301} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{136F6B8 8-3D8D-483F-B07F-4E7D3225F301} => key removed successfully
C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRepO nLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{1694724 D-1863-4810-8FD6-6319C4425A26} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{1694724 D-1863-4810-8FD6-6319C4425A26} => key removed successfully
C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriver UpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{1CEA884 D-0EA4-43D2-82DF-DDB2CB31BDCD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{1CEA884 D-0EA4-43D2-82DF-DDB2CB31BDCD} => key removed successfully
C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmMon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{259118C C-8076-4395-87B7-C4AE3F372AF0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{259118C C-8076-4395-87B7-C4AE3F372AF0} => key removed successfully
C:\Windows\System32\Tasks\update-sys => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-sys => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{35669D0 6-D2E1-43FE-ABA0-C5920A05E160} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{35669D0 6-D2E1-43FE-ABA0-C5920A05E160} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUp dateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{3AB6571 2-DC07-4B43-905A-629DD324E18C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{3AB6571 2-DC07-4B43-905A-629DD324E18C} => key removed successfully
C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfil eUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{518DFB8 2-8DFC-47D4-A4EA-FCD212089064} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{518DFB8 2-8DFC-47D4-A4EA-FCD212089064} => key removed successfully
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-FIXIIE-PC-FIXIIE => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAM Updater-1.0-FIXIIE-PC-FIXIIE => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{519E825 2-0DBE-4073-9D11-AB059EEBB8BC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{519E825 2-0DBE-4073-9D11-AB059EEBB8BC} => key removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESR V_SVC_QUEENCREEK => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{55E456B B-05F1-4EBB-9FF2-CEB596E7DF3D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{55E456B B-05F1-4EBB-9FF2-CEB596E7DF3D} => key removed successfully
C:\Windows\System32\Tasks\Intel\Intel Telemetry 2 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel\In tel Telemetry 2 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{6941E2E 1-2903-4F0C-80CD-F34B2CEF7A3A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{6941E2E 1-2903-4F0C-80CD-F34B2CEF7A3A} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUp dateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{8A03348C-3F6E-45A6-B459-3CACA7B34BA4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{8A03348 C-3F6E-45A6-B459-3CACA7B34BA4} => key removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444085072 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1444085072 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{961CFD4 D-1976-4470-AFD6-EF852C3C9165} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{961CFD4 D-1976-4470-AFD6-EF852C3C9165} => key removed successfully
C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon{A90217D 8-B2B0-47B0-9530-5C80FD627ECD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{A90217D 8-B2B0-47B0-9530-5C80FD627ECD} => key removed successfully
C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLa uncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{B6AE88C 8-DA2A-46AA-A614-C944DE27325F} => key not found.
C:\Windows\System32\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\update-S-1-5-21-459705389-3442733056-3860532926-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{ED665B1 0-E27F-4117-83F5-EA3DDB75AC6F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{ED665B1 0-E27F-4117-83F5-EA3DDB75AC6F} => key removed successfully
C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfil eUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key removed successfully
C:\Windows\Tasks\update-S-1-5-21-459705389-3442733056-3860532926-1000.job => not found.
C:\Windows\Tasks\update-sys.job => not found.
C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Startprogrammet för appar i Chrome.lnk => Shortcut argument removed successfully.
C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Googl e Chrome.lnk => Shortcut argument removed successfully.
C:\Users\FIXIIE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2fae1f4995fc9e7f\Nexon Launcher.lnk => Shortcut argument removed successfully.
C:\ProgramData\TEMP => “:0FF263E8” ADS removed successfully.
C:\ProgramData\TEMP => “:A1EDB939” ADS removed successfully.
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Classes\AutoCADScriptFile => key removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Classes.scr => key removed successfully
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\hola.org => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service => key removed successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Micros oft^Windows^Start Menu^Programs^Startup^SteelSeries Engine 3.lnk => key removed successfully
C:\Windows\pss\SteelSeries Engine 3.lnk.CommonStartup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Micros oft^Windows^Start Menu^Programs^Startup^TP-LINK trådlösa konfigurationsverktyg.lnk => key removed successfully
C:\Windows\pss\TP-LINK trådlösa konfigurationsverktyg.lnk.CommonStartup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^FIXIIE^AppDa ta^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => key removed successfully
C:\Windows\pss\Curse.lnk.Startup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^FIXIIE^AppDa ta^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => key removed successfully
C:\Windows\pss\CurseClientStartup.ccip.Startup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^FIXIIE^AppDa ta^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Folding@home.lnk => key removed successfully
C:\Windows\pss\Folding@home.lnk.Startup => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0 => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSKAppManager => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUi => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BCSSync => key not found.
HKLM\System\CurrentControlSet\Services\BCSSync => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite Automount => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FileZilla Server Interface => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lightshot => key not found.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Speech Recognition => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB Gamepad => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON => key removed successfully

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10276310 B
Java, Flash, Steam htmlcache => 426085058 B
Windows/system/drivers => 12245274 B
Edge => 0 B
Chrome => 45170674 B
Firefox => 10646932 B
Opera => 4305920 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 168458 B
LocalService => 66228 B
NetworkService => 66228 B
FIXIIE => 92787177 B
Guest => 119999 B

RecycleBin => 544 B
EmptyTemp: => 574.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-02-2017 04:03:52)

C:\Users\FIXIIE\AppData\Local\Temp => moved successfully

==== End of Fixlog 04:03:52 ====

You should be able to find the RK log on the C: drive. If not skip then do these scans to make sure we have gotten everything.

Step 1: Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

Step 2: JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]

Step 3: HijackThis.

1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.

Step 4: Fresh FRST Logs.

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

[ul]
[li]Right-click on FRST icon and select Run as Administrator to start the tool.[/li](XP users click run after receipt of Windows Security Warning - Open File).
[li]Make sure that Addition option is checked.[/li][li]Press Scan button and wait.[/li][li]The tool will produce two logfiles on your desktop: FRST.txt, and Addition.txt.[/li][/ul]
Please Copy & Paste them into your next reply

[HEADING=1]AdwCleaner v6.043 - Logfile created 03/02/2017 at 04:38:02[/HEADING]
[HEADING=1]Updated on 27/01/2017 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-02-02.4 [Server][/HEADING]
[HEADING=1]Operating System : Windows 7 Ultimate Service Pack 1 (X64)[/HEADING]
[HEADING=1]Username : FIXIIE - FIXIIE-PC[/HEADING]
[HEADING=1]Running from : D:\Downloads\adwcleaner_6.043.exe[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]Support : https://www.malwarebytes.com/support[/HEADING]
***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\BSD\DriverHive
[-] Folder deleted: C:\ProgramData\BSD
[#] Folder deleted on reboot: C:\ProgramData\BSD\DriverHiveEngine
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHive
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHiveEngine

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

---

:: “Tracing” keys deleted
:: Winsock settings cleared

---

C:\AdwCleaner\AdwCleaner[C0].txt - [1146 Bytes] - [03/02/2017 04:38:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [1439 Bytes] - [03/02/2017 04:37:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1292 Bytes] ##########

File System: 8

Successfully deleted: C:\Users\FIXIIE\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\4YBDRLZR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\FIXIIE\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\GRU6NLN7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\FIXIIE\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\HR989DL0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\FIXIIE\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\QUPU4350 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\4YBDRLZR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\GRU6NLN7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\HR989DL0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\QUPU4350 (Temporary Internet Files Folder)

Registry: 0

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:45:49, on 2017-02-03
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
D:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
D:\Downloads\HijackThis (1).exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search - Microsoft Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft Web Test Recorder 14.0 Helper - {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} - D:\Program Files\Microsoft Visual 2015\Common7\IDE\PrivateAssemblies\Microsoft.Visua lStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM..\Run: [AvgUi] “C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe” /lps=fmw
O4 - HKLM..\Run: [AVG_UI] “C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe” /lps=av
O4 - HKCU..\Run: [Skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU..\Run: [Steam] “X:\Program Files\Steam\steam.exe” -silent
O4 - HKCU..\Run: [CCleaner Monitoring] “D:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files\Smite\HiPatchService.exe
O23 - Service: HoudiniServer - Unknown owner - C:\Windows\system32\hserver.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit (mi-raysat_3dsmax2013_64) - Unknown owner - D:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2016 64-bit (mi-raysat_3dsmax2016_64) - Unknown owner - D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.e xe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RT2870 AutoInstall Service (RaAutoInstSrv_RT2870) - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\W326U Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - D:\Program Files\Zemana AntiMalware\ZAM.exe

–
End of file - 10580 bytes

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by FIXIIE (administrator) on FIXIIE-PC (03-02-2017 04:46:51)
Running from C:\Users\FIXIIE\Desktop
Loaded Profiles: FIXIIE (Available Profiles: FIXIIE & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Hi-Rez Studios) D:\Program Files\Smite\HiPatchService.exe
(Side Effects Software Inc.) C:\Windows\System32\hserver.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() D:\Program Files\AutoDesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\W326U Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Copyright 2017.) D:\Program Files\Zemana AntiMalware\ZAM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Trend Micro Inc.) D:\Downloads\HijackThis (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [ZAM] => D:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKLM-x32...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [Steam] => X:\Program Files\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-459705389-3442733056-3860532926-1000\Control Panel\Desktop\SCRNSAVE.EXE → C:\Windows\system32\FAHScreensaver.scr
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] → {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.67.199.30 8.8.8.8
Tcpip..\Interfaces{7FC0E632-6C4C-42E1-A5AE-4C83E8BAD706}: [DhcpNameServer] 195.67.199.30 8.8.8.8
[HEADING=1]Internet Explorer:[/HEADING]
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper → {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} → D:\Program Files\Microsoft Visual 2015\Common7\IDE\PrivateAssemblies\Microsoft.Visua lStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object → {FFCB3198-32F3-4E8B-9539-4324694ED664} → C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297 [2017-02-03]
FF Extension: (uBlock) - C:\Users\FIXIIE\AppData\Roaming\Mozilla\Firefox\Pr ofiles\o0fv9j39.default-1476311955297\Extensions{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2016-12-23]
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_ 213.dll [2016-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_ 213.dll [2016-05-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming → C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-01-20] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect → C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDet ect32.dll [2015-08-06] (Adobe Systems)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Default [2017-02-03]
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-02-03]
CHR Extension: (Google Translate) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-04-10]
CHR Extension: (Reverse Youtube Playlist) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ajhonbaagcobjdmbocblbebcmbmmbfmi [2017-01-11]
CHR Extension: (BetterTTV) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-18]
CHR Extension: (Google Drive) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-10]
CHR Extension: (YouTube) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-10]
CHR Extension: (Slinky Elegant) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2016-10-10]
CHR Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-03]
CHR Extension: (uBlock Origin) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-12-19]
CHR Extension: (Streamkeys) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ekpipjofdicppbepocohdlgenahaneen [2017-01-10]
CHR Extension: (TweetDeck by Twitter) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-04-10]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-12-17]
CHR Extension: (Momentum) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-01-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-10]
CHR Extension: (Chrome Media Router) - C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\FIXIIE\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-03]
[HEADING=1]Opera:[/HEADING]
OPR Extension: (Adblock Plus) - C:\Users\FIXIIE\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-26]
StartMenuInternet: (HKLM) OperaStable - D:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 HiPatchService; D:\Program Files\Smite\HiPatchService.exe [9728 2016-08-30] (Hi-Rez Studios) [File not signed]
R2 HoudiniServer; C:\Windows\system32\hserver.exe [7731712 2015-10-10] (Side Effects Software Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 mi-raysat_3dsmax2013_64; D:\Program Files\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () [File not signed]
S3 mi-raysat_3dsmax2016_64; D:\Program Files\AutoDesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.e xe [86016 2011-09-15] () [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3519984 2016-01-27] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe [464440 2017-01-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
R2 RaAutoInstSrv_RT2870; C:\Program Files (x86)\Tenda\W326U Flash Install Wireless LAN Card\AutoInstSvc\RaAutoInstSrv.exe [110592 2009-10-01] (Ralink Technology, Corp.) [File not signed]
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 VSStandardCollectorService140; D:\Program Files\Microsoft Visual 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.S ervice.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; D:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
S2 gupdate; “C:\Program Files (x86)\Google\Update\GoogleUpdate.exe” /svc
S3 gupdatem; “C:\Program Files (x86)\Google\Update\GoogleUpdate.exe” /medsvc

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-16] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [4085256 2017-01-15] ()
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [41816 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [45928 2017-01-13] (SteelSeries ApS)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-03] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-03] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-03 04:41 - 2017-02-03 04:41 - 00001867 _____ C:\Users\FIXIIE\Desktop\JRT.txt
2017-02-03 04:36 - 2017-02-03 04:38 - 00000000 ____D C:\AdwCleaner
2017-02-03 04:16 - 2017-02-03 04:16 - 00004761 _____ C:\Users\FIXIIE\Desktop\zemana.txt
2017-02-03 04:08 - 2017-02-03 04:46 - 00308799 _____ C:\Windows\ZAM.krnl.trace
2017-02-03 04:08 - 2017-02-03 04:46 - 00294084 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-02-03 04:07 - 2017-02-03 04:07 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-02-03 04:07 - 2017-02-03 04:07 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-02-03 04:07 - 2017-02-03 04:07 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Zemana
2017-02-03 04:07 - 2017-02-03 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-02-03 04:02 - 2017-02-03 04:03 - 00040954 _____ C:\Users\FIXIIE\Desktop\Fixlog.txt
2017-02-03 04:01 - 2017-02-03 04:46 - 00000000 ____D C:\FRST
2017-02-03 04:01 - 2017-02-03 02:28 - 02420736 _____ (Farbar) C:\Users\FIXIIE\Desktop\FRST64.exe
2017-02-03 04:00 - 2017-02-03 04:00 - 00085818 _____ C:\Users\FIXIIE\Desktop\Addition.txt
2017-02-03 03:58 - 2017-02-03 04:47 - 00018717 _____ C:\Users\FIXIIE\Desktop\FRST.txt
2017-02-03 03:53 - 2017-02-03 03:54 - 00000000 ____D C:\Users\FIXIIE\Desktop\backup for registry after Ccleaner
2017-02-03 03:52 - 2017-02-03 03:52 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-02-03 03:48 - 2017-02-03 03:50 - 00005964 _____ C:\Users\FIXIIE\Desktop\ZHPCleaner.txt
2017-02-03 03:42 - 2017-02-03 04:14 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\ZHP
2017-02-03 03:42 - 2017-02-03 03:44 - 00000836 _____ C:\Users\FIXIIE\Desktop\ZHPCleaner.lnk
2017-02-03 03:42 - 2017-02-03 03:42 - 02700800 _____ C:\Users\FIXIIE\Desktop\ZHPCleaner.exe
2017-02-03 03:17 - 2017-02-03 03:17 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-02-03 03:15 - 2017-02-03 03:14 - 25969736 _____ C:\Users\FIXIIE\Desktop\RogueKillerX64.exe
2017-02-03 03:14 - 2017-02-03 03:15 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-03 03:13 - 2017-02-03 03:13 - 00000000 ____D C:\Users\FIXIIE.oracle_jre_usage
2017-02-03 03:12 - 2017-02-03 03:16 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\Geek Uninstaller
2017-02-03 03:01 - 2017-02-03 03:01 - 00000000 ____D C:\Users\Guest\AppData\Roaming\AVG
2017-02-03 03:00 - 2017-02-03 03:00 - 00000000 ____D C:\Users\Guest\Documents\4a games
2017-02-03 03:00 - 2017-02-03 03:00 - 00000000 ____D C:\Users\Guest\AppData\Roaming\NVIDIA
2017-02-03 02:59 - 2017-02-03 02:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Steam
2017-02-03 02:58 - 2017-02-03 02:58 - 00002254 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2017-02-03 02:58 - 2017-02-03 02:58 - 00001416 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Explorer.lnk
2017-02-03 02:58 - 2017-02-03 02:58 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 _SHDL C:\Users\Guest\My Documents
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 _SHDL C:\Users\Guest\Documents\My Videos
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 _SHDL C:\Users\Guest\Documents\My Pictures
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 _SHDL C:\Users\Guest\Documents\My Music
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\NVIDIA
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\CEF
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Avg
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest\AppData\Local\Adobe
2017-02-03 02:58 - 2017-02-03 02:58 - 00000000 ____D C:\Users\Guest
2017-02-03 02:58 - 2016-05-19 18:08 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2017-02-03 02:58 - 2016-03-01 10:19 - 00000000 ____D C:\Users\Guest\AppData\Local\Microsoft Help
2017-02-03 02:58 - 2015-12-09 14:02 - 00000000 ____D C:\Users\Guest\AppData\Roaming\TuneUp Software
2017-02-03 02:58 - 2010-11-21 08:16 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Media Center Programs
2017-02-03 01:47 - 2017-02-03 03:55 - 00000000 ____D C:\Windows\Minidump
2017-02-03 00:59 - 2017-02-03 03:08 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-02-02 23:14 - 2017-02-02 23:14 - 00000025 _____ C:\Users\FIXIIE\Desktop\tabdownprob.txt
2017-02-02 23:09 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-01-26 23:32 - 2017-01-26 23:32 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2017-01-24 19:37 - 2017-01-24 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-01-24 17:58 - 2017-01-24 17:58 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-24 17:58 - 2017-01-20 15:07 - 00134080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-01-24 17:58 - 2016-12-16 01:33 - 00273696 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-24 17:58 - 2016-12-16 01:33 - 00266528 _____ C:\Windows\system32\vulkan-1.dll
2017-01-24 17:58 - 2016-12-16 01:33 - 00111392 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-24 17:58 - 2016-12-16 01:32 - 00125728 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-24 17:56 - 2017-01-24 00:04 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-01-24 17:56 - 2017-01-24 00:04 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 34934720 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 28209720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 19092912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 19008392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 16403200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 14677456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 14286392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-01-24 17:56 - 2017-01-20 17:36 - 11123424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 11019192 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 09308896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 08990584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 03623992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 03185720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437849.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437849.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 01051072 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00990264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00960568 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00909760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00687224 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00609216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00576192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00504104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00425288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00412720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00173272 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00156792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00150760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00135840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-01-24 17:56 - 2017-01-20 17:36 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-01-24 17:56 - 2017-01-20 17:36 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-01-24 14:15 - 2017-01-24 14:15 - 00000000 ____D C:\Users\FIXIIE\Documents\4A Games
2017-01-24 14:06 - 2017-01-24 14:06 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\4A Games
2017-01-23 17:57 - 2017-01-23 18:33 - 00000487 _____ C:\Users\FIXIIE\Desktop\Emulator Dator.txt
2017-01-23 16:13 - 2017-01-23 16:13 - 00000000 ____D C:\ProgramData\IntelDLM
2017-01-23 16:11 - 2017-02-03 04:02 - 00000000 ____D C:\Windows\System32\Tasks\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Users\FIXIIE\Downloads\Intel Components
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\ProgramData\Intel
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Program Files\Intel Driver Update Utility
2017-01-23 16:11 - 2017-01-23 16:11 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2017-01-23 16:11 - 2016-10-18 17:14 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2017-01-23 15:38 - 2017-01-06 02:10 - 00158264 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-01-23 15:38 - 2017-01-06 02:10 - 00126008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-01-23 15:38 - 2017-01-06 02:10 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-01-23 15:34 - 2017-01-23 15:44 - 00000000 ____D C:\Users\FIXIIE\Documents\Monitor-Driver
2017-01-23 15:34 - 2017-01-23 15:34 - 00000000 ____D C:\Intel
2017-01-15 15:34 - 2017-01-15 15:34 - 04085256 _____ C:\Windows\system32\Drivers\FACEIT.sys
2017-01-15 15:34 - 2017-01-15 15:34 - 00000727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT Client.lnk
2017-01-13 13:09 - 2017-01-13 13:09 - 00000000 ____D C:\Users\FIXIIE\Documents\PS3 x64
2017-01-13 06:23 - 2017-01-13 06:23 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\NexonLauncher
2017-01-13 06:23 - 2017-01-13 06:23 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\NexonLauncher
2017-01-13 06:12 - 2017-01-13 06:12 - 00000000 ____D C:\ProgramData\X360CE
2017-01-11 19:23 - 2017-01-11 19:43 - 00000000 ____D C:\Users\FIXIIE\Documents\Adobe
2017-01-11 14:41 - 2017-01-11 14:41 - 00000000 ____D C:\Users\FIXIIE\Documents\PCSX2
2017-01-11 02:38 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 02:38 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 02:38 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 02:38 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 02:38 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 02:38 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 02:38 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 02:38 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 02:38 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 02:38 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 02:38 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-10 17:28 - 2017-01-10 17:28 - 00000000 ____D C:\Windows\USB Vibration
2017-01-10 17:28 - 2017-01-10 17:28 - 00000000 ____D C:\Program Files (x86)\USB Vibration
2017-01-10 17:28 - 2009-12-21 22:29 - 00000000 ____D C:\Users\FIXIIE\Documents\playstation adapter Drivers
2017-01-10 17:28 - 2007-12-12 14:04 - 00034963 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid7906.sys
2017-01-10 17:28 - 2007-12-03 08:46 - 00037024 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid8101.sys
2017-01-10 17:28 - 2007-11-28 10:52 - 00034587 _____ (Compuware Corporation) C:\Windows\SysWOW64\Drivers\hid8103.sys
2017-01-10 06:33 - 2017-01-10 06:33 - 00000000 ____D C:\Windows\USB_Vibration
2017-01-10 06:33 - 2017-01-10 06:33 - 00000000 ____D C:\Program Files (x86)\USB_Vibration
2017-01-09 17:40 - 2017-01-09 17:40 - 00040489 _____ C:\Users\FIXIIE\Documents\Charakterreferenz.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-03 04:43 - 2009-07-14 06:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-03 04:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-03 04:40 - 2016-02-17 13:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-03 04:39 - 2015-11-08 06:00 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\Skype
2017-02-03 04:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 04:38 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-03 04:38 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-03 04:12 - 2015-11-08 05:04 - 00000000 ____D C:\ProgramData\MFAData
2017-02-03 04:08 - 2015-11-08 03:38 - 00000000 ____D C:\Users\FIXIIE
2017-02-03 04:02 - 2016-01-16 09:06 - 00000000 ____D C:\Users\FIXIIE\AppData\LocalLow\Temp
2017-02-03 04:02 - 2015-12-19 12:08 - 00000000 ____D C:\Windows\pss
2017-02-03 03:55 - 2016-01-16 07:22 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\DAEMON Tools Lite
2017-02-03 03:55 - 2016-01-09 10:26 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\Sony
2017-02-03 03:55 - 2016-01-03 21:21 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\CrashDumps
2017-02-03 03:55 - 2015-12-18 08:25 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\TS3Client
2017-02-03 03:55 - 2015-11-08 12:32 - 00000000 ____D C:\Windows\Panther
2017-02-03 03:45 - 2016-12-23 11:42 - 00000000 ____D C:\Users\FIXIIE\AppData\LocalLow\Mozilla
2017-02-03 03:01 - 2016-10-27 11:13 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\FAHClient
2017-02-03 02:38 - 2016-05-19 17:10 - 00000000 ____D C:\Program Files (x86)\FileZilla Server
2017-02-03 02:17 - 2015-12-15 12:05 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Adobe
2017-02-03 00:15 - 2016-04-12 07:51 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Battle.net
2017-02-02 23:51 - 2016-01-30 17:17 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\OBS
2017-02-02 23:49 - 2015-11-08 05:34 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\vlc
2017-02-02 23:10 - 2015-11-08 04:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-02 23:10 - 2015-11-08 04:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-02 23:10 - 2015-11-08 04:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-02 20:52 - 2016-09-20 11:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2017-01-27 01:08 - 2015-11-23 06:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 23:32 - 2016-04-29 10:49 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\UnrealEngine
2017-01-26 13:23 - 2016-12-24 22:15 - 00000000 ____D C:\Users\FIXIIE\AppData\Roaming\steelseries-engine-3-client
2017-01-26 02:17 - 2016-05-21 15:34 - 00000000 ____D C:\Users\FIXIIE\Desktop\Dark Thoughts
2017-01-24 17:58 - 2015-11-08 04:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-01-24 00:04 - 2016-12-04 03:04 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-01-23 19:05 - 2016-01-24 02:09 - 00000000 ____D C:\Users\FIXIIE\Documents\Dolphin Emulator
2017-01-23 16:34 - 2015-12-28 22:44 - 00000000 ____D C:\Program Files\Intel
2017-01-20 19:39 - 2016-12-04 02:03 - 01872320 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01464768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-12-04 02:03 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 16491120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 13378448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 04065808 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 03585120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00496680 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00420408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-01-20 17:36 - 2016-12-04 03:04 - 00042606 _____ C:\Windows\system32\nvinfo.pb
2017-01-20 16:13 - 2016-12-04 03:05 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-01-20 16:13 - 2016-12-04 03:05 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-01-20 15:07 - 2016-12-04 02:03 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-01-20 14:36 - 2016-12-15 19:50 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-01-18 16:12 - 2016-03-22 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-01-18 13:57 - 2016-12-04 03:05 - 07755067 _____ C:\Windows\system32\nvcoproc.bin
2017-01-16 06:14 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-13 16:13 - 2016-12-07 00:57 - 01804672 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-01-13 16:13 - 2016-12-07 00:57 - 00045928 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2017-01-13 16:13 - 2016-12-07 00:57 - 00026376 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2017-01-13 06:27 - 2016-08-09 13:10 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\NXEPassportClient
2017-01-12 11:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-11 19:53 - 2016-05-24 20:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-10 17:28 - 2015-11-08 03:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-08 06:17 - 2016-11-29 20:55 - 00000603 _____ C:\Users\FIXIIE\Desktop\prntscrn.txt
2017-01-04 18:04 - 2015-11-08 04:07 - 00000000 ____D C:\Users\FIXIIE\AppData\Local\Deployment

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-23 02:20

==================== End of FRST.txt ============================