Conversation Google websites works on other gadgets but not on Laptop

[herlanczar]

When I go to Youtube, it doesn't appear properly and won't play video. I also can't logout on my Gmail.
I tried restarting my router and clean my pc for malwares, cleared cookies/caches, tried Google DNS and flush DNS on cmd but websites still won't work correctly.

This happens only on my PC as my mobile have access to Youtube.
All browsers won't work on it too.

When I go to intoDNS. It says that NSs have same SOA serial

Maybe my problem was made by a malware too because lately I've installed kmspico and it sends many malwares to my computer. I have cleaned it with malwarebyes, AdwCleaner, Windows Defender.
The one linger the most is from searching.com virus so maybe that malware stops my computer in changing my default homepage and search engine to google.
I have cleaned it and google search works but youtube, gmail, etc won't.
I've been searching for days for a fixed and I've hit a dead end.
Maybe someone here can help me.
I'm not very savvy on tech either so I need a big help.
I'm using Windows 10


This is the minitoolbox log link:

https://zerobin.net/?2c6a243c56eb9e72#cPyX68xK8EFkt3i25j6ssan8LWCUEhI4KPwbG5/hFbc=

Here's the screenshot of Youtube website on my browser and intoDNS:

 

[Rustys]

Posted the Minitoolbox infortation for easer access.


MiniToolBox by Farbar Version: 17-06-2016
Ran by PikelSmikel (administrator) on 18-01-2017 at 08:25:22
Running from "C:\Users\PikelSmikel\Downloads"
Microsoft Windows 10 Home Single Language (X64)
Model: 80E4 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.scorecardresearch.com
34.195.153.94 c.amazon-adsystem.com
34.195.153.94 cdn.admixer.net
34.195.153.94 cdn.cxense.com
34.195.153.94 cdn.livefyre.com
34.195.153.94 cdn.onthe.io
34.195.153.94 cdn.optimizely.com
34.195.153.94 cdn.prom.st
34.195.153.94 cdn.pushwoosh.com
34.195.153.94 cdn.tt.omtrdc.net

There are 55 entries.

========================= IP Configuration: ================================

Intel(R) Dual Band Wireless-AC 3160 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LAPTOP-G2081TT4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-7B-9D-16-01-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Physical Address. . . . . . . . . : E6-F8-9C-D9-DE-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : E4-F8-9C-D9-DE-3E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3160
Physical Address. . . . . . . . . : E4-F8-9C-D9-DE-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c4b4:7195:7b93:755b%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.254.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 18 January 2017 6:51:17 AM
Lease Expires . . . . . . . . . . : 21 January 2017 6:51:17 AM
Default Gateway . . . . . . . . . : fe80::1%12
192.168.254.254
DHCP Server . . . . . . . . . . . : 192.168.254.254
DHCPv6 IAID . . . . . . . . . . . : 65337500
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-66-BD-85-50-7B-9D-16-01-E1
DNS Servers . . . . . . . . . . . : 2001:4860:4860::8888
2001:4860:4860::8844
8.8.8.8
8.8.4.4
Primary WINS Server . . . . . . . : 192.168.254.254
NetBIOS over Tcpip. . . . . . . . : Enabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 2001:4860:4860::8888

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [216.58.199.14] with 32 bytes of data:
Reply from 216.58.199.14: bytes=32 time=41ms TTL=54
Reply from 216.58.199.14: bytes=32 time=41ms TTL=54

Ping statistics for 216.58.199.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 41ms, Maximum = 41ms, Average = 41ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 2001:4860:4860::8888

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=201ms TTL=49
Reply from 206.190.36.45: bytes=32 time=201ms TTL=49

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 201ms, Maximum = 201ms, Average = 201ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...50 7b 9d 16 01 e1 ......Realtek PCIe GBE Family Controller
10...e6 f8 9c d9 de 3d ......Microsoft Hosted Network Virtual Adapter
11...e4 f8 9c d9 de 3e ......Microsoft Wi-Fi Direct Virtual Adapter
12...e4 f8 9c d9 de 3d ......Intel(R) Dual Band Wireless-AC 3160
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.254.254 192.168.254.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.254.0 255.255.255.0 On-link 192.168.254.101 281
192.168.254.101 255.255.255.255 On-link 192.168.254.101 281
192.168.254.255 255.255.255.255 On-link 192.168.254.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.254.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.254.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 281 ::/0 fe80::1
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::c4b4:7195:7b93:755b/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [363872] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2017 06:50:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP-G2081TT4)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/18/2017 06:41:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (01/18/2017 06:14:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP-G2081TT4)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/17/2017 11:43:46 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\Wireshark\vcredist_x64.exe Files\Wireshark\vcredist_x64.exe" /install /quiet /norestart; Description = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649; Error = 0x8004230f).

Error: (01/17/2017 11:43:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/17/2017 11:43:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/17/2017 11:43:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (01/17/2017 11:43:38 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface. hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.
.

Error: (01/17/2017 11:43:38 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (01/17/2017 11:43:38 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (01/18/2017 06:51:02 AM) (Source: Service Control Manager) (User: )
Description: The Bapeward service terminated with the following error:
%%126 = The specified module could not be found.


Error: (01/18/2017 06:51:02 AM) (Source: Service Control Manager) (User: )
Description: The ServiceProtector service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (01/18/2017 06:50:06 AM) (Source: DCOM) (User: LAPTOP-G2081TT4)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (01/18/2017 06:50:02 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/18/2017 06:15:18 AM) (Source: Service Control Manager) (User: )
Description: The Bapeward service terminated with the following error:
%%126 = The specified module could not be found.


Error: (01/18/2017 06:15:16 AM) (Source: Service Control Manager) (User: )
Description: The ServiceProtector service failed to start due to the following error:
%%2 = The system cannot find the file specified.


Error: (01/18/2017 06:14:25 AM) (Source: DCOM) (User: LAPTOP-G2081TT4)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (01/18/2017 06:14:22 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/18/2017 01:50:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Feature update to Windows 10, version 1607.

Error: (01/17/2017 10:52:56 PM) (Source: Service Control Manager) (User: )
Description: The ServiceProtector service failed to start due to the following error:
%%2 = The system cannot find the file specified.



Microsoft Office Sessions:
=========================
Error: (01/18/2017 06:50:06 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAPTOP-G2081TT4)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (01/18/2017 06:41:00 AM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1

Error: (01/18/2017 06:14:25 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAPTOP-G2081TT4)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (01/17/2017 11:43:46 PM) (Source: System Restore)(User: )
Description: C:\Program Files\Wireshark\vcredist_x64.exe Files\Wireshark\vcredist_x64.exe" /install /quiet /norestartMicrosoft Visual C++ 2013 Redistributable (x64) - 12.0.406490x8004230f

Error: (01/17/2017 11:43:41 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/17/2017 11:43:41 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/17/2017 11:43:38 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (01/17/2017 11:43:38 PM) (Source: VSS)(User: )
Description: GetProviderMgmtInterface0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.

Error: (01/17/2017 11:43:38 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (01/17/2017 11:43:38 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


CodeIntegrity Errors:
===================================
Date: 2017-01-18 01:51:50.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.851
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:22:31.694
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:07:32.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
AutoSensitivity (HKCU\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
AVG PC TuneUp (HKLM-x32\...\{13D79DFC-C357-4837-95C7-893394EED814}) (Version: 16.72.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
Catalyst Control Center Next Localization BR (HKLM\...\{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{C402C2F5-0B95-5471-4222-65DF5990944B}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{865C66DE-2F96-0AB1-08BE-B9F383243908}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{1BCFB20E-BA45-D946-EF8D-3EAC2CA566C5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3CCD7507-7F42-BADB-BD22-0064CF9C1EF2}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1BE2EDCF-552B-D641-AA4B-9333C376AEAF}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{101EBA1D-F8F0-1E97-D2FD-68917DC1A7AC}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{719B690B-D0DC-E4DE-30EC-F4A1EE895AAE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D17B022-9CA1-C7CA-A4D6-985E160FD686}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{BE20EFC0-79CB-6273-BEC6-17C1B2F949C5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{C9BCA81B-16E7-EC73-45BA-8180B4A476C7}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{C2088603-B655-ED5B-BBE0-5CEFE17B8DEE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{5F8DCCF0-AD91-9DDA-59B3-5E25898415CD}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{5D247D18-F5FC-1976-E2A8-35BBB9F6DD31}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{101534C4-8ABB-3C5F-4C35-3681D1EDDAE3}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1E1FEFF2-5AA0-DB57-BDD5-D1778ACA12BE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{181093C9-7497-B4A8-BF51-7C59786DD43D}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B99E3435-0B06-210C-B1B8-5954D5ADF936}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{EF3FA700-D95B-FEEA-A479-222E2FFEBD07}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3E4EC972-F3AD-DD8D-2BC8-4BCA6A52F87F}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3FFDB58D-66AA-0A6E-6C07-366BF048E7D3}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{E60E7ABF-D1B6-C976-3073-02D79ECD2DC5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Counter Strike 1.6 (HKCU\...\Counter Strike 1.6) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Injustice - Gods Among Us. Ultimate Edition (HKLM-x32\...\Injustice - Gods Among Us. Ultimate Edition_R.G.~AC85A1BE_is1) (Version: - R.G. Mechanics, markfiter)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
Left 4 Dead 2 version 2.1.4.6 (HKLM\...\{F30ECD7F-0336-48C8-B484-94F58B9F38AD}_is1) (Version: 2.1.4.6 - Strogino CS Portal)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3024.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.069.02 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PX Profile Update (HKLM-x32\...\{B2031A9F-DDF2-773D-142B-60F7EB9FF3E5}) (Version: 1.00.1. - AMD) Hidden
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ragnarok Online 2 (HKLM\...\Steam App 231060) (Version: - Gravity, Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warcraft III: All Products (HKCU\...\Warcraft III) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.3 - The Wireshark developer community, https://www.wireshark.org)
Xilisoft Video Converter Platinum (HKLM-x32\...\Xilisoft Video Converter Platinum) (Version: 7.8.18.20160913 - Xilisoft)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 8106.45 MB
Available physical RAM: 4642.52 MB
Total Virtual: 9386.45 MB
Available Virtual: 5832.93 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:446.92 GB) (Free:252.37 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.72 GB) NTFS
4 Drive g: (New Volume) (Fixed) (Total:439.45 GB) (Free:296.83 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPTOP-G2081TT4

Administrator DefaultAccount Guest
PikelSmikel

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****

 

[Rustys]

You may still have some left over malware that our Security Team can help with.

Follow the instruction on the following link and post the information.

Read Before Following Prework Instructions
[Prework] Please Read Before Posting
Security Forum Guidelines

 

[herlanczar]

Instructions Part 1 Diagnostic Scan With FRST:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
Ran by PikelSmikel (administrator) on LAPTOP-G2081TT4 (18-01-2017 19:36:51)
Running from C:\Users\PikelSmikel\Desktop
Loaded Profiles: PikelSmikel (Available Profiles: PikelSmikel)
Platform: Windows 10 Home Single Language (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
() C:\Program Files\update\UpdateAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Igor Kulman) C:\Users\PikelSmikel\AppData\Local\Apps\2.0\CQG9CX32.Q4O\VVD6E7YB.WQ5\auto..tion_0000000000000000_0001.0004_01f6395047dd6f8b\AutoSensitivity.exe
(TeamViewer GmbH) C:\Users\PikelSmikel\AppData\Roaming\DIFX\dpinst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-08-20] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-27] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-21] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5052120 2015-06-01] (Realtek semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\Run: [AutoSensitivity] => C:\Users\PikelSmikel\AppData\Local\Apps\2.0\CQG9CX32.Q4O\VVD6E7YB.WQ5\auto..tion_0000000000000000_0001.0004_01f6395047dd6f8b\autosensitivity.exe [35328 2016-12-23] (Igor Kulman)
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\Run: [dpinst] => C:\Users\PikelSmikel\AppData\Roaming\DIFX\dpinst.exe [7293280 2013-02-19] (TeamViewer GmbH)
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\Run: [GoogleChromeAutoLaunch_B3216DFD48AB0D0BFB23778EAE9EC571] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1104728 2016-12-08] (Google Inc.)
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\isoviewer8.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\lsc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\power2go8.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\power2goexpress8.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\virtualdrive.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{7de1a366-6e4a-4248-b4c1-8add152c5022}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{8c8f047d-6710-4d6e-8703-487ed09140e1}: [DhcpNameServer] 192.168.254.254
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131291381518674253&GUID=CFFA2ABA-7278-4EFC-AF30-1D07005ADC1D
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-1699618295-2604097746-2180962213-1001 -> DefaultScope {3FF0913B-83AB-4A40-96C0-32663FC5FDB6} URL =
SearchScopes: HKU\S-1-5-21-1699618295-2604097746-2180962213-1001 -> {3FF0913B-83AB-4A40-96C0-32663FC5FDB6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-01-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-01-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-17] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-01-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: n96y5lvs.default
FF ProfilePath: C:\Users\PikelSmikel\AppData\Roaming\Mozilla\Firefox\Profiles\n96y5lvs.default [2017-01-18]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> G:\Pikman\APP\VIDEOLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://google.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://google.com/"
CHR Profile: C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-18] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-16]
CHR Extension: (Google Docs) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-16]
CHR Extension: (VS Launcher) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cmhicdplfejcchpmimlnohfadpimciaa [2017-01-16]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-01-16]
CHR Extension: (Google Sheets) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-16]
CHR Extension: (AdBlock) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18]
CHR Extension: (Gmail) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR Profile: C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-18]
CHR Extension: (Google Slides) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-23]
CHR Extension: (Flash Video Downloader) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-23]
CHR Extension: (Google Docs) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-23]
CHR Extension: (Google Drive) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-23]
CHR Extension: (YouTube) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-23]
CHR Extension: (Google Cast) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-12-23]
CHR Extension: (Adblock Plus) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-15]
CHR Extension: (VS Launcher) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmhicdplfejcchpmimlnohfadpimciaa [2017-01-09]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-01-02]
CHR Extension: (Google Sheets) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-23]
CHR Extension: (Google Docs Offline) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-23]
CHR Extension: (Fast search) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-16]
CHR Extension: (Gmail) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\PikelSmikel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
S4 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-08-20] (Lenovo) [File not signed]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation)
S4 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-10] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-12-18] (Intel Corporation)
S4 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [62792 2016-12-01] (Lenovo Group Limited)
S4 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-08-20] ()
S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-12-18] (Synaptics Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-08-20] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-11-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-08-20] (Windows (R) Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-08-20] (Windows (R) Win 7 DDK provider) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-16] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-10] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2016-12-18] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-10] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-25] (AVG Netherlands B.V.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-18 19:36 - 2017-01-18 19:36 - 00020949 _____ C:\Users\PikelSmikel\Desktop\FRST.txt
2017-01-18 19:36 - 2017-01-18 10:28 - 02419200 _____ (Farbar) C:\Users\PikelSmikel\Desktop\FRST64.exe
2017-01-18 19:17 - 2017-01-18 19:17 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-01-18 19:14 - 2017-01-18 19:14 - 00016148 _____ C:\Windows\system32\LAPTOP-G2081TT4_PikelSmikel_HistoryPrediction.bin
2017-01-18 19:10 - 2017-01-18 19:21 - 00000000 ____D C:\Users\PikelSmikel\Desktop\Farbar
2017-01-18 10:29 - 2017-01-18 10:31 - 00049673 _____ C:\Users\PikelSmikel\Downloads\Addition.txt
2017-01-18 10:28 - 2017-01-18 19:36 - 00000000 ____D C:\FRST
2017-01-18 10:28 - 2017-01-18 10:31 - 00093407 _____ C:\Users\PikelSmikel\Downloads\FRST.txt
2017-01-18 10:27 - 2017-01-18 10:27 - 01761280 _____ (Farbar) C:\Users\PikelSmikel\Downloads\FRST.exe
2017-01-18 08:40 - 2017-01-18 08:40 - 00045952 _____ C:\Users\PikelSmikel\Desktop\MTB.txt
2017-01-18 08:25 - 2017-01-18 08:25 - 00892416 _____ (Farbar) C:\Users\PikelSmikel\Downloads\MiniToolBox.exe
2017-01-18 08:25 - 2017-01-18 08:25 - 00045952 _____ C:\Users\PikelSmikel\Downloads\MTB.txt
2017-01-18 00:07 - 2017-01-18 00:07 - 00000108 _____ C:\Users\PikelSmikel\Desktop\boa.bat
2017-01-18 00:06 - 2017-01-18 00:06 - 00000000 _____ C:\Users\PikelSmikel\Desktop\New Text Document (2).txt
2017-01-17 23:45 - 2017-01-17 23:45 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Wireshark
2017-01-17 23:44 - 2017-01-17 23:44 - 00001834 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-01-17 23:43 - 2017-01-17 23:43 - 00001581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-01-17 23:42 - 2017-01-17 23:44 - 00000000 ____D C:\Program Files\Wireshark
2017-01-17 23:40 - 2017-01-17 23:41 - 49358520 _____ (Wireshark development team) C:\Users\PikelSmikel\Downloads\Wireshark-win64-2.2.3.exe
2017-01-17 23:39 - 2017-01-17 23:39 - 00351232 _____ (TweakBit) C:\Users\PikelSmikel\Downloads\pc-repair-setup.exe
2017-01-17 23:34 - 2017-01-17 23:34 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-17 23:34 - 2017-01-17 23:34 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Sun
2017-01-17 23:34 - 2017-01-17 23:34 - 00000000 ____D C:\Users\PikelSmikel\AppData\LocalLow\Sun
2017-01-17 23:34 - 2017-01-17 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-17 23:34 - 2017-01-17 23:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2017-01-17 23:33 - 2017-01-17 23:34 - 00000000 ____D C:\ProgramData\Oracle
2017-01-17 23:33 - 2017-01-17 23:33 - 07747104 _____ (Malwarebytes Corporation ) C:\Users\PikelSmikel\Downloads\mbam-rules.exe
2017-01-17 23:33 - 2017-01-17 23:33 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-17 23:32 - 2017-01-17 23:32 - 00737344 _____ (Oracle Corporation) C:\Users\PikelSmikel\Downloads\JavaSetup8u111.exe
2017-01-17 22:49 - 2017-01-17 22:49 - 00001298 _____ C:\Users\PikelSmikel\Desktop\Google Chrome.lnk
2017-01-17 22:43 - 2017-01-18 10:28 - 00000000 ____D C:\AdwCleaner
2017-01-17 22:40 - 2017-01-17 22:40 - 03988944 _____ C:\Users\PikelSmikel\Desktop\AdwCleaner.exe
2017-01-17 22:36 - 2016-10-28 09:22 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-01-17 22:29 - 2017-01-18 00:03 - 00000000 ____D C:\Users\PikelSmikel\AppData\LocalLow\Mozilla
2017-01-17 22:29 - 2017-01-18 00:00 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Mozilla
2017-01-17 22:29 - 2017-01-17 22:29 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Mozilla
2017-01-17 22:28 - 2017-01-17 22:28 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-17 22:28 - 2017-01-17 22:28 - 00001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-17 22:28 - 2017-01-17 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-17 22:28 - 2017-01-17 22:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-17 22:27 - 2017-01-17 22:27 - 00243552 _____ C:\Users\PikelSmikel\Downloads\Firefox Setup Stub 50.1.0.exe
2017-01-17 22:11 - 2017-01-17 22:35 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Mimic 1, 2, 3 - Horror Trilogy Eng Subs [H264-mp4]
2017-01-17 07:14 - 2017-01-17 07:52 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Sleeping Dogs Definitive Edition_RePack by SEYTER [RUS_ENG]
2017-01-16 23:07 - 2017-01-16 23:07 - 00121638 _____ C:\Users\PikelSmikel\Downloads\MicrosoftEasyFix20140.mini.diagcab
2017-01-16 22:38 - 2017-01-16 23:09 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\ElevatedDiagnostics
2017-01-16 22:11 - 2017-01-16 22:11 - 00132597 _____ C:\Users\PikelSmikel\Downloads\hosts (1).zip
2017-01-16 22:11 - 2015-09-18 14:53 - 00006556 _____ C:\Users\PikelSmikel\Downloads\readme.txt
2017-01-16 22:11 - 2015-09-18 14:50 - 00000841 _____ C:\Users\PikelSmikel\Downloads\License.txt
2017-01-16 22:11 - 2013-01-03 10:00 - 00001455 _____ C:\Users\PikelSmikel\Downloads\PrivacyPolicy.txt
2017-01-16 22:11 - 2011-05-02 13:05 - 00001611 _____ C:\Users\PikelSmikel\Downloads\mvps.bat
2017-01-16 22:08 - 2017-01-16 22:09 - 00132597 _____ C:\Users\PikelSmikel\Downloads\hosts.zip
2017-01-16 21:51 - 2017-01-16 22:06 - 00000109 _____ C:\Users\PikelSmikel\Desktop\New Text Document.txt
2017-01-16 21:24 - 2017-01-17 06:45 - 00000000 ____D C:\Users\PikelSmikel\Desktop\conveted
2017-01-16 07:35 - 2017-01-16 07:39 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-16 07:31 - 2017-01-16 07:51 - 00000000 ____D C:\ProgramData\ProductData
2017-01-16 07:31 - 2017-01-16 07:38 - 00000000 ____D C:\Users\PikelSmikel\AppData\LocalLow\IObit
2017-01-16 07:31 - 2017-01-16 07:31 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-16 07:31 - 2017-01-16 07:31 - 00003062 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (PikelSmikel)
2017-01-16 07:31 - 2017-01-16 07:31 - 00000000 ____D C:\Windows\IObit
2017-01-16 07:31 - 2017-01-16 07:31 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\IObit
2017-01-16 07:31 - 2017-01-16 07:31 - 00000000 ____D C:\ProgramData\IObit
2017-01-16 07:30 - 2017-01-16 07:40 - 00000000 ___HD C:\ProgramData\3a3y7r7
2017-01-16 07:30 - 2017-01-16 07:30 - 00000000 ___HD C:\Users\PikelSmikel\AppData\Roaming\DIFX
2017-01-16 07:28 - 2017-01-16 07:28 - 00000000 ____D C:\ProgramData\Avira
2017-01-16 07:28 - 2017-01-16 07:28 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-16 07:26 - 2017-01-16 08:19 - 00000000 ____D C:\Program Files (x86)\Tersatlaty
2017-01-16 07:26 - 2017-01-16 07:59 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Grozogh
2017-01-16 07:26 - 2017-01-16 07:40 - 00000000 ____D C:\Program Files\5JPTSJYH6I
2017-01-16 07:26 - 2017-01-16 07:39 - 00000000 ____D C:\Program Files\V3ZCU08CRB
2017-01-16 07:26 - 2017-01-16 07:28 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Navoaterbapy
2017-01-16 07:25 - 2017-01-16 07:25 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2017-01-16 07:25 - 2017-01-16 07:25 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2017-01-16 07:24 - 2017-01-17 22:42 - 00000000 ____D C:\Program Files\KMSpico
2017-01-16 07:24 - 2017-01-16 07:58 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\bdkn6
2017-01-16 07:22 - 2017-01-16 07:24 - 00000000 ____D C:\Users\PikelSmikel\Downloads\KMSpico 10.2.0 FINAL (Office and Windows 10 Activator)
2017-01-16 07:20 - 2017-01-17 06:30 - 00000000 ____D C:\Users\PikelSmikel\Desktop\AMZ
2017-01-16 00:06 - 2017-01-16 08:29 - 00000080 _____ C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìÑ1.lnk
2017-01-15 23:15 - 2017-01-15 23:15 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\MicrosoftEdge
2017-01-15 23:06 - 2017-01-15 23:08 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Comms
2017-01-15 23:00 - 2017-01-15 23:00 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\UCBrowser
2017-01-15 22:56 - 2017-01-16 07:52 - 00000000 ____D C:\Windows\system32\SSL
2017-01-15 22:54 - 2017-01-15 23:03 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Ibmjsoft
2017-01-15 22:53 - 2017-01-17 22:42 - 00000000 ____D C:\Program Files (x86)\KMSPico 10.0.6
2017-01-15 19:03 - 2017-01-15 19:03 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2017-01-15 18:57 - 2017-01-15 19:38 - 00000000 ____D C:\Users\PikelSmikel\Downloads\The Hunger Games Catching Fire (2013)
2017-01-15 18:36 - 2017-01-15 18:38 - 00007871 _____ C:\Users\PikelSmikel\Desktop\CHANNEL LIST.xlsx
2017-01-15 18:16 - 2017-01-15 18:16 - 00070245 _____ C:\Users\PikelSmikel\Desktop\January 2017 Grid - REV3.xlsx
2017-01-15 11:03 - 2017-01-15 11:31 - 00000000 ____D C:\Users\PikelSmikel\Desktop\Jan 16 Newsko
2017-01-14 08:26 - 2017-01-14 08:29 - 114988997 _____ C:\Users\PikelSmikel\Downloads\kh.mp4
2017-01-13 23:13 - 2017-01-16 08:17 - 00000000 ____D C:\Users\PikelSmikel\Downloads\The.Middle.S07E01.HDTV.x264-LOL[ettv]
2017-01-13 23:07 - 2017-01-13 23:07 - 00040886 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E02.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 23:07 - 2017-01-13 23:07 - 00036385 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E01.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 22:59 - 2017-01-13 23:10 - 934766876 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E03.720p.HDTV.X264-DIMENSION[eztv].mkv
2017-01-13 22:57 - 2017-01-13 22:57 - 00037196 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E24.HDTV.x264-LOL[eztv].mkv.torrent
2017-01-13 22:57 - 2017-01-13 22:57 - 00034956 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E19.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:57 - 2017-01-13 22:57 - 00029356 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E21.HDTV.x264-LOL[eztv].mkv.torrent
2017-01-13 22:57 - 2017-01-13 22:57 - 00029296 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E20.HDTV.x264-LOL[eztv].mkv.torrent
2017-01-13 22:57 - 2017-01-13 22:57 - 00026556 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E22.HDTV.x264-LOL[eztv].mkv.torrent
2017-01-13 22:57 - 2017-01-13 22:57 - 00025776 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E23.HDTV.x264-LOL[eztv].mkv.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00041627 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E14.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00039461 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E07.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00039328 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E11.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00037255 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E09.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00036226 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E13.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00036092 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E03.720p.HDTV.X264-DIMENSION[eztv].mkv.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00035695 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E12.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00035641 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E05.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00035556 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E18.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00034935 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E08.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00033281 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E06.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00031036 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E17.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00030716 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E10.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00029921 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E04.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00029255 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E16.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:56 - 2017-01-13 22:56 - 00027436 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E15.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:55 - 2017-01-13 22:55 - 00033914 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E02.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-13 22:55 - 2017-01-13 22:55 - 00029914 _____ C:\Users\PikelSmikel\Downloads\The.Middle.S07E01.HDTV.x264-LOL[eztv].mp4.torrent
2017-01-12 21:14 - 2017-01-12 21:17 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 22:43 - 2016-12-21 18:12 - 01023208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-01-11 22:43 - 2016-12-21 18:10 - 00652864 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-01-11 22:43 - 2016-12-21 18:09 - 01538176 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-01-11 22:43 - 2016-12-21 17:59 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-01-11 22:43 - 2016-12-21 16:55 - 00983392 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-01-11 22:43 - 2016-12-21 16:22 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-01-11 22:43 - 2016-12-21 14:08 - 21855232 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-01-11 22:43 - 2016-12-21 13:57 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-01-11 22:43 - 2016-12-21 13:04 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-01-11 22:43 - 2016-12-21 13:00 - 18796032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-01-11 22:43 - 2016-11-11 14:22 - 00862024 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-01-11 22:43 - 2016-11-11 14:17 - 01298000 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-01-11 22:43 - 2016-11-11 14:17 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-01-10 10:21 - 2017-01-11 23:23 - 00000000 ____D C:\Users\PikelSmikel\Desktop\Martial Law_Sir Marlo Final
2017-01-10 09:37 - 2017-01-10 09:37 - 00104008 _____ C:\Users\PikelSmikel\Downloads\GoPro Splice.otf
2017-01-09 23:22 - 2017-01-09 23:22 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2017-01-09 23:21 - 2017-01-09 23:21 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
2017-01-09 23:21 - 2017-01-09 23:21 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\CyberLink
2017-01-09 20:47 - 2017-01-09 20:47 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Apple Computer
2017-01-09 19:56 - 2017-01-16 08:29 - 00001915 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2017-01-09 19:56 - 2017-01-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-01-09 19:56 - 2017-01-09 19:56 - 00000000 ____D C:\ProgramData\Apple Computer
2017-01-09 19:56 - 2017-01-09 19:56 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-01-09 19:55 - 2017-01-09 19:55 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\MPC-HC
2017-01-09 19:52 - 2017-01-16 08:30 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-09 19:52 - 2017-01-09 19:52 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2017-01-09 19:52 - 2017-01-09 19:52 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Apple
2017-01-09 19:52 - 2017-01-09 19:52 - 00000000 ____D C:\ProgramData\Apple
2017-01-09 19:52 - 2017-01-09 19:52 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-01-09 19:51 - 2017-01-09 19:51 - 00000000 ____D C:\Users\PikelSmikel\AppData\LocalLow\Apple Computer
2017-01-09 19:50 - 2017-01-09 19:51 - 41896256 _____ (Apple Inc.) C:\Users\PikelSmikel\Downloads\QuickTimeInstaller.exe
2017-01-09 19:49 - 2017-01-09 19:49 - 00003244 _____ C:\Windows\System32\Tasks\klcp_update
2017-01-09 19:48 - 2017-01-09 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-01-09 19:48 - 2016-05-08 18:27 - 03613696 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2017-01-09 19:48 - 2016-05-08 18:19 - 03642880 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2017-01-09 19:48 - 2015-12-18 18:00 - 00755200 _____ C:\Windows\system32\xvidcore.dll
2017-01-09 19:48 - 2015-12-18 18:00 - 00674816 _____ C:\Windows\SysWOW64\xvidcore.dll
2017-01-09 19:48 - 2015-12-18 18:00 - 00309248 _____ C:\Windows\system32\xvidvfw.dll
2017-01-09 19:48 - 2015-12-18 18:00 - 00282112 _____ C:\Windows\SysWOW64\xvidvfw.dll
2017-01-09 19:48 - 2015-10-25 01:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2017-01-09 19:48 - 2012-07-21 19:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2017-01-09 19:48 - 2012-07-21 19:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2017-01-09 19:48 - 2011-12-08 02:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2017-01-09 19:48 - 2011-12-08 02:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2017-01-09 19:47 - 2017-01-09 19:48 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-01-09 19:44 - 2017-01-09 19:46 - 43903486 _____ (KLCP ) C:\Users\PikelSmikel\Downloads\K-Lite_Codec_Pack_1275_Mega.exe
2017-01-09 19:26 - 2017-01-09 19:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-01-08 11:51 - 2017-01-08 12:46 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Bangkok.Assassins.2011.DVDRip.x264-VoMiT[rarbg]
2017-01-08 11:32 - 2017-01-08 11:46 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Resident Evil Afterlife (2010) [1080p]
2017-01-08 11:32 - 2017-01-08 11:36 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Warm Bodies (2013)
2017-01-08 11:30 - 2017-01-08 12:16 - 00000000 ____D C:\Users\PikelSmikel\Downloads\The.Condemned[2007]DvDrip[Eng]-aXXo
2017-01-08 11:29 - 2017-01-08 11:29 - 00000000 ____D C:\Users\PikelSmikel\Downloads\James Bond - Dr No (1962)
2017-01-08 11:27 - 2017-01-08 11:40 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Scream 4 (2011)
2017-01-08 04:26 - 2017-01-16 20:58 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Masterchef US Season 4
2017-01-07 22:06 - 2017-01-07 22:06 - 00000000 ____D C:\gravity
2017-01-05 18:00 - 2017-01-05 18:00 - 00018299 _____ C:\Users\PikelSmikel\Downloads\11C1F391DF89A096795DC362392A6E36BA48D994.torrent
2017-01-05 18:00 - 2017-01-05 18:00 - 00016319 _____ C:\Users\PikelSmikel\Downloads\E509C6E1D752781ABC3C69B0A1092D0E67B67484.torrent
2017-01-05 18:00 - 2017-01-05 18:00 - 00016303 _____ C:\Users\PikelSmikel\Downloads\The Middle S06E22 HDTV x264-LOL [eztv].torrent
2017-01-05 18:00 - 2017-01-05 18:00 - 00014963 _____ C:\Users\PikelSmikel\Downloads\The Middle S06E21 HDTV x264-LOL [eztv.it].torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00008708 _____ C:\Users\PikelSmikel\Downloads\F5123D0F2B1A3307578F119E05C738BA570AD4CB.torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00007708 _____ C:\Users\PikelSmikel\Downloads\EED084427ED856C468D1B156FA8444AF479882C0.torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00007648 _____ C:\Users\PikelSmikel\Downloads\8186BC071E2DED69DF7412F72DA4C2388DCCDAB5.torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00007568 _____ C:\Users\PikelSmikel\Downloads\26CA2343EFD550EC7F0334F1B36C26614A43028B.torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00007448 _____ C:\Users\PikelSmikel\Downloads\A3CB400B292C1A8A159251D614F7CFA4CC416F2D.torrent
2017-01-05 17:59 - 2017-01-05 17:59 - 00007388 _____ C:\Users\PikelSmikel\Downloads\062303ECBEC7A36EF63A8FD9242E11B6A288D57E.torrent
2017-01-05 17:58 - 2017-01-05 17:58 - 00008632 _____ C:\Users\PikelSmikel\Downloads\E15CF2DAAD29D93638B39C36234D376BDC4563A0.torrent
2017-01-05 17:58 - 2017-01-05 17:58 - 00007652 _____ C:\Users\PikelSmikel\Downloads\E5E2A537760FFFE91B5E690D12D0C47E60E27F36.torrent
2017-01-04 23:51 - 2017-01-04 23:55 - 00000000 ____D C:\Users\PikelSmikel\Downloads\The Babadook (2014)
2017-01-04 22:49 - 2017-01-04 22:49 - 00008584 _____ C:\Users\PikelSmikel\Downloads\ADBF27CDAC4379E8134354E440D7A4BF4139FFD4.torrent
2017-01-04 22:31 - 2017-01-04 22:34 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Resident Evil Extinction (2007)
2017-01-04 07:56 - 2017-01-04 07:56 - 00027299 _____ C:\Users\PikelSmikel\Downloads\1885738.zip
2017-01-04 07:56 - 2011-11-25 11:25 - 00070838 _____ C:\Users\PikelSmikel\Downloads\Feast[2005][Unrated.Edition]DvDrip.AC3[Eng]-aXXo.srt
2017-01-03 23:22 - 2017-01-03 23:38 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Act of Valor (2012)
2017-01-03 23:22 - 2017-01-03 23:30 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Man on a Legde (2012)
2017-01-03 23:11 - 2017-01-04 08:01 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Feast[2005][Unrated.Edition]DvDrip.AC3[Eng]-aXXo
2017-01-02 22:49 - 2017-01-02 22:50 - 00000000 ____D C:\Users\PikelSmikel\Downloads\UFC 207 PPV Nunes vs Rousey HDTV x264-Ebi [TJET]
2017-01-02 21:28 - 2017-01-02 21:28 - 00203928 _____ C:\Users\PikelSmikel\Downloads\VideostreamNetworkRepair.exe
2017-01-02 21:18 - 2017-01-16 21:29 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-01-02 21:09 - 2017-01-02 21:09 - 00000222 _____ C:\Users\PikelSmikel\Desktop\Ragnarok Online 2.url
2016-12-26 16:01 - 2016-12-26 16:02 - 00000000 ____D C:\Users\PikelSmikel\Downloads\I.Now.Pronounce.You.Chuck.And.Larry[2007]DvDrip[Eng]-aXXo
2016-12-26 15:16 - 2017-01-16 08:29 - 00001252 _____ C:\Users\PikelSmikel\Desktop\Assassins Creed.lnk
2016-12-26 15:14 - 2016-12-26 15:14 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Ubisoft
2016-12-25 17:50 - 2016-12-25 17:50 - 00000000 ____D C:\ProgramData\Ubisoft
2016-12-25 17:40 - 2016-12-25 17:40 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\InstallShield
2016-12-25 13:47 - 2016-12-25 13:47 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Injustice
2016-12-25 12:22 - 2017-01-16 08:29 - 00000842 _____ C:\Users\Public\Desktop\Left 4 Dead 2.lnk
2016-12-25 12:22 - 2017-01-16 08:29 - 00000839 _____ C:\Users\Public\Desktop\Updating Left 4 Dead 2.lnk
2016-12-25 12:22 - 2016-12-25 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
2016-12-25 12:03 - 2016-12-25 17:19 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Assasins Creed (Full) Original RIP
2016-12-25 11:56 - 2017-01-16 08:29 - 00000805 _____ C:\Users\Public\Desktop\Street Fighter X Tekken.lnk
2016-12-25 11:55 - 2016-12-25 11:55 - 00000000 ____D C:\Windows\SysWOW64\xlive
2016-12-25 11:55 - 2016-12-25 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2016-12-25 11:55 - 2016-12-25 11:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2016-12-25 11:04 - 2017-01-16 08:29 - 00001191 _____ C:\Users\PikelSmikel\Desktop\Injustice - Gods Among Us. Ultimate Edition.lnk
2016-12-25 11:04 - 2016-12-25 17:50 - 00248041 _____ C:\Windows\DirectX.log
2016-12-25 11:04 - 2016-12-25 11:04 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Injustice - Gods Among Us. Ultimate Edition
2016-12-25 11:04 - 2016-12-25 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-12-24 19:07 - 2017-01-18 18:53 - 00004180 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88DD6B61-ADCF-4D52-93F9-FF134047B884}
2016-12-24 14:55 - 2016-12-24 20:22 - 00000000 ____D C:\Users\PikelSmikel\Downloads\[R.G. Mechanics] Injustice - Gods Among Us. Ultimate Edition
2016-12-24 14:54 - 2016-12-24 19:16 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Street.Fighter.X.Tekken-SKIDROW
2016-12-24 14:39 - 2016-12-24 14:40 - 04121824 _____ (Husdawg, LLC) C:\Users\PikelSmikel\Downloads\Detection.exe
2016-12-24 14:29 - 2016-12-24 14:29 - 00034816 _____ (Microsoft) C:\Users\PikelSmikel\Desktop\GameDebatePcSystemChecker.exe
2016-12-24 14:27 - 2016-12-24 19:07 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Left 4 Dead 2 v2.1.4.6
2016-12-23 16:01 - 2017-01-16 08:29 - 00002455 _____ C:\Users\PikelSmikel\Desktop\Counter Strike 1.6.lnk
2016-12-23 16:01 - 2016-12-23 16:01 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6
2016-12-23 16:00 - 2017-01-16 07:39 - 00000000 ____D C:\Program Files (x86)\Counter Strike 1.6
2016-12-23 16:00 - 2016-12-23 16:00 - 00065239 _____ C:\Users\PikelSmikel\Downloads\WarMP26_Forever.rar
2016-12-23 16:00 - 2016-12-23 16:00 - 00000000 ____D C:\Users\PikelSmikel\Downloads\WarMP26_Forever
2016-12-23 15:20 - 2016-12-23 15:20 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Igor_Kulman
2016-12-23 12:57 - 2017-01-16 08:29 - 00001959 _____ C:\Users\PikelSmikel\Desktop\Frozen Throne.lnk
2016-12-23 12:57 - 2017-01-16 08:29 - 00001956 _____ C:\Users\PikelSmikel\Desktop\Warcraft III.lnk
2016-12-23 08:22 - 2016-12-23 08:22 - 00000378 _____ C:\Users\PikelSmikel\Desktop\AutoSensitivity.appref-ms
2016-12-23 08:22 - 2016-12-23 08:22 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Igor Kulman
2016-12-23 08:21 - 2016-12-23 08:22 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Deployment
2016-12-23 08:21 - 2016-12-23 08:21 - 00002078 _____ C:\Users\PikelSmikel\Downloads\AutoSensitivity.application
2016-12-23 08:21 - 2016-12-23 08:21 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Apps\2.0
2016-12-23 08:21 - 2016-12-23 08:21 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Apps
2016-12-23 08:04 - 2016-12-23 08:19 - 00000000 ____D C:\Users\PikelSmikel\Downloads\Counter Strike 1.6
2016-12-23 07:57 - 2016-12-23 08:31 - 1333475023 ____R C:\Users\PikelSmikel\Downloads\Warcraft III RoC + TFT v1.26 Complete -IceBlitz.rar
2016-12-22 22:43 - 2016-12-22 22:58 - 1364351816 ____R C:\Users\PikelSmikel\Downloads\AVG Anti-Virus Internet Security 2016 + Key.zip
2016-12-22 21:16 - 2016-12-22 21:20 - 332849720 ____R C:\Users\PikelSmikel\Downloads\Kimi no Na wa. (Your Name.) 2016 Full Movie HD Online - Anim.mp4
2016-12-21 08:23 - 2017-01-16 21:54 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Diagnostics
2016-12-21 07:47 - 2016-12-21 07:47 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Steam
2016-12-21 07:17 - 2017-01-18 06:41 - 00000000 __SHD C:\Config.Msi
2016-12-21 07:17 - 2016-12-21 07:17 - 00003288 _____ C:\Windows\System32\Tasks\StartCN
2016-12-21 07:17 - 2016-12-21 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-12-21 07:17 - 2016-12-21 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2016-12-21 07:16 - 2016-12-21 07:16 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-12-21 07:14 - 2016-12-21 07:14 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-21 07:14 - 2016-09-10 02:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-21 07:14 - 2016-09-10 02:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-21 07:14 - 2016-09-10 02:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-21 07:14 - 2016-09-10 02:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-21 07:09 - 2016-12-21 07:10 - 00000000 ____D C:\AMD
2016-12-21 06:59 - 2016-12-21 07:00 - 58713744 _____ (AMD Inc.) C:\Users\PikelSmikel\Downloads\radeon-crimson-relive-16.12.1-minimalsetup-161208_web.exe
2016-12-21 06:38 - 2017-01-16 08:29 - 00000971 _____ C:\Users\PikelSmikel\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 4.lnk
2016-12-21 06:38 - 2016-12-21 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 4
2016-12-21 05:56 - 2017-01-18 19:37 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Temp
2016-12-20 22:30 - 2016-12-21 04:38 - 00000000 ____D C:\Users\PikelSmikel\Downloads\NARUTO.SHIPPUDEN.Ultimate.Ninja.STORM.4-CODEX
2016-12-20 10:38 - 2016-12-20 10:38 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2016-12-20 10:38 - 2016-12-20 10:38 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2016-12-20 10:37 - 2016-12-20 10:37 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2016-12-20 10:37 - 2016-12-20 10:37 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2016-12-20 10:31 - 2017-01-17 23:23 - 00003668 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-20 07:35 - 2017-01-10 11:04 - 00001604 _____ C:\Windows\setupact.log
2016-12-20 07:35 - 2016-12-20 07:35 - 00000000 _____ C:\Windows\setuperr.log
2016-12-20 07:26 - 2017-01-18 19:13 - 00382852 _____ C:\Windows\PFRO.log
2016-12-20 05:53 - 2016-12-20 05:53 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Lenovo
2016-12-20 05:53 - 2016-12-20 05:53 - 00000000 ____D C:\Users\PikelSmikel\.QtWebEngineProcess
2016-12-20 05:53 - 2016-12-20 05:53 - 00000000 ____D C:\Users\PikelSmikel\.LSC
2016-12-20 05:52 - 2017-01-16 08:29 - 00002159 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-12-20 05:42 - 2016-12-20 05:42 - 00000000 ____D C:\ProgramData\ATI
2016-12-19 22:42 - 2016-12-19 22:42 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\TuneUp Software
2016-12-19 22:41 - 2017-01-17 21:47 - 00000000 ___HD C:\$AVG
2016-12-19 22:06 - 2016-12-19 22:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2016-12-19 10:16 - 2017-01-17 21:49 - 00000000 ____D C:\ProgramData\MFAData
2016-12-19 10:16 - 2016-12-19 10:16 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\MFAData
2016-12-19 10:14 - 2016-12-19 10:14 - 00000000 ____D C:\ProgramData\AMD
2016-12-19 10:07 - 2017-01-03 20:55 - 00008192 _____ C:\Users\Public\NTUSER.DAT
2016-12-19 10:07 - 2016-12-19 10:07 - 00524288 ___SH C:\Users\Public\NTUSER.DAT{344e3ed5-c58c-11e6-9bd9-e4f89cd9de41}.TMContainer00000000000000000002.regtrans-ms
2016-12-19 10:07 - 2016-12-19 10:07 - 00524288 ___SH C:\Users\Public\NTUSER.DAT{344e3ed5-c58c-11e6-9bd9-e4f89cd9de41}.TMContainer00000000000000000001.regtrans-ms
2016-12-19 10:07 - 2016-12-19 10:07 - 00065536 ___SH C:\Users\Public\NTUSER.DAT{344e3ed5-c58c-11e6-9bd9-e4f89cd9de41}.TM.blf
2016-12-19 10:07 - 2016-12-19 10:07 - 00008192 ___SH C:\Users\Public\NTUSER.DAT.LOG1
2016-12-19 10:07 - 2016-12-19 10:07 - 00000000 ___SH C:\Users\Public\NTUSER.DAT.LOG2
2016-12-19 10:02 - 2017-01-16 08:30 - 00002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-12-19 10:02 - 2017-01-16 08:29 - 00002529 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-12-19 10:02 - 2017-01-09 16:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-12-19 10:02 - 2016-12-20 10:38 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\AVG
2016-12-19 10:01 - 2017-01-17 21:49 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Avg
2016-12-19 10:01 - 2016-12-19 22:41 - 00000000 ____D C:\ProgramData\Avg
2016-12-19 10:01 - 2016-12-19 22:32 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-19 10:01 - 2016-12-19 22:31 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\AvgSetupLog
2016-12-19 10:01 - 2016-12-19 10:01 - 00000000 ___HD C:\ProgramData\Common Files
2016-12-19 06:46 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-12-19 06:46 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-12-19 06:46 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-12-19 06:46 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-12-19 06:46 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-12-19 06:46 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-12-19 06:46 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-12-19 06:46 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-12-19 06:46 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-12-19 06:46 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-12-19 06:46 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-12-19 06:46 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-12-19 06:46 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-12-19 06:46 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-12-19 06:46 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-12-19 06:46 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-12-19 06:46 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-12-19 06:46 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-12-19 06:46 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-12-19 06:46 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-12-19 06:46 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-19 06:46 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-12-19 06:46 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-19 06:46 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-12-19 06:46 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-19 06:46 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-12-19 06:46 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-12-19 06:46 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-12-19 06:46 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-12-19 06:46 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-12-19 06:46 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-12-19 06:46 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-12-19 06:46 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-12-19 06:46 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-12-19 06:46 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-12-19 06:46 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-12-19 06:46 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-12-19 06:46 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-12-19 06:46 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-12-19 06:46 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-12-19 06:46 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-12-19 06:46 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-12-19 06:46 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-12-19 06:46 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-12-19 06:46 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-12-19 06:46 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-12-19 06:46 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-12-19 06:46 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-12-19 06:46 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-12-19 06:46 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-12-19 06:46 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-12-19 06:46 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-12-19 06:46 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-12-19 06:46 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-12-19 06:46 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-12-19 06:46 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-12-19 06:46 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-12-19 06:46 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-12-19 06:46 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-12-19 06:46 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-12-19 06:46 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-12-19 06:46 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-12-19 06:46 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-12-19 06:46 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-12-19 06:46 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-12-19 06:46 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-12-19 06:46 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-12-19 06:46 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-12-19 06:46 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-12-19 06:46 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-12-19 06:46 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-12-19 06:46 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-12-19 06:46 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-12-19 06:46 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-12-19 06:46 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-12-19 06:46 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-12-19 06:46 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-12-19 06:46 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-12-19 06:46 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-12-19 06:46 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-12-19 06:46 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-12-19 06:46 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-12-19 06:46 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-12-19 06:46 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-12-19 06:46 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-12-19 06:46 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-12-19 06:46 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-12-19 06:46 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-12-19 06:46 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-12-19 06:46 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-12-19 06:46 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-12-19 06:46 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-12-19 06:46 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-12-19 06:46 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-12-19 06:46 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-12-19 06:46 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-12-19 06:46 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-12-19 06:46 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-12-19 06:46 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-12-19 06:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-12-19 06:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-12-19 06:46 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-12-19 06:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-12-19 06:46 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-12-19 06:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-12-19 06:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-12-19 06:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-12-19 06:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-12-19 06:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-12-19 06:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-12-19 06:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-12-19 06:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-12-19 06:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-12-19 06:46 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-12-19 06:46 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-12-19 03:40 - 2016-12-19 03:40 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Intel Corporation
2016-12-19 03:39 - 2016-12-19 03:39 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\ATI
2016-12-19 03:39 - 2016-12-19 03:39 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Power2Go8
2016-12-19 03:39 - 2016-12-19 03:39 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\ATI
2016-12-19 03:39 - 2016-12-18 16:21 - 00000000 __SHD C:\$RECYCLE.BIN
2016-12-19 03:38 - 2016-12-19 03:38 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Publishers
2016-12-19 03:37 - 2017-01-18 19:14 - 00000000 __SHD C:\Users\PikelSmikel\IntelGraphicsProfiles
2016-12-19 03:37 - 2017-01-16 07:58 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Adobe
2016-12-19 03:37 - 2017-01-15 23:06 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Packages
2016-12-19 03:37 - 2016-12-23 16:02 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\VirtualStore
2016-12-19 03:37 - 2016-12-19 03:37 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Intel
2016-12-19 03:37 - 2016-12-19 03:37 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\TileDataLayer
2016-12-19 03:37 - 2016-12-19 03:37 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\CyberLink
2016-12-19 03:37 - 2016-12-18 21:36 - 00000402 ___SH C:\Users\PikelSmikel\Documents\desktop.ini
2016-12-19 03:37 - 2016-12-18 21:36 - 00000282 ___SH C:\Users\PikelSmikel\Downloads\desktop.ini
2016-12-19 03:37 - 2016-12-18 21:36 - 00000174 ___SH C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-19 03:37 - 2016-12-18 21:36 - 00000174 ___SH C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-19 03:37 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Searches
2016-12-19 03:37 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Contacts
2016-12-19 03:37 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-19 03:37 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-19 03:36 - 2017-01-18 19:36 - 00000000 ___RD C:\Users\PikelSmikel\Desktop
2016-12-19 03:36 - 2017-01-18 19:13 - 03145728 ___SH C:\Users\PikelSmikel\NTUSER.DAT
2016-12-19 03:36 - 2017-01-18 19:13 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local
2016-12-19 03:36 - 2017-01-18 19:12 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming
2016-12-19 03:36 - 2017-01-18 19:08 - 00000000 ____D C:\Users\PikelSmikel\AppData\LocalLow
2016-12-19 03:36 - 2017-01-18 19:07 - 00000000 ___RD C:\Users\PikelSmikel\Downloads
2016-12-19 03:36 - 2017-01-16 21:54 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Microsoft
2016-12-19 03:36 - 2017-01-16 21:26 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-19 03:36 - 2017-01-08 11:24 - 00000000 ___SD C:\Users\PikelSmikel\AppData\Roaming\Microsoft
2016-12-19 03:36 - 2017-01-04 08:39 - 00000000 ___RD C:\Users\PikelSmikel\Videos
2016-12-19 03:36 - 2016-12-24 19:52 - 00000000 ____D C:\Users\PikelSmikel
2016-12-19 03:36 - 2016-12-19 06:47 - 00524288 ___SH C:\Users\PikelSmikel\NTUSER.DAT{77a2c7ed-26f0-11e5-80da-e41d2d741090}.TMContainer00000000000000000001.regtrans-ms
2016-12-19 03:36 - 2016-12-19 06:47 - 00065536 ___SH C:\Users\PikelSmikel\NTUSER.DAT{77a2c7ed-26f0-11e5-80da-e41d2d741090}.TM.blf
2016-12-19 03:36 - 2016-12-19 03:37 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-19 03:36 - 2016-12-19 03:36 - 00925696 ___SH C:\Users\PikelSmikel\ntuser.dat.LOG1
2016-12-19 03:36 - 2016-12-19 03:36 - 00802816 ___SH C:\Users\PikelSmikel\ntuser.dat.LOG2
2016-12-19 03:36 - 2016-12-19 03:36 - 00016148 _____ C:\Windows\system32\LAPTOP-G2081TT4_defaultuser0_HistoryPrediction.bin
2016-12-19 03:36 - 2016-12-19 03:36 - 00000020 ___SH C:\Users\PikelSmikel\ntuser.ini
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Templates
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Start Menu
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\SendTo
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Recent
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\PrintHood
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\NetHood
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\My Documents
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Local Settings
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Documents\My Videos
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Documents\My Pictures
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Documents\My Music
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Cookies
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\Application Data
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\AppData\Local\Temporary Internet Files
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\AppData\Local\History
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 _SHDL C:\Users\PikelSmikel\AppData\Local\Application Data
2016-12-19 03:36 - 2016-12-19 03:36 - 00000000 ___HD C:\Users\PikelSmikel\AppData
2016-12-19 03:36 - 2016-12-18 21:55 - 00000000 ___RD C:\Users\PikelSmikel\Documents
2016-12-19 03:36 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Saved Games
2016-12-19 03:36 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Pictures
2016-12-19 03:36 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Music
2016-12-19 03:36 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Links
2016-12-19 03:36 - 2016-12-18 21:36 - 00000000 ___RD C:\Users\PikelSmikel\Favorites
2016-12-19 03:36 - 2016-12-18 12:53 - 00524288 ___SH C:\Users\PikelSmikel\NTUSER.DAT{77a2c7ed-26f0-11e5-80da-e41d2d741090}.TMContainer00000000000000000002.regtrans-ms
2016-12-19 03:36 - 2015-08-20 07:01 - 00000000 ____D C:\Users\PikelSmikel\Roaming
2016-12-19 03:36 - 2015-07-10 19:04 - 00000000 __RSD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-19 03:36 - 2015-07-10 19:04 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-19 03:36 - 2015-07-10 19:04 - 00000000 ___RD C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-19 03:36 - 2015-07-10 19:04 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-19 03:34 - 2017-01-18 19:14 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-19 02:56 - 2016-12-19 02:56 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-12-19 01:10 - 2016-12-19 01:10 - 00000219 _____ C:\Users\PikelSmikel\Desktop\Dota 2.url
2016-12-19 01:02 - 2017-01-16 08:29 - 00001037 _____ C:\Users\Public\Desktop\Steam.lnk
2016-12-19 01:02 - 2017-01-16 07:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-19 01:02 - 2016-12-19 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-19 00:13 - 2016-12-19 00:13 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Xilisoft
2016-12-19 00:12 - 2017-01-16 08:29 - 00001117 _____ C:\Users\Public\Desktop\Xilisoft Video Converter Platinum.lnk
2016-12-19 00:12 - 2016-12-19 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-12-19 00:11 - 2016-12-19 00:11 - 00000000 ____D C:\ProgramData\Xilisoft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-18 19:14 - 2015-07-10 20:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-18 19:13 - 2015-07-10 17:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-01-18 19:09 - 2016-12-18 16:22 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\uTorrent
2017-01-18 18:54 - 2015-07-10 19:04 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-18 18:54 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\AppReadiness
2017-01-18 06:41 - 2015-07-10 19:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-18 06:40 - 2016-12-18 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-01-18 06:40 - 2016-12-18 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-18 06:19 - 2015-07-16 23:54 - 00876942 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-18 06:19 - 2015-07-10 19:02 - 00000000 ____D C:\Windows\INF
2017-01-18 02:02 - 2016-12-18 21:39 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Adobe
2017-01-18 00:29 - 2015-07-10 18:55 - 00000000 ____D C:\Windows\CbsTemp
2017-01-17 23:43 - 2015-08-20 06:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-17 23:34 - 2016-12-18 19:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-17 22:57 - 2016-12-18 20:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 21:47 - 2015-07-10 19:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-01-17 21:32 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\system32\NDF
2017-01-17 08:27 - 2016-12-18 12:44 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-17 06:28 - 2016-12-18 22:42 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\vlc
2017-01-16 22:03 - 2015-07-10 17:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-01-16 21:26 - 2016-12-18 17:24 - 00003302 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-16 21:26 - 2016-12-18 12:49 - 00002392 _____ C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-16 21:26 - 2016-12-18 12:49 - 00000000 ___RD C:\Users\PikelSmikel\OneDrive
2017-01-16 09:36 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\addins
2017-01-16 08:50 - 2016-12-18 12:44 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-16 08:30 - 2016-12-18 22:26 - 00000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2017-01-16 08:30 - 2016-12-18 22:22 - 00001626 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-01-16 08:30 - 2016-12-18 22:16 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 22:15 - 00001189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 22:15 - 00001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 22:15 - 00000932 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
2017-01-16 08:30 - 2016-12-18 22:14 - 00001625 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit 2.6.lnk
2017-01-16 08:30 - 2016-12-18 22:14 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 22:13 - 00001639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 22:13 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
2017-01-16 08:30 - 2016-12-18 21:48 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2017-01-16 08:29 - 2016-12-18 22:58 - 00001130 _____ C:\Users\PikelSmikel\Desktop\Garena Total.lnk
2017-01-16 08:29 - 2016-12-18 22:41 - 00000847 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-01-16 08:29 - 2016-12-18 22:22 - 00001608 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2017-01-16 08:29 - 2016-12-18 19:48 - 00001176 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-01-16 08:29 - 2016-12-18 16:24 - 00000706 _____ C:\Users\PikelSmikel\Desktop\Pikman.lnk
2017-01-16 07:39 - 2015-07-16 23:52 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-01-16 07:28 - 2015-07-16 23:52 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-16 00:07 - 2015-07-10 19:04 - 00000000 ___SD C:\Windows\Downloaded Program Files
2017-01-13 22:00 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\rescache
2017-01-12 21:14 - 2016-12-18 18:18 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-10 11:11 - 2015-08-20 06:04 - 00000000 ____D C:\ProgramData\CyberLink
2017-01-09 23:21 - 2016-12-18 21:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-01-02 21:09 - 2016-12-18 18:52 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-25 17:43 - 2015-08-20 06:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-25 11:54 - 2015-07-10 19:04 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-25 11:03 - 2015-07-10 17:07 - 00000000 ____D C:\Windows\Logs
2016-12-23 06:46 - 2015-07-10 19:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-23 06:46 - 2015-07-10 19:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 19:08 - 2015-12-21 07:50 - 00000000 __SHD C:\System Volume Information
2016-12-21 16:37 - 2015-07-16 23:51 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-12-21 08:27 - 2016-12-18 16:24 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\AMD
2016-12-21 07:18 - 2015-07-10 17:05 - 00000000 ____D C:\Windows\system32\CatRoot
2016-12-21 07:17 - 2015-08-20 06:47 - 00000000 ____D C:\Program Files\AMD
2016-12-21 05:54 - 2016-12-18 18:17 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2016-12-21 05:53 - 2015-08-20 06:01 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-12-21 05:52 - 2016-12-18 18:19 - 00000000 ____D C:\Users\PikelSmikel\AppData\Roaming\DAEMON Tools Pro
2016-12-20 20:41 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-12-20 10:38 - 2015-07-10 19:04 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-20 10:38 - 2015-07-10 19:04 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-20 10:37 - 2015-07-10 19:04 - 00000000 ____D C:\Users\Default\AppData\Roaming
2016-12-20 10:37 - 2015-07-10 19:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming
2016-12-20 08:44 - 2016-12-18 12:44 - 00003344 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 08:44 - 2016-12-18 12:44 - 00003120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 07:26 - 2015-07-10 19:04 - 00000000 ___RD C:\Windows\PrintDialog
2016-12-20 07:25 - 2015-08-20 06:51 - 00211134 _____ C:\Users\Public\CAFADEBUG.log
2016-12-20 05:54 - 2016-12-18 12:43 - 00000000 ____D C:\Users\PikelSmikel\AppData\Local\Lenovo
2016-12-20 05:52 - 2015-08-20 06:17 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-20 05:50 - 2015-08-20 06:05 - 00000000 ____D C:\Windows\Downloaded Installations
2016-12-20 04:41 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\SysWOW64\config
2016-12-20 04:40 - 2016-12-18 18:00 - 00014250 _____ C:\Windows\system32\InstallUtil.InstallLog
2016-12-19 10:23 - 2015-07-10 19:04 - 00000000 ____D C:\Windows\system32\WDI
2016-12-19 10:09 - 2015-08-20 06:14 - 00002272 _____ C:\Windows\System32\Tasks\PDVDServ12 Task
2016-12-19 10:07 - 2015-08-20 06:02 - 00000000 ____D C:\ProgramData\Temp
2016-12-19 10:07 - 2015-07-17 00:33 - 00000000 ____D C:\Windows\Panther
2016-12-19 10:07 - 2015-07-10 19:04 - 00000000 ___RD C:\Users\Public
2016-12-19 10:07 - 2015-07-10 17:05 - 00000000 ____D C:\Windows\system32\Sysprep
2016-12-19 03:35 - 2015-08-20 06:57 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-19 02:00 - 2016-12-18 21:43 - 00000000 ____D C:\ProgramData\Adobe

==================== Files in the root of some directories =======

2015-03-26 19:48 - 2015-03-26 19:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-01-18 19:17 - 2017-01-18 19:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-17 07:35

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by PikelSmikel (18-01-2017 19:37:17)
Running from C:\Users\PikelSmikel\Desktop
Windows 10 Home Single Language (X64) (2016-12-18 19:33:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1699618295-2604097746-2180962213-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1699618295-2604097746-2180962213-503 - Limited - Disabled)
Guest (S-1-5-21-1699618295-2604097746-2180962213-501 - Limited - Disabled)
PikelSmikel (S-1-5-21-1699618295-2604097746-2180962213-1001 - Administrator - Enabled) => C:\Users\PikelSmikel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
AutoSensitivity (HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\0a099336274e1166) (Version: 1.4.0.23 - Igor Kulman)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.72.2.55508 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.72.3 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Counter Strike 1.6 (HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\Counter Strike 1.6) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Injustice - Gods Among Us. Ultimate Edition (HKLM-x32\...\Injustice - Gods Among Us. Ultimate Edition_R.G.~AC85A1BE_is1) (Version: - R.G. Mechanics, markfiter)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
Left 4 Dead 2 version 2.1.4.6 (HKLM\...\{F30ECD7F-0336-48C8-B484-94F58B9F38AD}_is1) (Version: 2.1.4.6 - Strogino CS Portal)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3024.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.069.02 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - )
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ragnarok Online 2 (HKLM\...\Steam App 231060) (Version: - Gravity, Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warcraft III: All Products (HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\Warcraft III) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Xilisoft Video Converter Platinum (HKLM-x32\...\Xilisoft Video Converter Platinum) (Version: 7.8.18.20160913 - Xilisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BDCE8F7-5405-4F43-B248-AE4C431041FB} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {24A69B0A-465A-4F2E-A357-55FDDD84817D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {2CDEA3A6-0D07-482D-A444-61F8043C1EFE} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {30E8DFAC-AF8D-4C93-B1DD-5D5C306DB875} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e4b142ca-1837-4ce8-a26d-338f05cc779a => powershell.exe -nologo -noninteractive "&amp; {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\e4b142ca-1837-4ce8-a26d-338f05cc779a -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\e (the data entry has 73 more characters).
Task: {35981823-0319-4373-8ABA-847AAF9AB4FF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-12-07] (Lenovo)
Task: {43410E00-9C22-4A92-80FB-322E19E71A8C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-12-21] (Lenovo)
Task: {457F56D7-6D29-4BC5-B1E7-B256CAB3EF40} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-07] (Lenovo)
Task: {49033E7C-B53D-4F60-B321-E8C6058DC640} - System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-G2081TT4-PikelSmikel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {49177551-5ABA-4546-BB65-31B3F92CB987} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {4CBCCC77-4E65-4BDA-BCCF-E47496990CB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5100B69A-033C-43C4-BBD8-0F05FA2F1DDC} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {5332ADBC-DC01-41DF-ADF8-E226BA05C7C8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-12-07] (Lenovo)
Task: {7DDE2A2F-358A-4078-8BAD-7A10BD32EC82} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {7E4A4B66-30C6-4F3D-AB9C-F3CD3C889752} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-02-10] (Lenovo)
Task: {8163C462-1A24-43F5-B1D2-97EF8A3997BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {8E803756-2E97-4F27-9C77-2F7F4619DC12} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {94B6EF9F-650A-475C-807E-6B26F4AFE4B0} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program [Argument = Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent]
Task: {9C9113E2-E1D4-460B-A87B-409D73A3F0B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {A0662BBB-994C-444D-ADBD-4F49D4E24ADF} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {A554CE8C-6D8C-4FD5-AD48-5FDDB2E4FF23} - System32\Tasks\Driver Booster SkipUAC (PikelSmikel) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {ACD1F2AE-4957-425B-8F95-001A76DA2FDA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-02-10] (Lenovo)
Task: {AFE08091-4CA8-405B-B333-8E1388B886FC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-01-18] (Microsoft Corporation)
Task: {BEAAAFB5-0BB2-4E54-A3FF-047847FF6503} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D346FEFD-4B63-48A0-A546-45AA5323A36D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-06-28] (Advanced Micro Devices, Inc.)
Task: {E9BC47B9-8916-4A6A-A676-B73DA0571512} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-01-18] (Microsoft Corporation)
Task: {EFCAFCB8-C691-4B6F-92ED-E22690ED4BB3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-12-07] ()
Task: {F52AFF7D-2594-4611-AFDA-F93EDC5BA0D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PikelSmikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™ (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2015-08-20 06:51 - 2015-08-20 06:51 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-12-18 18:03 - 2016-10-25 15:15 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-12-18 16:27 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-20 07:08 - 2015-08-20 07:08 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2016-12-18 18:04 - 2016-11-19 18:24 - 02495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-18 18:04 - 2016-11-19 18:24 - 02495776 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-01-18 06:37 - 2017-01-18 06:37 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-12-18 18:02 - 2015-09-17 13:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-12-18 16:08 - 2016-12-08 16:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-18 16:08 - 2016-12-08 16:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-06-28 21:38 - 2016-06-28 21:38 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-12-18 18:04 - 2016-11-19 14:09 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-18 18:00 - 2016-11-19 14:06 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-18 18:04 - 2016-11-19 14:06 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-12-18 18:04 - 2015-09-17 13:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-20 10:31 - 2016-12-20 10:31 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-18 21:16 - 2017-01-16 07:59 - 00003054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.scorecardresearch.com
34.195.153.94 c.amazon-adsystem.com
34.195.153.94 cdn.admixer.net
34.195.153.94 cdn.cxense.com
34.195.153.94 cdn.livefyre.com
34.195.153.94 cdn.onthe.io
34.195.153.94 cdn.optimizely.com
34.195.153.94 cdn.prom.st
34.195.153.94 cdn.pushwoosh.com
34.195.153.94 cdn.tt.omtrdc.net

There are 55 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1699618295-2604097746-2180962213-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{2F8FA525-E265-4F30-91E4-87837BD21628}] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{109D0680-4F12-4485-868E-33E9B51FCA7C}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{9B2D0034-DE7F-4349-BF8B-FB5808569554}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3B3BB458-48F3-492C-A909-CCDC94932846}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{32BA66E6-517F-4E6A-8153-FC850DED04FD}] => C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{303C565C-540F-4AA6-9FD9-9E8759888451}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{BAAB148D-AE6B-4326-A0FA-91BAF247ABEF}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{678E9C0D-B763-4537-A805-9999F540F292}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{28C24870-0221-425E-93A3-AE16305A279A}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B141967F-1FCC-4FED-AB77-7BE83319BEF9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{35939861-21C1-452D-9780-1571E7813089}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{FCDBCC4F-E5EE-4981-8576-79948BBE486A}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D16726EF-01D0-4E45-A4DD-1F2AA04BDBA4}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8163C6F1-0547-49A3-8206-267EF7D3C738}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B96CD65B-CCF7-4DF0-AEAF-8CB5CB06FFA0}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0EDB5654-F41B-4BE6-BA76-2E2AA916DFED}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD2A3A3A-EE64-46F6-AC2A-FB96ACE367C4}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{4FC8A91E-7827-46DF-99DB-9800F7A6E722}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{6C0EC3F6-6422-4D17-8C45-3C902F4C4385}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{39F2B23F-86FE-4B7E-9C6A-FED865AEB27B}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{1916C0EF-9098-4B00-A849-EA5687ED8457}C:\program files (x86)\counter strike 1.6\hl.exe] => C:\program files (x86)\counter strike 1.6\hl.exe
FirewallRules: [UDP Query User{DFBDD895-26FD-4738-98FB-2662754B48B7}C:\program files (x86)\counter strike 1.6\hl.exe] => C:\program files (x86)\counter strike 1.6\hl.exe
FirewallRules: [{FA6D3307-7CF8-4016-995A-96EDCE773F90}] => G:\Pikman\GAMES\SxT\SFTK.exe
FirewallRules: [{ECD1B202-33BA-473E-88FB-62C19570F261}] => G:\Pikman\GAMES\SxT\SFTK.exe
FirewallRules: [TCP Query User{8E7C34DA-8FB1-46FD-99B5-662DABB9B73B}G:\pikman\games\left 4 dead 2\left4dead2.exe] => G:\pikman\games\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{D5F2BA76-CE34-4C48-9166-FE745CA39739}G:\pikman\games\left 4 dead 2\left4dead2.exe] => G:\pikman\games\left 4 dead 2\left4dead2.exe
FirewallRules: [{501B1FBE-803A-4E9C-961B-A5ECB8AF32E4}] => G:\Pikman\GAMES\AC\AssassinsCreed_Dx9.exe
FirewallRules: [{3AC5D5D0-8F54-4902-9420-083C1DE130A7}] => G:\Pikman\GAMES\AC\AssassinsCreed_Dx9.exe
FirewallRules: [{92FA3117-14F2-4A31-8BC1-65B9AE463D99}] => G:\Pikman\GAMES\AC\AssassinsCreed_Dx10.exe
FirewallRules: [{9A87803A-DF73-49A2-8D1A-944E3850C080}] => G:\Pikman\GAMES\AC\AssassinsCreed_Dx10.exe
FirewallRules: [{0F5CA287-CC04-4022-9671-94EEADC83D77}] => G:\Pikman\GAMES\AC\AssassinsCreed_Launcher.exe
FirewallRules: [{8AC4A52B-54A3-4550-B2F1-7CBCB272AEA4}] => G:\Pikman\GAMES\AC\AssassinsCreed_Launcher.exe
FirewallRules: [{9D0E3D2C-A0CA-41EB-BC66-5BC6299FA73D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2291309B-4583-4336-9904-0D9A51B92DB3}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81F6EDBA-0C81-4B54-91B0-326B0D4BD4C5}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0AE7BB7D-7BF8-4AA9-861A-F22FDE507DEE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CA0C91EE-81F9-4882-8098-7AD0AF513545}] => LPort=5556
FirewallRules: [{E7C284A7-F514-4926-BF98-DECBCE31927C}] => LPort=5558
FirewallRules: [{C3FC622F-A33D-4CBA-B79B-4E86EAA8585C}] => G:\Pikman\GAMES\Steam\steamapps\common\Ragnarok Online 2\WPLauncher.exe
FirewallRules: [{70F2E3F5-EE67-487F-817D-AECA533D2406}] => G:\Pikman\GAMES\Steam\steamapps\common\Ragnarok Online 2\WPLauncher.exe
FirewallRules: [{AA5E0257-AD3E-4BB8-BE09-00867574AAE1}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{86C7CDD7-1FE2-47E9-B948-8ACEA9E02653}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{845F5EDF-62C9-43D4-8EC3-2F8D3428F94B}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0C2F8712-D585-4DFE-8375-261C14617931}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BB5ACE74-6E0B-446C-BA85-9DCFC00BB9E2}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A12753AC-A78E-4ED3-8515-9C278DA60BCC}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{04E83563-1FAB-4ED8-BEBE-528718E39877}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{B4D3B2C4-BFE6-4BFC-9A88-847F852982E3}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{033DBFC5-5A78-4458-8286-52C13122B2EC}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{70A4E4CA-F3EF-40BB-86E8-1A7F1364D09E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03C9FCB2-A3F3-45CC-A99A-1D1AFC3C1DCE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B7E8669-183A-480B-AC55-363C6B73C19D}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{877468CA-1E13-4D67-8A47-A5FF6D0908F6}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2017 07:37:31 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator

Error: (01/18/2017 07:37:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator

Error: (01/18/2017 07:22:13 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator

Error: (01/18/2017 07:22:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
List interfaces for all providers supporting this context
Query Shadow Copies

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshot Context: 13
Snapshot Context: 13
Execution Context: Coordinator

Error: (01/18/2017 07:12:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\PikelSmikel\Desktop\Farbar\FRST64.exe ; Description = Restore Point Created by FRST; Error = 0x8004230f).

Error: (01/18/2017 07:12:07 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/18/2017 07:12:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
Obtain a callable interface for this provider
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: 4194317
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{7fe39bc4-8ab3-448e-a56f-71945e13dfb0}\
Execution Context: Coordinator

Error: (01/18/2017 07:12:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (01/18/2017 07:12:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface. hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.
.

Error: (01/18/2017 07:12:03 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
Obtain a callable interface for this provider
Obtaining provider management interface

Context:
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Class ID: {00000000-0000-0000-0000-000000000000}
Snapshot Context: -1
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (01/18/2017 07:13:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (01/18/2017 07:13:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (01/18/2017 07:13:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (01/18/2017 07:13:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/18/2017 07:12:43 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.

Error: (01/18/2017 07:12:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG PC TuneUp Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 250 milliseconds: Restart the service.

Error: (01/18/2017 07:12:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/18/2017 07:12:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/18/2017 07:12:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AdaptiveSleepService service terminated unexpectedly. It has done this 1 time(s).

Error: (01/18/2017 07:12:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2017-01-18 01:51:50.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:21.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.851
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:38:20.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:22:31.694
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:07:32.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 8106.45 MB
Available physical RAM: 5158.95 MB
Total Virtual: 9386.45 MB
Available Virtual: 6491.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.92 GB) (Free:260.91 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.72 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:439.45 GB) (Free:296.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E8FB57E3)

Partition: GPT.

==================== End of Addition.txt ============================

 

[herlanczar]

Part 2: Check the Master Boot Record (MBR)


aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-01-18 19:39:47
-----------------------------
19:39:47.591 OS Version: Windows x64 6.2.9200
19:39:47.592 Number of processors: 4 586 0x3D04
19:39:47.592 ComputerName: LAPTOP-G2081TT4 UserName: PikelSmikel
19:39:48.434 Initialize success
19:39:48.492 VM: initialized successfully
19:39:48.493 VM: Intel CPU BiosDisabled
19:40:32.819 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002c
19:40:32.821 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2BA30001 Size: 953869MB BusType: 11
19:40:32.948 Disk 0 MBR read successfully
19:40:32.950 Disk 0 MBR scan
19:40:32.951 Disk 0 unknown MBR code
19:40:32.952 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:40:32.990 Disk 0 scanning C:\Windows\system32\drivers
19:40:38.976 Service scanning
19:40:54.609 Modules scanning
19:40:54.612 Disk 0 trace - called modules:
19:40:54.637 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys intelpep.sys iaStorA.sys hal.dll
19:40:54.640 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0009484e060]
19:40:54.643 3 CLASSPNP.SYS[fffff800884f46c5] -> nt!IofCallDriver -> [0xffffe00091db0040]
19:40:54.646 5 ACPI.sys[fffff80087401361] -> nt!IofCallDriver -> \Device\0000002c[0xffffe0009069a500]
19:40:54.648 Disk 0 statistics 159761/0/0 @ 13.28 MB/s
19:40:54.651 Scan finished successfully
19:41:39.905 Disk 0 MBR has been saved successfully to "C:\Users\PikelSmikel\Desktop\MBR.dat"
19:41:39.911 The log file has been saved successfully to "C:\Users\PikelSmikel\Desktop\aswMBR.txt"

 

[herlanczar]

You may still have some left over malware that our Security Team can help with.

Follow the instruction on the following link and post the information.

Read Before Following Prework Instructions
[Prework] Please Read Before Posting
Security Forum Guidelines

I posted the logs up there ^ Did I do it correctly?

 

[Malnutrition]

Yes the logs are posted correct. @driver_ian will be with you ASAP

 

[driver_ian]

Hello and welcome to the forum,
Whilst I review your logs please complete the following instructions and post the resulting logs.

Security Check Scan.

• Download Security Check to your desktop.
• Right click it run as administrator.
• When the program completes, the tool will automatically open a log file.
• Please post that log here in your next post.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

JRT Scan.


Please download Junkware Removal Tool and save it on your desktop.

• Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log is saved to your desktop and will automatically open.
• Please post the JRT log.

Adware Removal Tool Scan.

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Hit Ok.

Hit next make sure to leave all items checked, for removal.

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
================================================================================

Download HostsXpert from HERE

• Unzip it and start the program.
• If "Make writeable?" is shown in red at the top, click it to make writeable.
• Press "Restore MS Hosts File"
• OK the prompt.
• Then click on "Make read only"
• Exit HostXpert.

 

[herlanczar]

Sorry. Just had stable connection. To post log soon. thanks

 

[herlanczar]

Security Check Scan:


SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 22.01.2017 23:35:15
Path starting: C:\Users\PikelSmikel\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: PikelSmikel
VersionXML: 3.80is-21.01.2017
___________________________________________________________________________

Windows 10(6.3.14393) (x64) CoreSingleLanguage Lang: English(0409)
Installation date OS: 21.01.2017 02:12:43
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Initial grace period ends :40961 minutes
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [446.9 Gb] Used: [189.2 Gb] Free: [257.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.576.14393.0
User Account Control enabled

Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service has stopped
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service has stopped
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.40 (64-bit) v.5.40.0
VLC media player v.2.2.4
Wireshark 2.2.3 (64-bit) v.2.2.3
--------------------------------- [ P2P ] ---------------------------------
qBittorrent 3.3.10 v.3.3.10 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 121 v.8.0.1210.13
--------------------------- [ AppleProduction ] ---------------------------
QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.2.5.1.17730 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.55.0.2883.87
Mozilla Firefox 50.1.0 (x86 en-US) v.50.1.0
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.55.0.2883.87
------------------ [ AntivirusFirewallProcessServices ] -------------------
AVG Service (avgsvc) - The service is running
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe v.1.143.2.51391
AVG Service (avgsvc) - The service is running
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe v.1.143.2.51391
C:\Program Files\Windows Defender\MsMpEng.exe v.4.10.14393.0
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.10.14393.0
C:\Program Files\Windows Defender\NisSrv.exe v.4.10.14393.0
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
----------------------------- [ End of Log ] ------------------------------

 

[herlanczar]

AdwCleaner scan:


# AdwCleaner v6.042 - Logfile created 22/01/2017 at 23:39:23
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-22.1 [Local]
# Operating System : Windows 10 Home Single Language (X64)
# Username : PikelSmikel - LAPTOP-G2081TT4
# Running from : C:\Users\PikelSmikel\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5868 Bytes] - [17/01/2017 22:51:30]
C:\AdwCleaner\AdwCleaner[C2].txt - [2040 Bytes] - [22/01/2017 07:19:07]
C:\AdwCleaner\AdwCleaner[C3].txt - [1623 Bytes] - [22/01/2017 23:29:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [5615 Bytes] - [17/01/2017 22:48:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [1316 Bytes] - [17/01/2017 23:00:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1390 Bytes] - [18/01/2017 10:28:25]
C:\AdwCleaner\AdwCleaner[S3].txt - [1463 Bytes] - [19/01/2017 08:33:11]
C:\AdwCleaner\AdwCleaner[S4].txt - [2295 Bytes] - [22/01/2017 06:57:00]
C:\AdwCleaner\AdwCleaner[S5].txt - [1756 Bytes] - [22/01/2017 23:28:59]
C:\AdwCleaner\AdwCleaner[S6].txt - [1675 Bytes] - [22/01/2017 23:39:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1748 Bytes] ##########

 

[herlanczar]

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool 5.1
Time: 2017_01_22_23_44_51
OS: Windows 10 Home Single Language - x64 Bit
Account Name: PikelSmikel
Adware Definition: 01222017
Elapsed time: 11:37
Scan Status:- Automatic Done

\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\


No results found
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool 5.1
Time: 2017_01_22_23_44_51
OS: Windows 10 Home Single Language - x64 Bit
Account Name: PikelSmikel
Adware Definition: 01222017
Elapsed time: 11:37
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\


No results found

 

[herlanczar]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home Single Language x64
Ran by PikelSmikel (Administrator) on Mon, Jan 23, 17 at 0:01:41.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (PikelSmikel) (Task)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B3216DFD48AB0D0BFB23778EAE9EC571 (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3FF0913B-83AB-4A40-96C0-32663FC5FDB6} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon, Jan 23, 17 at 0:03:03.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[driver_ian]

Hello again,
I would like you to reset the Hosts file please follow the instruction below:

• Click here to download RstHosts v2.0

• Save the file to your desktop.

• Right Click and Run as Administrator.

• Click on Restaurer, then click OK at the prompt.

• This will restore the default host file.

• Next Click on Creer Un Rapport.

========================================================================
Zemana Scan.

Please download Zemana AntiMalware and save it to your Desktop.

• Install the program and once the installation is complete it will start automatically.
• Without changing any options, press Scan to begin.
• After the short scan is finished, if threats are detected press Next to remove them.

Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.

• Open Zemana AntiMalware again.
• Click on
  
  icon and double click the latest report.
• Now click File > Save As and choose your Desktop before pressing Save.
• The only left thing is to attach saved report in your next message.

• This will open a logfile, post that in your next reply

========================================================================

Please download CKScanner and save it to your Desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

• Right click on the CKScanner.exe icon and select Run as administrator.
• Click the Search For Files button.
• When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
  A text file will be created on your desktop named "ckfiles.txt"
• Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
• Please copy/paste the contents of ckfiles.txt in your next reply.

 

[herlanczar]

Zemana AntiMalware 2.70.2.576 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017/1/24
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
BIOS Mode : UEFI
CUID : 126777858CB669BC6F296B
Scan Type : System Scan
Duration : 14m 40s
Scanned Objects : 102998
Detected Objects : 6
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Hosts File
Status : Scanned
Object : %systemroot%\system32\drivers\etc\hosts
MD5 : F666B6456726DB927939D86012073291
Publisher : -
Size : 89
Version : -
Detection : Hosts Hijack
Cleaning Action : Repair
Related Objects :
Hosts file - Hosts file is hidden
File - %systemroot%\system32\drivers\etc\hosts

setup.exe
Status : Scanned
Object : %userprofile%\downloads\[r.g. mechanics] injustice - gods among us. ultimate edition\setup.exe
MD5 : 8CA1590D81D9B9601676B0F7993C52D2
Publisher : -
Size : 2015501
Version : 1.0.0.0
Detection : Malware:Win32/Tamaca!Tace
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\[r.g. mechanics] injustice - gods among us. ultimate edition\setup.exe

uninstaller.exe
Status : Scanned
Object : NE->c:\program files\5jptsjyh6i\uninstaller.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/Wizzcaster.D!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)

uninstaller.exe
Status : Scanned
Object : NE->c:\program files\v3zcu08crb\uninstaller.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/Wizzcaster.D!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)

ucbrowser
Status : Scanned
Object : NE->c:\users\pikelsmikel\appdata\local\ucbrowser
MD5 : -
Publisher : -
Size : -
Version : -
Detection : PUA:Win32/UCBrowser.C!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)

difx
Status : Scanned
Object : NE->c:\users\pikelsmikel\appdata\roaming\difx
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Trojan:Win32/TVSpy.A!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)


Cleaning Result
-------------------------------------------------------
Cleaned : 6
Reported as safe : 0
Failed : 0

 

[herlanczar]

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\kmspico\tokensbackup\keys.txt
c:\program files\kmspico\tokensbackup\windows\data.dat
c:\program files\kmspico\tokensbackup\windows\pkeyconfig.xrm-ms
c:\program files\kmspico\tokensbackup\windows\tokens.dat
c:\program files\kmspico\tokensbackup\windows\cache\cache.dat
c:\program files (x86)\kmspico 10.0.6\readme.docx
c:\program files (x86)\kmspico 10.0.6\{bf416fa6-efd6-4901-f97a-8bfd5bbbcfe4}
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\courier\courier_trail_lava\courier_lava_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\courier\courier_trail_lava\courier_lava_cracks_b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\courier\courier_trail_lava\courier_trail_lava_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\courier\courier_trail_lava\courier_trail_lava_cracks_background.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\courier\courier_trail_lava\courier_trail_lava_cracks_center.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\events\fall_major_2016\cyclone_fm06_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\events\fall_major_2016\teleport_team_flair_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\events\fall_major_2016\teleport_team_flair_ground_cracks_silver.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\crystal_maiden\crystal_maiden_maiden_of_icewrack\maiden_freezing_field_cracks_arcana.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6\drow_ti6_silence_arrow_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6\drow_ti6_silence_arrow_cracks_core.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6\drow_ti6_silence_arrow_cracks_scorch.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6\drow_ti6_silence_wave_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6_gold\drow_ti6_silence_gold_arrow_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6_gold\drow_ti6_silence_gold_arrow_cracks_core.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6_gold\drow_ti6_silence_gold_arrow_cracks_scorch.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\drow\drow_ti6_gold\drow_ti6_silence_gold_wave_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\earthshaker_gravelmaw\earthshaker_fissure_cracks_b_gravelmaw.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\earthshaker_gravelmaw\earthshaker_fissure_cracks_c_gravelmaw.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\earthshaker_gravelmaw\earthshaker_fissure_cracks_gravelmaw.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_aftershock_crack_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_echoslam_start_cracks_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_echoslam_start_magma_cracks_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_cracks_b_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_cracks_c_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_cracks_c_fallback_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_cracks_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_cracks_fallback_mid_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_magma_crack_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\earthshaker\egteam_set\hero_earthshaker_egset\earthshaker_fissure_magma_crack_low_egset.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\invoker\glorious_inspiration\invoker_forge_spirit_spawn_base_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\lich\frozen_chains_ti6\lich_frozenchains_frostnova_gcrack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_background.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_backgroundbase.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_backgrounddark.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_center.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_glow.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_sprt.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\magnataur\shock_of_the_anvil\magnataur_shockanvil_cracks_warp.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\monkey_king\arcana\base\monkey_king_arcana_spring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\monkey_king\arcana\death\monkey_king_arcana_death_spring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\monkey_king\arcana\fire\monkey_king_fire_arcana_spring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\monkey_king\arcana\water\monkey_king_arcana_water_spring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\morphling\morphling_crown_of_tears\morphling_crown_waveform_ground_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\natures_prophet\natures_prophet_weapon_sufferwood\furion_teleport_end_team_sufferwood_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\sand_king\sandking_barren_crown\sandking_rubyspire_burrowstrike_cracks_background.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\sand_king\sandking_barren_crown\sandking_rubyspire_burrowstrike_cracks_center.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\sand_king\sandking_barren_crown\sandking_rubyspire_burrowstrike_cracks_glo.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\sand_king\sandking_barren_crown\sandking_rubyspire_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\shadow_fiend\sf_fire_arcana\sf_fire_arcana_shadowraze_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\shadow_fiend\sf_fire_arcana\sf_fire_arcana_trail_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\shadow_fiend\sf_fire_arcana\sf_fire_arcana_wings_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\shredder\hero_shredder_icefx\shredder_chakram_cracks_ice.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\shredder\timber_controlled_burn\timber_controlled_burn_tree_kill_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\slark\slark_ti6_blade\slark_ti6_pounce_gold_ground_crack_dark.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\slark\slark_ti6_blade\slark_ti6_pounce_gold_ground_crack_light.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\slark\slark_ti6_blade\slark_ti6_pounce_ground_crack_dark.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\slark\slark_ti6_blade\slark_ti6_pounce_ground_crack_light.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\spirit_breaker\spirit_breaker_iron_surge\spirit_breaker_charge_cracks_b_iron.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\spirit_breaker\spirit_breaker_iron_surge\spirit_breaker_charge_cracks_iron.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\storm_spirit\storm_spirit_orchid_hat\stormspirit_orchid_ball_trail_ground_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\undying\undying_manyone\undying_pale_tombstone_groundcrack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\undying\undying_pale_augur\undying_pale_augur_decay_cast_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\undying\undying_pale_augur\undying_pale_augur_decay_proj_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\arcana_chariot\zeus_arcana_kill_crackle.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\arcana_chariot\zeus_arcana_kill_groundcrack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\arcana_chariot\zeus_arcana_kill_groundcrack_light.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\arcana_chariot\zeus_arcana_kill_groundcrack_spark.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\arcana_chariot\zeus_arcana_kill_groundcrack_spark_stay.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\lightning_weapon_fx\zuus_lightning_bolt_groundfx_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\econ\items\zeus\lightning_weapon_fx\zuus_lightning_bolt_groundfx_crack_light.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\neutral_fx\centaur_khan_stomp_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\neutral_fx\prowler_shaman_stomp_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\neutral_fx\roshan_slam_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines1.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines1b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines2.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines2b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines3.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines4.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines5.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines6.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines7.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\radiant_fx2\good_ancient001_zcracklines8.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\siege_fx\siege_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\siege_fx\siege_crack_b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\themed_fx\cny_firecrackers_bundle.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\themed_fx\cny_firecrackers_direend.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\themed_fx\cny_firecrackers_radend.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\themed_fx\cny_firecracker_model.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\themed_fx\cny_firecracker_model_endcap.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\traps\pendulum\wheel_scrape_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\heroes_underlord\underlord_pitofmalice_base_altanim_core_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\heroes_underlord\underlord_pitofmalice_base_altanim_core_crack_sml.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_arc_warden\arc_warden_magnetic_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_brewmaster\brewmaster_thunder_clap_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_echoslam_start_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_fissure_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_fissure_cracks_b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_fissure_cracks_c.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_fissure_cracks_c_fallback.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earthshaker\earthshaker_fissure_cracks_fallback_mid.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_earth_spirit\earthspirit_stone_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_elder_titan\elder_titan_earth_splitter_cast_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_elder_titan\elder_titan_echo_stomp_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_jakiro\jakiro_ice_path_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_b.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_c.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_d.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_e.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_f.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_ropea.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_crack_ropeb.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_hit_crack_darkerrope.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_hit_crack_darkrope.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_lion\lion_spell_impale_hit_crack_redrope.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_magnataur\magnataur_shockwave_cracks_background.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_magnataur\magnataur_shockwave_cracks_center.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_magnataur\magnataur_shockwave_cracks_glow.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_magnataur\magnataur_shockwave_cracks_warp.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_monkey_king\monkey_king_spring_cast_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_monkey_king\monkey_king_spring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_monkey_king\monkey_king_strike_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_nevermore\nevermore_requiemofsouls_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_nevermore\nevermore_shadowraze_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_nevermore\nevermore_trail_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_nevermore\nevermore_trail_ground_cracks_soft.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_oracle\oracle_false_promise_cast_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_oracle\oracle_false_promise_hit_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_oracle\oracle_false_promise_hit_crack_lrg.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_oracle\oracle_fortune_aoe_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_phoenix\phoenix_fire_spirit_ground_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_riki\riki_tricks_ring_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_sandking\sandking_burrowstrike_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_sandking\sandking_burrowstrike_cracks_background.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_sandking\sandking_burrowstrike_cracks_center.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_shadow_demon\shadow_demon_shadow_poison_projectile_v3_crack01.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_shadow_demon\shadow_demon_shadow_poison_projectile_v3_crack02.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_shredder\shredder_chakram_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_silencer\silencer_global_silence_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_silencer\silencer_global_silence_cracks_hero.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_silencer\silencer_last_word_trigger_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_techies\techies_stasis_ground_crack_light.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_tiny\tiny_avalanche_projectile_crack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_undying\undying_decay_proj_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_undying\undying_tombstone_groundcrack.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota\particles\units\heroes\hero_venomancer\veno_tnt_banana_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota_addons\holdout_example\particles\creature_splitter\earthspirit_stone_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\content\dota_addons\overthrow\particles\traps\pendulum\wheel_scrape_cracks.vpcf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\game\dota\scripts\vscripts\animation\particle\cracked_boulder.lua
c:\program files (x86)\steam\steamapps\common\dota 2 beta\game\dota_addons\holdout_example\particles\creature_splitter\earthspirit_stone_cracks.vpcf_c
c:\program files (x86)\steam\steamapps\common\dota 2 beta\game\dota_addons\overthrow\particles\traps\pendulum\wheel_scrape_cracks.vpcf_c
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\assassinscreed_dx10.exe
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\assassinscreed_dx9.exe
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\assassinscreed_launcher.exe
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\binkw32.dll
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\eax.dll
c:\users\pikelsmikel\downloads\assasins creed (full) original rip\assassins creed crack\read it first.txt
c:\windows.old\windows\prefetch\kmseldi.exe-396681d6.pf
c:\windows.old\windows\prefetch\kmspico 10.2.1.exe-4aba050c.pf
c:\windows.old\windows\prefetch\kmspico10.2.1__8174_il9.exe-9d540cfc.pf
scanner sequence 3.ZZ.11.CIAPGZ
----- EOF -----

 

[driver_ian]

Please read this post..
I believe your 'Google websites' issues are related to the pirated software you have on this machine.
Should you wish to continue with this issue please uninstall ALL pirated software and post a new set of FRST logs and a new CKScanner log.

 

[driver_ian]

Hi if there is no response to this thread in 48 hours this thread will be marked closed.