WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Possible Bandwidth Stealing Virus [Solved]

Started by japjap4 , Feb 11 2016 05:12 AM

Virus

This topic is locked

27 replies to this topic

#1 japjap4

New Member

Authentic Member
13 posts

Posted 11 February 2016 - 05:12 AM

Hi, I want to know if there's something that's hogging my bandwidth. Recently this month, my internet has been slowing down all of a sudden and I suspect there's some virus that's stealing my internet. I have a log of HijackThis attached below.

 Logfile of Trend Micro HijackThis v2.0.5Scan saved at 7:06:50 PM, on 2/11/2016
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)




Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Windows\system32\PING.EXE
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files\Steam\bin\steamwebhelper.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Update\45.0.0.10802\TorchUpdate.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Users\comp\AppData\Local\Torch\Application\torch.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\comp\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\comp\AppData\Local\Torch\Update\TorchCrashHandler.exe


--
End of file - 4603 bytes

Advertisements

Register to Remove

#2 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 11 February 2016 - 05:39 AM

Hello japjap4 and welcome to the WTT forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

please follow all instructions in the order posted
please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
if you don't understand something, please don't hesitate to ask for clarification before proceeding
the fixes are specific to your problem and should only be used for this issue on this machine.
please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Torch is not a good browser choice. It has a reputation of being foistware and also of containing adware capabilities. Our tools will target it automatically for those reasons therefore I strongly suggest that you uninstall it and change to another browser such as Mozilla Firefox or Internet Explorer, (I do not recommend Chrome).

===================================================

Note: Please run these in the order given in the instructions.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

run AdwCleaner
when it has finished, select Clean
if it asks to reboot, allow the reboot
on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.

===================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
press Scan button
it will produce a log called Frst.txt in the same directory the tool is run from
please copy and paste log back here.
the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

Logs to include with next post:

AdwCleaner log
JRT.txt
Frst.txt
Addition.txt

Thanks

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#3 japjap4

New Member

Authentic Member
13 posts

Posted 11 February 2016 - 10:51 PM

Hello Satchfan and thank you for the warm welcome. Here are the logs you want me to put

AdwCleaner log

# AdwCleaner v5.033 - Logfile created 12/02/2016 at 12:35:09# Updated 
07/02/2016 by Xplode# Database : 2016-02-07.2 [Server]# Operating system 
: Windows 7 Home Basic  (x86)# Username : comp - KUUHAKU-PC# 
Running from : C:\Users\comp\Downloads\adwcleaner_5.033.exe# Option : 
Cleaning# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : torchcrashhandler
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\eSupport.com[-] Folder Deleted : 
C:\ProgramData\torchcrashhandler[-] Folder Deleted : 
C:\Users\comp\AppData\Local\eSupport.com[-] Folder Deleted : 
C:\Users\comp\AppData\Local\torch
***** [ Files ] *****
[-] File Deleted : C:\Users\comp\AppData\Roaming\Microsoft\Internet 
Explorer\Quick Launch\Torch.lnk[-] File Deleted : 
C:\Users\comp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User 
Pinned\TaskBar\Torch.lnk[-] File Deleted : 
C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start 
Menu\Programs\Torch.lnk[-] File Deleted : 
C:\Users\comp\Desktop\Torch.lnk
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\MozillaPlugins\TorchVLC[-] Key Deleted : 
HKLM\SOFTWARE\Classes\Applications\Torch.exe[-] Key Deleted : 
HKLM\SOFTWARE\Clients\StartMenuInternet\Torch[-] Key Deleted : 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe[-] Key 
Deleted : HKCU\Software\eSupport.com[-] Key Deleted : 
HKCU\Software\torch[-] Key Deleted : HKLM\SOFTWARE\torch[-] Key Deleted 
: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1783 bytes] 
##########

JRT.txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware 
Removal Tool (JRT) by MalwarebytesVersion: 8.0.2 (01.06.2016)Operating 
System: Windows 7 Home Basic x86Ran by comp (Administrator) on Fri 
02/12/2016 at 
12:42:15.73~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 26
Successfully deleted: C:\ProgramData\1454822612.bdinstall.bin 
(File)Successfully deleted: C:\ProgramData\1454829147.bdinstall.bin 
(File)Successfully deleted: C:\ProgramData\1454829151.bdinstall.bin 
(File)Successfully deleted: C:\ProgramData\1454840308.bdinstall.bin 
(File)Successfully deleted: C:\ProgramData\1454840311.2080.bin 
(File)Successfully deleted: C:\ProgramData\1454840311.2836.bin 
(File)Successfully deleted: C:\ProgramData\1454840311.3952.bin 
(File)Successfully deleted: C:\ProgramData\1454840311.4024.bin 
(File)Successfully deleted: C:\ProgramData\iobit\driver booster 
(Folder)Successfully deleted: C:\ProgramData\productdata 
(Folder)Successfully deleted: C:\Users\comp\AppData\Roaming\iobit\driver 
booster (Folder)Successfully deleted: C:\Windows\System32\Tasks\Driver 
Booster Scheduler (Task)Successfully deleted: 
C:\Windows\System32\Tasks\Driver Booster SkipUAC (comp) (Task)Successfully 
deleted: C:\Program Files\GUT206C.tmp (File)Successfully deleted: C:\Program 
Files\GUT6622.tmp (File)Successfully deleted: C:\Program Files\GUT9E53.tmp 
(File)Successfully deleted: C:\Program Files\iobit\driver booster 
(Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\1LGGCIYW (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\5TO2Z6R2 (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\B4G99A7X (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\GBJ13ADP (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\I3XIQBJ3 (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\OSB870JQ (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\RHY4CK7W (Folder)Successfully deleted: 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\ZNY53367 (Folder)Successfully deleted: 
C:\Windows\prefetch\DRIVERBOOSTER.EXE-85146E71.pf (File)

Registry: 0


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was 
completed on Fri 02/12/2016 at 12:43:25.36End of JRT 
log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) 
Version:07-02-2016Ran by comp (administrator) on KUUHAKU-PC (12-02-2016 
12:45:48)Running from 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\B4G99A7XLoaded Profiles: comp (Available Profiles: 
comp)Platform: Microsoft Windows 7 Home Basic  (X86) Language: English 
(United States)Internet Explorer Version 8 (Default browser: IE)Boot 
Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file 
will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe(AVG Technologies CZ, s.r.o.) 
C:\Program Files\AVG\Framework\Common\avgsvcx.exe(AVG Technologies CZ, 
s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe(Malwarebytes) C:\Program 
Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes) C:\Program 
Files\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) 
C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) 
C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) 
C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) 
C:\Program Files\Internet Explorer\iexplore.exe(Adobe Systems Incorporated) 
C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe(Farbar) 
C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet 
Files\Content.IE5\B4G99A7X\FRST[1].exe
==================== Registry (Whitelisted) 
===========================
(If an entry is included in the fixlist, the registry item will be restored 
to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe 
[7745792 2016-01-24] (Realtek Semiconductor)HKLM\...\Run: [AvgUi] => 
C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG 
Technologies CZ, s.r.o.)HKLM\...\Run: [AVG_UI] => C:\Program 
Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, 
s.r.o.)HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\...\Run: [Steam] 
=> C:\Program Files\Steam\steam.exe [3014224 2016-02-05] (Valve 
Corporation)HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\...\RunOnce: 
[FlashPlayerUpdate] => 
C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe [1163968 
2016-02-04] (Adobe Systems Incorporated)ShellIconOverlayIdentifiers: 
[00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be 
removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 121.1.3.81 
192.168.0.1Tcpip\..\Interfaces\{C4E1DE4D-B1A7-49C4-A018-1C8BC3C6D0CE}: 
[DhcpNameServer] 121.1.3.81 192.168.0.1
Internet Explorer:==================
Chrome:=======CHR Profile: 
C:\Users\comp\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: 
(No Name) - C:\Users\comp\AppData\Local\Google\Chrome\User 
Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the 
registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] 
(AVG Technologies CZ, s.r.o.)R2 avgsvc; C:\Program 
Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, 
s.r.o.)R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] 
(AVG Technologies CZ, s.r.o.)R2 MBAMScheduler; C:\Program Files\Malwarebytes 
Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)R2 
MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 
2015-10-05] (Malwarebytes)S3 WinDefend; C:\Program Files\Windows 
Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the 
registry. The file will not be moved unless listed separately.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2016-01-24] 
(Advanced Micro Devices)R0 amd_xata; 
C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2016-01-24] (Advanced Micro 
Devices)R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 
2015-11-06] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; 
C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG 
Technologies CZ, s.r.o.)R0 AVGIDSHX; 
C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies 
CZ, s.r.o.)R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 
2015-11-20] (AVG Technologies CZ, s.r.o.)R1 Avgldx86; 
C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies 
CZ, s.r.o.)R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 
2015-08-14] (AVG Technologies CZ, s.r.o.)R0 Avgmfx86; 
C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies 
CZ, s.r.o.)R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 
2015-12-04] (AVG Technologies CZ, s.r.o.)R1 Avgtdix; 
C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies 
CZ, s.r.o.)R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 
2016-01-08] (AVG Technologies CZ, s.r.o.)R1 bdfwfpf; C:\Program 
Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] 
(Bitdefender SRL)R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS 
[23840 2016-01-24] (REALiX(tm))R3 MBAMProtector; 
C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)R3 
MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-12] 
(Malwarebytes)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys 
[51928 2015-10-05] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the 
registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-12 12:45 - 2016-02-12 12:45 - 00000000 ____D C:\FRST2016-02-12 
12:43 - 2016-02-12 12:43 - 00002820 _____ 
C:\Users\comp\Desktop\JRT.txt2016-02-12 12:38 - 2016-02-12 12:44 - 00001921 
_____ C:\Users\comp\Desktop\fff.txt2016-02-12 07:14 - 2016-02-12 12:35 - 
00000000 ____D C:\AdwCleaner2016-02-12 07:13 - 2016-02-12 07:14 - 01609032 
_____ (Malwarebytes) C:\Users\comp\Downloads\JRT.exe2016-02-12 07:13 - 
2016-02-12 07:14 - 01508352 _____ 
C:\Users\comp\Downloads\adwcleaner_5.033.exe2016-02-10 11:14 - 2016-02-10 
11:15 - 00000000 ____D C:\Windows\system32\config\mybackup2016-02-09 19:24 - 
2016-02-09 19:24 - 00000000 __SHD C:\found.0012016-02-09 07:04 - 2016-02-12 
10:49 - 00000000 ____D C:\Windows\pss2016-02-08 15:42 - 2016-02-09 23:07 - 
00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC 
TuneUp2016-02-07 19:05 - 2016-02-12 23:08 - 00000000 ____D 
C:\Users\comp\AppData\Roaming\AVG2016-02-07 19:04 - 2016-02-12 23:09 - 
00000000 ____D C:\ProgramData\Microsoft\Windows\Start 
Menu\Programs\AVG2016-02-07 19:04 - 2016-02-07 19:04 - 00000000 ____D 
C:\Users\comp\AppData\Roaming\TuneUp Software2016-02-07 19:03 - 2016-02-07 
19:03 - 00000000 ___HD C:\$AVG2016-02-07 18:55 - 2016-02-12 12:37 - 00000000 
____D C:\ProgramData\MFAData2016-02-07 18:55 - 2016-02-07 18:55 - 00000000 
____D C:\Users\comp\AppData\Local\MFAData2016-02-07 18:46 - 2016-02-12 23:09 
- 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 
Zen2016-02-07 18:46 - 2016-02-07 18:46 - 00000832 _____ 
C:\Users\Public\Desktop\AVG.lnk2016-02-07 18:35 - 2016-02-12 23:08 - 
00000000 ____D C:\ProgramData\Avg2016-02-07 18:35 - 2016-02-12 23:08 - 
00000000 ____D C:\Program Files\AVG2016-02-07 18:24 - 2016-02-09 20:35 - 
00000000 ____D C:\Users\comp\AppData\Local\AvgSetupLog2016-02-07 18:24 - 
2016-02-08 15:41 - 00000000 ____D C:\Users\comp\AppData\Local\Avg2016-02-07 
15:18 - 2016-02-07 15:19 - 02946424 _____ (AVG Technologies CZ, s.r.o.) 
C:\Users\comp\Downloads\AVG_Protection_Free_698.exe2016-02-07 13:52 - 
2012-11-02 14:17 - 00242504 _____ (BitDefender) 
C:\Windows\system32\Drivers\SETEB29.tmp2016-02-07 13:52 - 2009-07-14 23:27 - 
01461992 _____ (Microsoft Corporation) 
C:\Windows\system32\WdfCoInstaller01009.dll2016-02-07 13:24 - 2016-02-07 
18:18 - 00000000 ____D C:\Program Files\Bitdefender2016-02-07 13:23 - 
2016-02-08 16:41 - 00000000 ____D 
C:\Users\comp\AppData\Roaming\QuickScan2016-02-05 07:04 - 2016-02-05 07:04 - 
00000000 ____D C:\Program Files\CPUID2016-02-05 05:38 - 2016-02-05 05:38 - 
00000000 ____D C:\Users\comp\AppData\Roaming\Macromedia2016-02-05 05:34 - 
2016-02-05 05:34 - 00000000 ____D 
C:\Users\comp\AppData\Roaming\Adobe2016-02-04 18:58 - 2016-02-12 12:37 - 
00170200 _____ (Malwarebytes) 
C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-02-04 18:57 - 2016-02-12 
23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start 
Menu\Programs\Malwarebytes Anti-Malware2016-02-04 18:57 - 2016-02-04 18:57 - 
00001064 _____ C:\Users\Public\Desktop\Malwarebytes 
Anti-Malware.lnk2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 ____D 
C:\ProgramData\Malwarebytes2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 
____D C:\Program Files\Malwarebytes Anti-Malware2016-02-04 18:57 - 
2015-10-05 09:50 - 00094936 _____ (Malwarebytes) 
C:\Windows\system32\Drivers\mbamchameleon.sys2016-02-04 18:57 - 2015-10-05 
09:50 - 00051928 _____ (Malwarebytes Corporation) 
C:\Windows\system32\Drivers\mwac.sys2016-02-04 18:57 - 2015-10-05 09:50 - 
00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys2016-02-04 
18:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_7.dll2016-02-04 18:51 - 2010-06-02 04:55 - 
00239960 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_7.dll2016-02-04 18:51 - 2010-06-02 04:55 - 
00074072 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_5.dll2016-02-04 18:51 - 2010-05-26 11:41 - 
02106216 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_43.dll2016-02-04 18:51 - 2010-05-26 11:41 - 
01998168 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_43.dll2016-02-04 18:51 - 2010-05-26 11:41 - 
01868128 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dcsx_43.dll2016-02-04 18:51 - 2010-05-26 11:41 - 
00470880 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_43.dll2016-02-04 18:51 - 2010-05-26 11:41 - 
00248672 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx11_43.dll2016-02-04 18:51 - 2010-02-04 10:01 - 
00528216 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_6.dll2016-02-04 18:51 - 2010-02-04 10:01 - 
00238936 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_6.dll2016-02-04 18:51 - 2010-02-04 10:01 - 
00074072 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_4.dll2016-02-04 18:51 - 2010-02-04 10:01 - 
00022360 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_7.dll2016-02-04 18:51 - 2009-09-04 17:44 - 
00515416 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_5.dll2016-02-04 18:51 - 2009-09-04 17:44 - 
00238936 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_5.dll2016-02-04 18:51 - 2009-09-04 17:44 - 
00069464 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_3.dll2016-02-04 18:51 - 2009-09-04 17:29 - 
05501792 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dcsx_42.dll2016-02-04 18:51 - 2009-09-04 17:29 - 
01974616 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_42.dll2016-02-04 18:51 - 2009-09-04 17:29 - 
01892184 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_42.dll2016-02-04 18:51 - 2009-09-04 17:29 - 
00453456 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_42.dll2016-02-04 18:51 - 2009-09-04 17:29 - 
00235344 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx11_42.dll2016-02-04 18:51 - 2009-03-16 14:18 - 
00517448 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_4.dll2016-02-04 18:51 - 2009-03-16 14:18 - 
00235352 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_4.dll2016-02-04 18:51 - 2009-03-16 14:18 - 
00022360 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_6.dll2016-02-04 18:51 - 2009-03-09 15:27 - 
04178264 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_41.dll2016-02-04 18:51 - 2009-03-09 15:27 - 
01846632 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_41.dll2016-02-04 18:51 - 2009-03-09 15:27 - 
00453456 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_41.dll2016-02-04 18:51 - 2008-10-27 10:04 - 
00514384 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_3.dll2016-02-04 18:51 - 2008-10-27 10:04 - 
00235856 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_3.dll2016-02-04 18:51 - 2008-10-27 10:04 - 
00070992 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_2.dll2016-02-04 18:51 - 2008-10-27 10:04 - 
00023376 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_5.dll2016-02-04 18:51 - 2008-10-15 06:22 - 
04379984 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_40.dll2016-02-04 18:51 - 2008-10-15 06:22 - 
02036576 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_40.dll2016-02-04 18:51 - 2008-10-15 06:22 - 
00452440 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_40.dll2016-02-04 18:51 - 2008-07-31 10:41 - 
00238088 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_2.dll2016-02-04 18:51 - 2008-07-31 10:41 - 
00068616 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_1.dll2016-02-04 18:51 - 2008-07-31 10:40 - 
00509448 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_2.dll2016-02-04 18:51 - 2008-07-10 11:01 - 
00467984 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_39.dll2016-02-04 18:51 - 2008-07-10 11:00 - 
03851784 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_39.dll2016-02-04 18:51 - 2008-07-10 11:00 - 
01493528 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_39.dll2016-02-04 18:51 - 2008-05-30 14:19 - 
00507400 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_1.dll2016-02-04 18:51 - 2008-05-30 14:18 - 
00238088 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_1.dll2016-02-04 18:51 - 2008-05-30 14:17 - 
00065032 _____ (Microsoft Corporation) 
C:\Windows\system32\XAPOFX1_0.dll2016-02-04 18:51 - 2008-05-30 14:17 - 
00025608 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_4.dll2016-02-04 18:51 - 2008-05-30 14:11 - 
03850760 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_38.dll2016-02-04 18:51 - 2008-05-30 14:11 - 
01491992 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_38.dll2016-02-04 18:51 - 2008-05-30 14:11 - 
00467984 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_38.dll2016-02-04 18:51 - 2008-03-05 16:03 - 
00479752 _____ (Microsoft Corporation) 
C:\Windows\system32\XAudio2_0.dll2016-02-04 18:51 - 2008-03-05 16:03 - 
00238088 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine3_0.dll2016-02-04 18:51 - 2008-03-05 16:00 - 
00025608 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_3.dll2016-02-04 18:51 - 2008-03-05 15:56 - 
03786760 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DX9_37.dll2016-02-04 18:51 - 2008-03-05 15:56 - 
01420824 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_37.dll2016-02-04 18:51 - 2008-02-05 23:07 - 
00462864 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_37.dll2016-02-04 18:51 - 2007-10-22 03:39 - 
00267272 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_10.dll2016-02-04 18:51 - 2007-10-22 03:37 - 
00017928 _____ (Microsoft Corporation) 
C:\Windows\system32\X3DAudio1_2.dll2016-02-04 18:51 - 2007-10-12 15:14 - 
03734536 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_36.dll2016-02-04 18:51 - 2007-10-12 15:14 - 
01374232 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_36.dll2016-02-04 18:51 - 2007-10-02 09:56 - 
00444776 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_36.dll2016-02-04 18:51 - 2007-07-20 00:57 - 
00267112 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_9.dll2016-02-04 18:51 - 2007-07-19 18:14 - 
03727720 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_35.dll2016-02-04 18:51 - 2007-07-19 18:14 - 
01358192 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_35.dll2016-02-04 18:51 - 2007-07-19 18:14 - 
00444776 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_35.dll2016-02-04 18:51 - 2007-06-20 20:46 - 
00266088 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_8.dll2016-02-04 18:51 - 2007-05-16 16:45 - 
03497832 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_34.dll2016-02-04 18:51 - 2007-05-16 16:45 - 
01124720 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_34.dll2016-02-04 18:51 - 2007-05-16 16:45 - 
00443752 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_34.dll2016-02-04 18:51 - 2007-04-04 18:55 - 
00261480 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_7.dll2016-02-04 18:51 - 2007-04-04 18:53 - 
00081768 _____ (Microsoft Corporation) 
C:\Windows\system32\xinput1_3.dll2016-02-04 18:51 - 2007-03-15 16:57 - 
00443752 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10_33.dll2016-02-04 18:51 - 2007-03-12 16:42 - 
03495784 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_33.dll2016-02-04 18:51 - 2007-03-12 16:42 - 
01123696 _____ (Microsoft Corporation) 
C:\Windows\system32\D3DCompiler_33.dll2016-02-04 18:51 - 2007-03-05 12:42 - 
00015128 _____ (Microsoft Corporation) 
C:\Windows\system32\x3daudio1_1.dll2016-02-04 18:51 - 2007-01-24 15:27 - 
00255848 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_6.dll2016-02-04 18:51 - 2006-12-08 12:02 - 
00251672 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_5.dll2016-02-04 18:51 - 2006-11-29 13:06 - 
03426072 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_32.dll2016-02-04 18:51 - 2006-11-29 13:06 - 
00440080 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx10.dll2016-02-04 18:51 - 2006-09-28 16:05 - 02414360 
_____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll2016-02-04 
18:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_4.dll2016-02-04 18:51 - 2006-07-28 09:30 - 
00236824 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_3.dll2016-02-04 18:51 - 2006-07-28 09:30 - 
00062744 _____ (Microsoft Corporation) 
C:\Windows\system32\xinput1_2.dll2016-02-04 18:51 - 2006-05-31 07:24 - 
00230168 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_2.dll2016-02-04 18:51 - 2006-03-31 12:40 - 
02388176 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_30.dll2016-02-04 18:51 - 2006-03-31 12:39 - 
00229584 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_1.dll2016-02-04 18:51 - 2006-03-31 12:39 - 
00062672 _____ (Microsoft Corporation) 
C:\Windows\system32\xinput1_1.dll2016-02-04 18:51 - 2006-02-03 08:43 - 
02332368 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_29.dll2016-02-04 18:51 - 2006-02-03 08:42 - 
00230096 _____ (Microsoft Corporation) 
C:\Windows\system32\xactengine2_0.dll2016-02-04 18:51 - 2006-02-03 08:41 - 
00014032 _____ (Microsoft Corporation) 
C:\Windows\system32\x3daudio1_0.dll2016-02-04 18:51 - 2005-12-05 18:09 - 
02323664 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_28.dll2016-02-04 18:51 - 2005-07-22 19:59 - 
02319568 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_27.dll2016-02-04 18:51 - 2005-05-26 15:34 - 
02297552 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_26.dll2016-02-04 18:51 - 2005-03-18 17:19 - 
02337488 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_25.dll2016-02-04 18:51 - 2005-02-05 19:45 - 
02222800 _____ (Microsoft Corporation) 
C:\Windows\system32\d3dx9_24.dll2016-02-04 18:48 - 2016-02-12 07:14 - 
00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2016-02-04 
18:48 - 2016-02-04 18:48 - 00796864 _____ (Adobe Systems Incorporated) 
C:\Windows\system32\FlashPlayerApp.exe2016-02-04 18:48 - 2016-02-04 18:48 - 
00142528 _____ (Adobe Systems Incorporated) 
C:\Windows\system32\FlashPlayerCPLApp.cpl2016-02-04 18:48 - 2016-02-04 18:48 
- 00000000 ____D C:\Windows\system32\Macromed2016-02-04 18:44 - 2016-02-04 
18:44 - 00000000 ____D C:\ProgramData\Package Cache2016-01-31 20:39 - 
2016-01-31 20:39 - 00000000 __RSH C:\MSDOS.SYS2016-01-31 20:39 - 2016-01-31 
20:39 - 00000000 __RSH C:\IO.SYS2016-01-31 06:07 - 2016-01-30 18:56 - 
00026096 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCD54.tmp2016-01-31 06:07 - 2016-01-30 18:19 - 
00812208 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCD64.tmp2016-01-31 06:07 - 2016-01-30 18:19 - 
00449384 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCDD6.tmp2016-01-31 06:07 - 2016-01-30 18:19 - 
00081168 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCD96.tmp2016-01-31 06:07 - 2016-01-30 18:18 - 
00209432 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCDE7.tmp2016-01-31 06:07 - 2016-01-30 18:18 - 
00117712 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCDF8.tmp2016-01-31 06:07 - 2016-01-30 18:18 - 
00081728 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCD75.tmp2016-01-31 06:07 - 2016-01-30 18:18 - 
00049776 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCDC6.tmp2016-01-31 06:07 - 2016-01-30 18:18 - 
00024016 _____ (AVAST Software) 
C:\Windows\system32\Drivers\aswCD85.tmp2016-01-31 00:29 - 2016-01-31 00:29 - 
00007602 _____ C:\Users\comp\AppData\Local\Resmon.ResmonCfg2016-01-30 21:08 
- 2016-01-30 21:08 - 00000000 ____D C:\Users\comp\AppData\Local\AVAST 
Software2016-01-30 18:58 - 2016-01-30 18:58 - 00001118 _____ 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 
Browser.lnk2016-01-30 18:56 - 2016-01-30 18:19 - 00812208 _____ (AVAST 
Software) C:\Windows\system32\Drivers\asw1418.tmp2016-01-30 18:56 - 
2016-01-30 18:19 - 00449384 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw1749.tmp2016-01-30 18:56 - 2016-01-30 18:19 - 
00081168 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw167C.tmp2016-01-30 18:56 - 2016-01-30 18:18 - 
00209432 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw1843.tmp2016-01-30 18:56 - 2016-01-30 18:18 - 
00117712 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw18B1.tmp2016-01-30 18:56 - 2016-01-30 18:18 - 
00081728 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw15FD.tmp2016-01-30 18:56 - 2016-01-30 18:18 - 
00049776 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw16EA.tmp2016-01-30 18:56 - 2016-01-30 18:18 - 
00024016 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw165C.tmp2016-01-25 21:05 - 2016-01-25 21:05 - 
00000000 ____D C:\Users\comp\AppData\Local\AMD2016-01-25 07:54 - 2016-02-08 
16:48 - 00000000 __SHD C:\found.0002016-01-24 09:03 - 2016-02-10 12:28 - 
00000000 ____D C:\Windows\Minidump2016-01-24 02:26 - 2016-01-26 10:51 - 
00000000 ____D C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start 
Menu\Programs\Steam2016-01-24 02:26 - 2016-01-24 02:26 - 00000213 _____ 
C:\Users\comp\Desktop\Dota 2.url2016-01-24 02:03 - 2016-01-24 01:57 - 
00812208 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2C39.tmp2016-01-24 02:03 - 2016-01-24 01:57 - 
00449384 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D86.tmp2016-01-24 02:03 - 2016-01-24 01:57 - 
00081168 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D65.tmp2016-01-24 02:03 - 2016-01-24 01:56 - 
00209432 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D87.tmp2016-01-24 02:03 - 2016-01-24 01:56 - 
00117712 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2DA7.tmp2016-01-24 02:03 - 2016-01-24 01:56 - 
00081728 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D44.tmp2016-01-24 02:03 - 2016-01-24 01:56 - 
00049776 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D75.tmp2016-01-24 02:03 - 2016-01-24 01:56 - 
00024016 _____ (AVAST Software) 
C:\Windows\system32\Drivers\asw2D54.tmp2016-01-24 01:56 - 2016-02-07 19:04 - 
00000000 ____D C:\Program Files\Common Files\AV2016-01-24 01:55 - 2016-01-31 
14:29 - 00000000 ____D C:\Users\comp\AppData\Local\Steam2016-01-24 01:55 - 
2016-01-24 01:55 - 00000000 ____D C:\Users\comp\AppData\Local\CEF2016-01-24 
01:45 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) 
C:\Windows\system32\MpSigStub.exe2016-01-24 01:29 - 2016-02-12 12:37 - 
00000000 ____D C:\Program Files\Steam2016-01-24 01:29 - 2016-02-08 10:22 - 
00000000 ____D C:\Program Files\Common Files\Steam2016-01-24 01:29 - 
2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start 
Menu\Programs\Steam2016-01-24 01:29 - 2016-01-24 01:29 - 00000925 _____ 
C:\Users\Public\Desktop\Steam.lnk2016-01-24 01:04 - 2016-02-12 12:36 - 
00065536 _____ C:\Windows\system32\spu_storage.bin2016-01-24 01:00 - 
2016-01-24 01:00 - 00000000 _____ C:\Windows\ativpsrm.bin2016-01-24 00:59 - 
2016-01-24 17:26 - 00000000 ____D C:\Windows\system32\DAX22016-01-24 00:59 - 
2016-01-24 00:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl2016-01-24 
00:58 - 2016-01-24 01:59 - 00000000 ____D 
C:\Windows\system32\RTCOM2016-01-24 00:58 - 2016-01-24 00:58 - 72203792 
_____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat2016-01-24 
00:58 - 2016-01-24 00:58 - 13798184 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioRealtek.dll2016-01-24 00:58 - 2016-01-24 00:58 
- 12014440 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxVoiceAPO30.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
11922512 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxVoiceAPO40.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
07170872 _____ (Dolby Laboratories) 
C:\Windows\system32\R4EEP32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
07053696 _____ (Dolby Laboratories) 
C:\Windows\system32\DDPP32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat2016-01-24 00:58 - 
2016-01-24 00:58 - 05132496 _____ (Nahimic Inc) 
C:\Windows\system32\NAHIMICV2apo.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
04763576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 04236168 _____ (Dolby Laboratories) 
C:\Windows\system32\DolbyDAX2APOv211.dll2016-01-24 00:58 - 2016-01-24 00:58 
- 04005405 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT2016-01-24 00:58 - 
2016-01-24 00:58 - 03629312 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\Drivers\RTKVHDA.sys2016-01-24 00:58 - 2016-01-24 00:58 - 
02895632 _____ (Fortemedia Corporation) 
C:\Windows\system32\FMAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 02826496 
_____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RTSndMgr.cpl2016-01-24 00:58 - 2016-01-24 00:58 - 
02702592 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RtkPgExt.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
02610208 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RltkAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
02424264 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RtkApoApi.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
02400312 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO70.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01983096 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RtkCoInstII.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01948808 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioEQ.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01832072 _____ (Waves Audio Ltd.) 
C:\Windows\system32\WavesGUILib.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01816352 _____ (Dolby Laboratories) 
C:\Windows\system32\DolbyDAX2APOv201.dll2016-01-24 00:58 - 2016-01-24 00:58 
- 01791808 _____ (Waves Audio Ltd.) 
C:\Windows\system32\WavesLib.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01531680 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll2016-01-24 00:58 
- 2016-01-24 00:58 - 01515176 _____ (Conexant Systems Inc.) 
C:\Windows\system32\CX32APO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01512320 _____ (Dolby Laboratories) 
C:\Windows\system32\DDPD32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01400808 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tosade.dll2016-01-24 00:58 - 2016-01-24 00:58 - 01313128 
_____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 01239808 _____ (DTS) 
C:\Windows\system32\DTSBoostDLL.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01180352 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO60.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01074056 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 01039224 _____ (SRS Labs, Inc.) 
C:\Windows\system32\slcnt32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
01028016 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO50.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00990792 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO40.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00965680 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxSpeechAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00954200 _____ (Nahimic Inc) 
C:\Windows\system32\NahimicAPONSControl.dll2016-01-24 00:58 - 2016-01-24 
00:58 - 00936624 _____ (Sony Corporation) 
C:\Windows\system32\SFSS_APO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00883376 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll2016-01-24 00:58 
- 2016-01-24 00:58 - 00868464 _____ (Sony Corporation) 
C:\Windows\system32\MISS_APO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00863608 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tossaeapo32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00860520 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tadefxapo2.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00858264 _____ (Dolby Laboratories) 
C:\Windows\system32\DolbyDAX2APOProp.dll2016-01-24 00:58 - 2016-01-24 00:58 
- 00834328 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxVoiceAPO20.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00799016 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPOShell.dll2016-01-24 00:58 - 2016-01-24 00:58 
- 00786352 _____ (Sound Research, Corp.) 
C:\Windows\system32\SEHDRA32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00669592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00645824 _____ (DTS) 
C:\Windows\system32\DTSSymmetryDLL.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00625000 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll2016-01-24 00:58 
- 2016-01-24 00:58 - 00615872 _____ (DTS) 
C:\Windows\system32\DTSVoiceClarityDLL.dll2016-01-24 00:58 - 2016-01-24 
00:58 - 00589080 _____ (Sound Research, Corp.) 
C:\Windows\system32\SECOMN32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00575936 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tosasfapo32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00532896 _____ (Andrea Electronics Corporation) 
C:\Windows\system32\AERTACap.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00522712 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxVolumeSDAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00522712 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO30.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00471288 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00439608 _____ (DTS) 
C:\Windows\system32\DTSU2PLFX32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00415872 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00402072 _____ (DTS) 
C:\Windows\system32\DTSGainCompensatorDLL.dll2016-01-24 00:58 - 2016-01-24 
00:58 - 00401056 _____ (Synopsys, Inc.) 
C:\Windows\system32\SRAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 00387624 
_____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00384520 _____ (Sound Research, Corp.) 
C:\Windows\system32\SEAPO32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00371816 _____ (Dolby Laboratories, Inc.) 
C:\Windows\system32\RTEEP32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00369792 _____ (Knowles Acoustics ) 
C:\Windows\system32\KAAPORT.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00364024 _____ (Dolby Laboratories) 
C:\Windows\system32\R4EED32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00357992 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00357160 _____ (SRS Labs, Inc.) 
C:\Windows\system32\SRSTSXT.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00308064 _____ (ICEpower a/s) 
C:\Windows\system32\ICEsoundAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00307240 _____ (Dolby Laboratories, Inc.) 
C:\Windows\system32\RP3DHT32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00307240 _____ (Dolby Laboratories, Inc.) 
C:\Windows\system32\RP3DAA32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00302744 _____ (Dolby Laboratories) 
C:\Windows\system32\HiFiDAX2API.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00285632 _____ (Dolby Laboratories) 
C:\Windows\system32\DDPO32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00243864 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO20.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00232424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00231880 _____ (TODO: <Company name>) 
C:\Windows\system32\slprp32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00230912 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tossaemaxapo32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00229592 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00229584 _____ (DTS) 
C:\Windows\system32\DTSGFXAPONS.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00229040 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00225048 _____ (Synopsys, Inc.) 
C:\Windows\system32\SFNHK.dll2016-01-24 00:58 - 2016-01-24 00:58 - 00197440 
_____ C:\Windows\system32\AcpiServiceVnA.dll2016-01-24 00:58 - 2016-01-24 
00:58 - 00196008 _____ (SRS Labs, Inc.) 
C:\Windows\system32\SRSTSHD.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00183616 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00181232 _____ (Dolby Laboratories, Inc.) 
C:\Windows\system32\RTEED32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00151920 _____ (TOSHIBA Corporation) 
C:\Windows\system32\toseaeapo32.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00150560 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00144688 _____ (TOSHIBA Corporation) 
C:\Windows\system32\tadefxapo.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00142328 _____ (Waves Audio Ltd.) 
C:\Windows\system32\MaxxAudioAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00116648 _____ (Dolby Laboratories) 
C:\Windows\system32\R4EEL32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00105656 _____ (Andrea Electronics Corporation) 
C:\Windows\system32\AERTARen.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00101624 _____ (Dolby Laboratories) 
C:\Windows\system32\R4EEA32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00101336 _____ (Real Sound Lab SIA) 
C:\Windows\system32\CONEQMSAPOGUILibrary.dll2016-01-24 00:58 - 2016-01-24 
00:58 - 00096608 _____ C:\Windows\system32\audioLibVc.dll2016-01-24 00:58 - 
2016-01-24 00:58 - 00088280 _____ (Dolby Laboratories, Inc.) 
C:\Windows\system32\RTEEL32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00083648 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00078488 _____ (Synopsys, Inc.) 
C:\Windows\system32\SFAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 00074384 
_____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll2016-01-24 
00:58 - 2016-01-24 00:58 - 00071712 _____ (Dolby Laboratories) 
C:\Windows\system32\R4EEG32A.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00067752 _____ (TOSHIBA CORPORATION.) 
C:\Windows\system32\TepeqAPO.dll2016-01-24 00:58 - 2016-01-24 00:58 - 
00022160 _____ (Realtek Semiconductor Corp.) 
C:\Windows\system32\RtkCoLDR.dll2016-01-24 00:56 - 2016-01-24 17:26 - 
00000000 ____D C:\Users\comp\Desktop\Thank you2016-01-24 00:48 - 2016-01-24 
17:26 - 00000000 ____D C:\Program Files\Common Files\ATI 
Technologies2016-01-24 00:48 - 2016-01-24 00:48 - 39712768 _____ (Advanced 
Micro Devices Inc.) C:\Windows\system32\amdocl.dll2016-01-24 00:48 - 
2016-01-24 00:48 - 25052160 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\atioglxx.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
22318592 _____ (Advanced Micro Devices Inc.) 
C:\Windows\system32\amdocl12cl.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
19581440 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\Drivers\atikmdag.sys2016-01-24 00:48 - 2016-01-24 00:48 
- 14302208 _____ (Advanced Micro Devices Inc.) 
C:\Windows\system32\aticaldd.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
09468448 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atidxx32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
07898704 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atiumdva.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
07167416 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atiumdag.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
05129728 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\amdmantle32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
03471376 _____ C:\Windows\system32\atiumdva.cap2016-01-24 00:48 - 2016-01-24 
00:48 - 01194928 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\aticfx32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00995342 _____ C:\Windows\system32\amdocl_as32.exe2016-01-24 00:48 - 
2016-01-24 00:48 - 00934400 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\atiadlxx.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00842001 _____ C:\Windows\system32\amdicdxx.dat2016-01-24 00:48 - 2016-01-24 
00:48 - 00798734 _____ C:\Windows\system32\amdocl_ld32.exe2016-01-24 00:48 - 
2016-01-24 00:48 - 00737410 _____ C:\Windows\system32\atiicdxx.dat2016-01-24 
00:48 - 2016-01-24 00:48 - 00669696 _____ (AMD) 
C:\Windows\system32\coinst_15.20.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00662456 _____ C:\Windows\system32\atiapfxx.blb2016-01-24 00:48 - 2016-01-24 
00:48 - 00564224 _____ (AMD) C:\Windows\system32\atieclxx.exe2016-01-24 
00:48 - 2016-01-24 00:48 - 00442368 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\atidemgy.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00385536 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\atiapfxx.exe2016-01-24 00:48 - 2016-01-24 00:48 - 
00370688 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\Drivers\atikmpag.sys2016-01-24 00:48 - 2016-01-24 00:48 
- 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat2016-01-24 00:48 - 
2016-01-24 00:48 - 00321200 _____ 
C:\Windows\system32\ativvaxy_vi_nd.dat2016-01-24 00:48 - 2016-01-24 00:48 - 
00294912 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\ATIODE.exe2016-01-24 00:48 - 2016-01-24 00:48 - 00259072 
_____ (AMD) C:\Windows\system32\atiesrxx.exe2016-01-24 00:48 - 2016-01-24 
00:48 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat2016-01-24 
00:48 - 2016-01-24 00:48 - 00250884 _____ 
C:\Windows\system32\ativvaxy_FJ.dat2016-01-24 00:48 - 2016-01-24 00:48 - 
00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat2016-01-24 00:48 - 
2016-01-24 00:48 - 00234420 _____ 
C:\Windows\system32\ativvaxy_cik.dat2016-01-24 00:48 - 2016-01-24 00:48 - 
00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat2016-01-24 00:48 - 
2016-01-24 00:48 - 00204952 _____ C:\Windows\system32\ativvsvl.dat2016-01-24 
00:48 - 2016-01-24 00:48 - 00203776 _____ 
C:\Windows\system32\clinfo.exe2016-01-24 00:48 - 2016-01-24 00:48 - 00201216 
_____ C:\Windows\system32\amdgfxinfo32.dll2016-01-24 00:48 - 2016-01-24 
00:48 - 00189440 _____ C:\Windows\system32\atieah32.exe2016-01-24 00:48 - 
2016-01-24 00:48 - 00177344 _____ C:\Windows\system32\ativce03.dat2016-01-24 
00:48 - 2016-01-24 00:48 - 00175648 _____ 
C:\Windows\system32\amde31a.dat2016-01-24 00:48 - 2016-01-24 00:48 - 
00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll2016-01-24 00:48 - 
2016-01-24 00:48 - 00158208 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atigktxx.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00157144 _____ C:\Windows\system32\ativvsva.dat2016-01-24 00:48 - 2016-01-24 
00:48 - 00142848 _____ C:\Windows\system32\hsa-thunk.dll2016-01-24 00:48 - 
2016-01-24 00:48 - 00140240 _____ 
C:\Windows\system32\samu_krnl_ci.sbin2016-01-24 00:48 - 2016-01-24 00:48 - 
00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin2016-01-24 00:48 - 
2016-01-24 00:48 - 00136624 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atiuxpag.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00125288 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\amdhcp32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00123240 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atiu9pag.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00120656 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\amdave32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00117760 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\mantle32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00101376 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atisamu32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00100816 _____ C:\Windows\system32\ativce02.dat2016-01-24 00:48 - 2016-01-24 
00:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atimpc32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00092328 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\amdpcom32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00090624 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\atiglpxx.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00089600 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\mantleaxl32.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00059392 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll2016-01-24 
00:48 - 2016-01-24 00:48 - 00052224 _____ (Advanced Micro Devices Inc.) 
C:\Windows\system32\aticalrt.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00049152 _____ (Advanced Micro Devices Inc.) 
C:\Windows\system32\aticalcl.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00047664 _____ C:\Windows\system32\kapp_ci.sbin2016-01-24 00:48 - 2016-01-24 
00:48 - 00045056 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\ATIODCLI.exe2016-01-24 00:48 - 2016-01-24 00:48 - 
00043536 _____ C:\Windows\system32\kapp_si.sbin2016-01-24 00:48 - 2016-01-24 
00:48 - 00043520 _____ (Advanced Micro Devices, Inc.) 
C:\Windows\system32\Drivers\ati2erec.dll2016-01-24 00:48 - 2016-01-24 00:48 
- 00038400 _____ (Advanced Micro Devices, Inc. ) 
C:\Windows\system32\amdmmcl.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00029184 _____ (AMD) C:\Windows\system32\atimuixx.dll2016-01-24 00:48 - 
2016-01-24 00:48 - 00004096 _____ (Microsoft Corporation) 
C:\Windows\system32\detoured.dll2016-01-24 00:48 - 2016-01-24 00:48 - 
00000000 ____D C:\Program Files\AMD2016-01-24 00:41 - 2016-01-24 00:41 - 
00073928 _____ (Advanced Micro Devices) 
C:\Windows\system32\Drivers\amd_sata.sys2016-01-24 00:41 - 2016-01-24 00:41 
- 00036040 _____ (Advanced Micro Devices) 
C:\Windows\system32\Drivers\amd_xata.sys2016-01-24 00:40 - 2016-01-24 00:40 
- 00095808 _____ (Advanced Micro Devices) 
C:\Windows\system32\DelayAPO.dll2016-01-24 00:40 - 2016-01-24 00:40 - 
00087576 _____ (Advanced Micro Devices) 
C:\Windows\system32\Drivers\AtihdW73.sys2016-01-24 00:39 - 2016-01-24 00:39 
- 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) 
C:\Windows\system32\Drivers\ssudbus.sys2016-01-24 00:36 - 2016-01-24 00:36 - 
00769280 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys2016-01-24 
00:36 - 2016-01-24 00:36 - 00109648 _____ (Realtek Semiconductor Corporation) 
C:\Windows\system32\RTNUninst32.dll2016-01-24 00:36 - 2016-01-24 00:36 - 
00085616 _____ (Realtek Semiconductor Corporation) 
C:\Windows\system32\RtNicProp32.dll2016-01-24 00:34 - 2016-02-12 12:42 - 
00000000 ____D C:\Users\comp\AppData\Roaming\IObit2016-01-24 00:34 - 
2016-02-12 12:42 - 00000000 ____D C:\ProgramData\IObit2016-01-24 00:34 - 
2016-02-12 12:42 - 00000000 ____D C:\Program Files\IObit2016-01-24 00:34 - 
2016-02-01 06:56 - 00000000 ____D 
C:\Users\comp\AppData\LocalLow\IObit2016-01-24 00:34 - 2016-01-26 10:51 - 
00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver 
Booster 32016-01-24 00:34 - 2016-01-24 00:34 - 00023840 _____ (REALiX(tm)) 
C:\Windows\system32\Drivers\HWiNFO32.SYS2016-01-24 00:34 - 2016-01-24 00:34 
- 00000000 ____D C:\Windows\Tasks\ImCleanDisabled2016-01-24 00:20 - 
2016-01-24 17:25 - 00000000 ____D C:\Users\comp\AppData\Local\Microsoft 
Games2016-01-24 00:12 - 2016-01-24 00:12 - 00031832 _____ (Phoenix 
Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys2016-01-23 23:54 - 
2016-01-23 23:54 - 00000000 ____H 
C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf2016-01-23 16:47 
- 2016-01-31 15:19 - 00000000 ____D C:\ProgramData\AVAST Software2016-01-23 
16:43 - 2016-01-25 20:01 - 00000000 ____D 
C:\Users\comp\AppData\Local\Deployment2016-01-23 16:43 - 2016-01-25 20:01 - 
00000000 ____D C:\Users\comp\AppData\Local\Apps\2.02016-01-23 16:43 - 
2016-01-24 01:11 - 00000000 ____D 
C:\Users\comp\AppData\Local\Google2016-01-23 16:43 - 2016-01-24 01:11 - 
00000000 ____D C:\Program Files\Google2016-01-23 16:39 - 2016-01-24 17:26 - 
00000000 ____D C:\Program Files\Realtek2016-01-23 16:39 - 2016-01-23 16:39 - 
00000000 ___HD C:\Program Files\InstallShield Installation 
Information2016-01-23 16:03 - 2016-01-23 16:03 - 00057560 _____ 
C:\Users\comp\AppData\Local\GDIPFONTCACHEV1.DAT2016-01-23 16:03 - 2016-01-23 
16:03 - 00000000 ____H 
C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf2016-01-23 15:22 - 
2016-01-23 16:18 - 00000000 ____D 
C:\Users\comp\AppData\Local\ElevatedDiagnostics2016-01-23 15:12 - 2016-02-07 
22:52 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI2016-01-23 
15:08 - 2016-01-23 15:08 - 00001417 _____ 
C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet 
Explorer.lnk2016-01-23 15:07 - 2016-02-12 23:09 - 00000000 ____D 
C:\Users\comp\AppData\Local\VirtualStore2016-01-23 15:07 - 2016-02-12 07:10 
- 00000000 ____D C:\Users\comp2016-01-23 15:07 - 2016-01-23 15:07 - 00000020 
___SH C:\Users\comp\ntuser.ini2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 
_SHDL C:\Users\comp\My Documents2016-01-23 15:07 - 2016-01-23 15:07 - 
00000000 _SHDL C:\Users\comp\Documents\My Videos2016-01-23 15:07 - 
2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My 
Pictures2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL 
C:\Users\comp\Documents\My Music2016-01-22 15:13 - 2016-01-22 15:13 - 
00198576 _____ (AVG Technologies CZ, s.r.o.) 
C:\Windows\system32\Drivers\avgmfx86.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-12 23:09 - 2009-07-14 12:52 - 00000000 ____D C:\Program Files\Windows 
Sidebar2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D 
C:\Windows\registration2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D 
C:\Windows\inf2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D 
C:\Windows\AppCompat2016-02-12 23:08 - 2009-07-14 10:37 - 00000000 ____D 
C:\Windows\system32\sysprep2016-02-12 12:44 - 2009-07-14 12:34 - 00017536 
____H 
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02016-02-12 
12:44 - 2009-07-14 12:34 - 00017536 ____H 
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02016-02-12 
12:37 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-02-07 
22:35 - 2009-07-14 07:47 - 12866560 _____ (Microsoft Corporation) 
C:\Windows\system32\shell32.dll2016-01-31 22:03 - 2009-07-14 10:37 - 
00000000 ____D C:\Program Files\Common Files\microsoft shared2016-01-31 
15:15 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\NDF2016-01-26 
10:51 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\MUI2016-01-24 
17:26 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\security2016-01-24 
07:05 - 2009-07-14 12:33 - 00257736 _____ 
C:\Windows\system32\FNTCACHE.DAT2016-01-24 07:02 - 2009-07-14 12:52 - 
00028672 _____ C:\Windows\system32\config\BCD-Template2016-01-24 01:29 - 
2009-07-14 12:53 - 00011104 _____ C:\Windows\Tasks\SCHEDLGU.TXT2016-01-23 
16:33 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\tracing2016-01-23 15:07 
- 2009-07-14 12:34 - 00000000 ____D C:\Windows\Setup2016-01-23 15:07 - 
2009-07-14 10:37 - 00000000 ____D C:\Windows\rescache
==================== Files in the root of some directories =======
2016-01-31 00:29 - 2016-01-31 00:29 - 0007602 _____ () 
C:\Users\comp\AppData\Local\Resmon.ResmonCfg2016-01-24 00:59 - 2016-01-24 
00:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in 
TEMP:====================C:\Users\comp\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally 
signedC:\Windows\system32\winlogon.exe => File is digitally 
signedC:\Windows\system32\wininit.exe => File is digitally 
signedC:\Windows\system32\svchost.exe => File is digitally 
signedC:\Windows\system32\services.exe => File is digitally 
signedC:\Windows\system32\User32.dll => File is digitally 
signedC:\Windows\system32\userinit.exe => File is digitally 
signedC:\Windows\system32\rpcss.dll => File is digitally 
signedC:\Windows\system32\dnsapi.dll => File is digitally 
signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally 
signed
LastRegBack: 2016-02-11 19:44
==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by comp (2016-02-12 12:46:25)
Running from C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4G99A7X
Microsoft Windows 7 Home Basic  (X86) (2016-01-23 07:07:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1597179411-2372084101-3668902816-500 - Administrator - Disabled)
comp (S-1-5-21-1597179411-2372084101-3668902816-1000 - Administrator - Enabled) => C:\Users\comp
Guest (S-1-5-21-1597179411-2372084101-3668902816-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Driver Booster 3.2 (HKLM\...\Driver Booster_is1) (Version: 3.2 - IObit)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1597179411-2372084101-3668902816-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\comp\AppData\Local\Torch\Application\45.0.0.10802\delegate_execute.exe" => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15BE16E0-9A1C-4C9D-AD36-8C0450AA4A79} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-24] (AVAST Software)
Task: {57AB1A14-DB9C-4C91-A4EC-5E96876F69C5} - System32\Tasks\SafeZone scheduled Autoupdate 1454151524 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {5E80B004-C143-4B38-87E1-48B2FCDEF5D6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1597179411-2372084101-3668902816-1000
Task: {677EEFA3-A2CE-4BD3-9481-5D71E791A08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\comp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 121.1.3.81 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80795403-1DEB-4582-B07F-8EAF58C7924A}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{B49DBE99-2EAF-4A6F-958C-29A6197FCED5}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{D05B9921-AA61-4CC6-B2C2-D52231B26973}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{C4DA7E43-9BBD-459B-9499-0320852E073E}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2A87CF92-E1E2-48F5-8C94-59808CBD4419}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BBB1361A-C0B6-47EF-8947-DA5C25F09A6B}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0FA15E1F-C794-417E-A64B-BC46962E860F}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8C624F02-406C-48D2-B35A-93A82B7459AD}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{3C7BE42E-A385-48A9-9E37-17963DDE95FB}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE89A2BE-7D11-42E6-98F3-25CBFFCA9479}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{10B5F0EF-9A21-4C22-B165-527412ABF1BA}] => (Allow) C:\Users\comp\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{10D0E8B3-3034-4789-8451-8A40C1EDFD7B}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{3BCDB80A-DC66-4420-B62A-3FBE33A6AFED}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{9440C6E1-A8A6-4C21-9A58-0AAB068FB834}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{97CD9C94-FE6C-41DB-ABAB-BFB8CE86B653}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0179DF71-69E5-48DE-A2FA-EEB2AF2DF37E}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A35ED699-C84F-48E0-8C92-2B0B19F23DA8}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{770643B1-521D-49FD-959F-E6449B494F62}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B84499E9-FBA0-42EF-867D-2B784AEC72E1}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{6436401D-79C7-4981-8C53-1E72875A8562}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{BB8739A6-B8C2-4724-80EB-78C4F8E4724B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{F34C58ED-C95F-4CA8-BA2F-CA5D41BDFC2C}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{9968C1A0-ED67-4830-90AC-1E5FAFB740B4}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe

==================== Restore Points =========================

08-02-2016 02:20:20 02/08/16
09-02-2016 20:24:36 02/08/16
12-02-2016 12:42:17 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2016 07:45:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 07:14:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc225
Faulting module name: dwmcore.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda08
Exception code: 0xc0000005
Fault offset: 0x0005fce9
Faulting process id: 0x7d0
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:52:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: tuscanx.exe, version: 16.13.1.47453, time stamp: 0x566adf2a
Faulting module name: libcef.dll, version: 3.1547.1412.0, time stamp: 0x521884fe
Exception code: 0xc0000005
Fault offset: 0x00e4f3ca
Faulting process id: 0x65c
Faulting application start time: 0xtuscanx.exe0
Faulting application path: tuscanx.exe1
Faulting module path: tuscanx.exe2
Report Id: tuscanx.exe3

Error: (02/08/2016 04:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Faulting module name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Exception code: 0xc0000005
Fault offset: 0x00004e4c
Faulting process id: 0x96c
Faulting application start time: 0xTuneUpUtilitiesService32.exe0
Faulting application path: TuneUpUtilitiesService32.exe1
Faulting module path: TuneUpUtilitiesService32.exe2
Report Id: TuneUpUtilitiesService32.exe3

Error: (02/08/2016 04:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: upnp.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb28
Exception code: 0xc0000005
Fault offset: 0x0000845d
Faulting process id: 0x6b4
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3

Error: (02/08/2016 03:57:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: upnp.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb28
Exception code: 0xc0000005
Fault offset: 0x0000845d
Faulting process id: 0x554
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3

Error: (02/08/2016 11:55:19 AM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (02/08/2016 02:18:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program dota2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1444

Start Time: 01d161be8d9d210e

Termination Time: 20251

Application Path: C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe

Report Id: 2033ae11-cdc7-11e5-ae10-448a5bb8d5ea


System errors:
=============
Error: (02/12/2016 12:37:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Error: (02/12/2016 12:35:39 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Torch Crash Handler service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2016 12:35:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2016 12:35:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2016 12:35:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: AMD A4-6300 APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 48%
Total physical RAM: 1480.14 MB
Available physical RAM: 759.11 MB
Total Virtual: 2960.29 MB
Available Virtual: 1877.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:430.14 GB) NTFS
Drive e: (Low MB ) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0B3AFE36)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Also, Torch was succesfully uninstalled once I did a scan with Adwcleaner.

#4 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 05:07 AM

Thank you for the logs but the way you have posted them makes it difficult for me to read them. There is no need to use code/quote boxes, just copy and paste directly from the Notepad file that was produced into the reply.

Can you re-post the FRST.txt log and Addition.txt log.

Thanks

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#5 japjap4

New Member

Authentic Member
13 posts

Posted 12 February 2016 - 05:25 AM

Hi Satchfan, sorry about that. Here you go:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by comp (administrator) on KUUHAKU-PC (12-02-2016 12:45:48)
Running from C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4G99A7X
Loaded Profiles: comp (Available Profiles: comp)
Platform: Microsoft Windows 7 Home Basic (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe
(Farbar) C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4G99A7X\FRST[1].exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7745792 2016-01-24] (Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3014224 2016-02-05] (Valve Corporation)
HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe [1163968 2016-02-04] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 121.1.3.81 192.168.0.1
Tcpip\..\Interfaces\{C4E1DE4D-B1A7-49C4-A018-1C8BC3C6D0CE}: [DhcpNameServer] 121.1.3.81 192.168.0.1

Internet Explorer:
==================

Chrome:
=======
CHR Profile: C:\Users\comp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2016-01-24] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2016-01-24] (Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [108008 2013-07-02] (Bitdefender SRL)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-01-24] (REALiX™)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-12] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-12 12:45 - 2016-02-12 12:45 - 00000000 ____D C:\FRST
2016-02-12 12:43 - 2016-02-12 12:43 - 00002820 _____ C:\Users\comp\Desktop\JRT.txt
2016-02-12 12:38 - 2016-02-12 12:44 - 00001921 _____ C:\Users\comp\Desktop\fff.txt
2016-02-12 07:14 - 2016-02-12 12:35 - 00000000 ____D C:\AdwCleaner
2016-02-12 07:13 - 2016-02-12 07:14 - 01609032 _____ (Malwarebytes) C:\Users\comp\Downloads\JRT.exe
2016-02-12 07:13 - 2016-02-12 07:14 - 01508352 _____ C:\Users\comp\Downloads\adwcleaner_5.033.exe
2016-02-10 11:14 - 2016-02-10 11:15 - 00000000 ____D C:\Windows\system32\config\mybackup
2016-02-09 19:24 - 2016-02-09 19:24 - 00000000 __SHD C:\found.001
2016-02-09 07:04 - 2016-02-12 10:49 - 00000000 ____D C:\Windows\pss
2016-02-08 15:42 - 2016-02-09 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-02-07 19:05 - 2016-02-12 23:08 - 00000000 ____D C:\Users\comp\AppData\Roaming\AVG
2016-02-07 19:04 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-07 19:04 - 2016-02-07 19:04 - 00000000 ____D C:\Users\comp\AppData\Roaming\TuneUp Software
2016-02-07 19:03 - 2016-02-07 19:03 - 00000000 ___HD C:\$AVG
2016-02-07 18:55 - 2016-02-12 12:37 - 00000000 ____D C:\ProgramData\MFAData
2016-02-07 18:55 - 2016-02-07 18:55 - 00000000 ____D C:\Users\comp\AppData\Local\MFAData
2016-02-07 18:46 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-02-07 18:46 - 2016-02-07 18:46 - 00000832 _____ C:\Users\Public\Desktop\AVG.lnk
2016-02-07 18:35 - 2016-02-12 23:08 - 00000000 ____D C:\ProgramData\Avg
2016-02-07 18:35 - 2016-02-12 23:08 - 00000000 ____D C:\Program Files\AVG
2016-02-07 18:24 - 2016-02-09 20:35 - 00000000 ____D C:\Users\comp\AppData\Local\AvgSetupLog
2016-02-07 18:24 - 2016-02-08 15:41 - 00000000 ____D C:\Users\comp\AppData\Local\Avg
2016-02-07 15:18 - 2016-02-07 15:19 - 02946424 _____ (AVG Technologies CZ, s.r.o.) C:\Users\comp\Downloads\AVG_Protection_Free_698.exe
2016-02-07 13:52 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\SETEB29.tmp
2016-02-07 13:52 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-02-07 13:24 - 2016-02-07 18:18 - 00000000 ____D C:\Program Files\Bitdefender
2016-02-07 13:23 - 2016-02-08 16:41 - 00000000 ____D C:\Users\comp\AppData\Roaming\QuickScan
2016-02-05 07:04 - 2016-02-05 07:04 - 00000000 ____D C:\Program Files\CPUID
2016-02-05 05:38 - 2016-02-05 05:38 - 00000000 ____D C:\Users\comp\AppData\Roaming\Macromedia
2016-02-05 05:34 - 2016-02-05 05:34 - 00000000 ____D C:\Users\comp\AppData\Roaming\Adobe
2016-02-04 18:58 - 2016-02-12 12:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-04 18:57 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-04 18:57 - 2016-02-04 18:57 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-04 18:57 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-04 18:57 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-04 18:57 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-04 18:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-02-04 18:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-02-04 18:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-02-04 18:51 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-02-04 18:51 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-02-04 18:51 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-02-04 18:51 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-02-04 18:51 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-02-04 18:51 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-02-04 18:51 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-02-04 18:51 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-02-04 18:51 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-02-04 18:51 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-02-04 18:51 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-02-04 18:51 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-02-04 18:51 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-02-04 18:51 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-02-04 18:51 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-02-04 18:51 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-02-04 18:51 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-02-04 18:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-02-04 18:51 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-02-04 18:51 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-02-04 18:51 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-02-04 18:51 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-02-04 18:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-02-04 18:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-02-04 18:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-02-04 18:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-02-04 18:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-02-04 18:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-02-04 18:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-02-04 18:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-02-04 18:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-02-04 18:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-02-04 18:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-02-04 18:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-02-04 18:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-02-04 18:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-02-04 18:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-02-04 18:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-02-04 18:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-02-04 18:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-02-04 18:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-02-04 18:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-02-04 18:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-02-04 18:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-02-04 18:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-02-04 18:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-02-04 18:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-02-04 18:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-02-04 18:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-02-04 18:48 - 2016-02-12 07:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-04 18:48 - 2016-02-04 18:48 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-04 18:48 - 2016-02-04 18:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-04 18:48 - 2016-02-04 18:48 - 00000000 ____D C:\Windows\system32\Macromed
2016-02-04 18:44 - 2016-02-04 18:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-31 20:39 - 2016-01-31 20:39 - 00000000 __RSH C:\MSDOS.SYS
2016-01-31 20:39 - 2016-01-31 20:39 - 00000000 __RSH C:\IO.SYS
2016-01-31 06:07 - 2016-01-30 18:56 - 00026096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD54.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD64.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDD6.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD96.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDE7.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDF8.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD75.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDC6.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD85.tmp
2016-01-31 00:29 - 2016-01-31 00:29 - 00007602 _____ C:\Users\comp\AppData\Local\Resmon.ResmonCfg
2016-01-30 21:08 - 2016-01-30 21:08 - 00000000 ____D C:\Users\comp\AppData\Local\AVAST Software
2016-01-30 18:58 - 2016-01-30 18:58 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-01-30 18:56 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1418.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1749.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw167C.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1843.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw18B1.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw15FD.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw16EA.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw165C.tmp
2016-01-25 21:05 - 2016-01-25 21:05 - 00000000 ____D C:\Users\comp\AppData\Local\AMD
2016-01-25 07:54 - 2016-02-08 16:48 - 00000000 __SHD C:\found.000
2016-01-24 09:03 - 2016-02-10 12:28 - 00000000 ____D C:\Windows\Minidump
2016-01-24 02:26 - 2016-01-26 10:51 - 00000000 ____D C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-24 02:26 - 2016-01-24 02:26 - 00000213 _____ C:\Users\comp\Desktop\Dota 2.url
2016-01-24 02:03 - 2016-01-24 01:57 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2C39.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D86.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D65.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D87.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2DA7.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D44.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D75.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D54.tmp
2016-01-24 01:56 - 2016-02-07 19:04 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-24 01:55 - 2016-01-31 14:29 - 00000000 ____D C:\Users\comp\AppData\Local\Steam
2016-01-24 01:55 - 2016-01-24 01:55 - 00000000 ____D C:\Users\comp\AppData\Local\CEF
2016-01-24 01:45 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-01-24 01:29 - 2016-02-12 12:37 - 00000000 ____D C:\Program Files\Steam
2016-01-24 01:29 - 2016-02-08 10:22 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-01-24 01:29 - 2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-24 01:29 - 2016-01-24 01:29 - 00000925 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-24 01:04 - 2016-02-12 12:36 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-01-24 01:00 - 2016-01-24 01:00 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-01-24 00:59 - 2016-01-24 17:26 - 00000000 ____D C:\Windows\system32\DAX2
2016-01-24 00:59 - 2016-01-24 00:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-24 00:58 - 2016-01-24 01:59 - 00000000 ____D C:\Windows\system32\RTCOM
2016-01-24 00:58 - 2016-01-24 00:58 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2016-01-24 00:58 - 2016-01-24 00:58 - 13798184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 12014440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 11922512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO40.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 07170872 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 07053696 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-01-24 00:58 - 2016-01-24 00:58 - 05132496 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04763576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04236168 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04005405 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-01-24 00:58 - 2016-01-24 00:58 - 03629312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2016-01-24 00:58 - 2016-01-24 00:58 - 02895632 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02826496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2016-01-24 00:58 - 2016-01-24 00:58 - 02702592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02610208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02424264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02400312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO70.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01983096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01948808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01832072 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01816352 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01791808 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01531680 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01515176 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01512320 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01400808 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01313128 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01239808 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01180352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01074056 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01039224 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01028016 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00990792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00965680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00954200 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00936624 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00883376 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00868464 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00863608 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00860520 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00858264 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00834328 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00799016 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00786352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00669592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00645824 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00625000 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00615872 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00589080 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00575936 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00532896 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00522712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00522712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00471288 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00439608 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00415872 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00402072 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00401056 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00387624 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00384520 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00371816 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00369792 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00364024 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00357992 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00357160 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00308064 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00302744 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00285632 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00243864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00232424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00231880 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00230912 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229592 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229584 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229040 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00225048 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00197440 _____ C:\Windows\system32\AcpiServiceVnA.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00196008 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00183616 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00181232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00151920 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00150560 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00144688 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00142328 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00116648 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00105656 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00101624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00101336 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00096608 _____ C:\Windows\system32\audioLibVc.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00088280 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00083648 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00078488 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00074384 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00071712 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00067752 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00022160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2016-01-24 00:56 - 2016-01-24 17:26 - 00000000 ____D C:\Users\comp\Desktop\Thank you
2016-01-24 00:48 - 2016-01-24 17:26 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-01-24 00:48 - 2016-01-24 00:48 - 39712768 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 25052160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 19581440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-01-24 00:48 - 2016-01-24 00:48 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 09468448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 07898704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdva.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 07167416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 05129728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 03471376 _____ C:\Windows\system32\atiumdva.cap
2016-01-24 00:48 - 2016-01-24 00:48 - 01194928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00995342 _____ C:\Windows\system32\amdocl_as32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00934400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00842001 _____ C:\Windows\system32\amdicdxx.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00798734 _____ C:\Windows\system32\amdocl_ld32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00669696 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00662456 _____ C:\Windows\system32\atiapfxx.blb
2016-01-24 00:48 - 2016-01-24 00:48 - 00564224 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-01-24 00:48 - 2016-01-24 00:48 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00294912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00259072 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00203776 _____ C:\Windows\system32\clinfo.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00201216 _____ C:\Windows\system32\amdgfxinfo32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00189440 _____ C:\Windows\system32\atieah32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00177344 _____ C:\Windows\system32\ativce03.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00175648 _____ C:\Windows\system32\amde31a.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00158208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00142848 _____ C:\Windows\system32\hsa-thunk.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00136624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00123240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00100816 _____ C:\Windows\system32\ativce02.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00059392 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00045056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00043536 _____ C:\Windows\system32\kapp_si.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00029184 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00000000 ____D C:\Program Files\AMD
2016-01-24 00:41 - 2016-01-24 00:41 - 00073928 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2016-01-24 00:41 - 2016-01-24 00:41 - 00036040 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2016-01-24 00:40 - 2016-01-24 00:40 - 00095808 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-01-24 00:40 - 2016-01-24 00:40 - 00087576 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2016-01-24 00:39 - 2016-01-24 00:39 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-01-24 00:36 - 2016-01-24 00:36 - 00769280 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2016-01-24 00:36 - 2016-01-24 00:36 - 00109648 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2016-01-24 00:36 - 2016-01-24 00:36 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Users\comp\AppData\Roaming\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\ProgramData\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Program Files\IObit
2016-01-24 00:34 - 2016-02-01 06:56 - 00000000 ____D C:\Users\comp\AppData\LocalLow\IObit
2016-01-24 00:34 - 2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-24 00:34 - 2016-01-24 00:34 - 00023840 _____ (REALiX™) C:\Windows\system32\Drivers\HWiNFO32.SYS
2016-01-24 00:34 - 2016-01-24 00:34 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-01-24 00:20 - 2016-01-24 17:25 - 00000000 ____D C:\Users\comp\AppData\Local\Microsoft Games
2016-01-24 00:12 - 2016-01-24 00:12 - 00031832 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2016-01-23 23:54 - 2016-01-23 23:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-01-23 16:47 - 2016-01-31 15:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-23 16:43 - 2016-01-25 20:01 - 00000000 ____D C:\Users\comp\AppData\Local\Deployment
2016-01-23 16:43 - 2016-01-25 20:01 - 00000000 ____D C:\Users\comp\AppData\Local\Apps\2.0
2016-01-23 16:43 - 2016-01-24 01:11 - 00000000 ____D C:\Users\comp\AppData\Local\Google
2016-01-23 16:43 - 2016-01-24 01:11 - 00000000 ____D C:\Program Files\Google
2016-01-23 16:39 - 2016-01-24 17:26 - 00000000 ____D C:\Program Files\Realtek
2016-01-23 16:39 - 2016-01-23 16:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-23 16:03 - 2016-01-23 16:03 - 00057560 _____ C:\Users\comp\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-23 16:03 - 2016-01-23 16:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-01-23 15:22 - 2016-01-23 16:18 - 00000000 ____D C:\Users\comp\AppData\Local\ElevatedDiagnostics
2016-01-23 15:12 - 2016-02-07 22:52 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-23 15:08 - 2016-01-23 15:08 - 00001417 _____ C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-23 15:07 - 2016-02-12 23:09 - 00000000 ____D C:\Users\comp\AppData\Local\VirtualStore
2016-01-23 15:07 - 2016-02-12 07:10 - 00000000 ____D C:\Users\comp
2016-01-23 15:07 - 2016-01-23 15:07 - 00000020 ___SH C:\Users\comp\ntuser.ini
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\My Documents
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Videos
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Pictures
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Music
2016-01-22 15:13 - 2016-01-22 15:13 - 00198576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-12 23:09 - 2009-07-14 12:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\registration
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\inf
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\AppCompat
2016-02-12 23:08 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\sysprep
2016-02-12 12:44 - 2009-07-14 12:34 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-12 12:44 - 2009-07-14 12:34 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-12 12:37 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-07 22:35 - 2009-07-14 07:47 - 12866560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-01-31 22:03 - 2009-07-14 10:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-31 15:15 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-26 10:51 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\MUI
2016-01-24 17:26 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\security
2016-01-24 07:05 - 2009-07-14 12:33 - 00257736 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-24 07:02 - 2009-07-14 12:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-01-24 01:29 - 2009-07-14 12:53 - 00011104 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-23 16:33 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\tracing
2016-01-23 15:07 - 2009-07-14 12:34 - 00000000 ____D C:\Windows\Setup
2016-01-23 15:07 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2016-01-31 00:29 - 2016-01-31 00:29 - 0007602 _____ () C:\Users\comp\AppData\Local\Resmon.ResmonCfg
2016-01-24 00:59 - 2016-01-24 00:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\comp\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-11 19:44

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by comp (2016-02-12 12:46:25)
Running from C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4G99A7X
Microsoft Windows 7 Home Basic (X86) (2016-01-23 07:07:19)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1597179411-2372084101-3668902816-500 - Administrator - Disabled)
comp (S-1-5-21-1597179411-2372084101-3668902816-1000 - Administrator - Enabled) => C:\Users\comp
Guest (S-1-5-21-1597179411-2372084101-3668902816-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Driver Booster 3.2 (HKLM\...\Driver Booster_is1) (Version: 3.2 - IObit)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1597179411-2372084101-3668902816-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\comp\AppData\Local\Torch\Application\45.0.0.10802\delegate_execute.exe" => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15BE16E0-9A1C-4C9D-AD36-8C0450AA4A79} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-24] (AVAST Software)
Task: {57AB1A14-DB9C-4C91-A4EC-5E96876F69C5} - System32\Tasks\SafeZone scheduled Autoupdate 1454151524 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {5E80B004-C143-4B38-87E1-48B2FCDEF5D6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1597179411-2372084101-3668902816-1000
Task: {677EEFA3-A2CE-4BD3-9481-5D71E791A08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\comp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 121.1.3.81 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80795403-1DEB-4582-B07F-8EAF58C7924A}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{B49DBE99-2EAF-4A6F-958C-29A6197FCED5}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{D05B9921-AA61-4CC6-B2C2-D52231B26973}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{C4DA7E43-9BBD-459B-9499-0320852E073E}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2A87CF92-E1E2-48F5-8C94-59808CBD4419}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BBB1361A-C0B6-47EF-8947-DA5C25F09A6B}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0FA15E1F-C794-417E-A64B-BC46962E860F}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8C624F02-406C-48D2-B35A-93A82B7459AD}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{3C7BE42E-A385-48A9-9E37-17963DDE95FB}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE89A2BE-7D11-42E6-98F3-25CBFFCA9479}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{10B5F0EF-9A21-4C22-B165-527412ABF1BA}] => (Allow) C:\Users\comp\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{10D0E8B3-3034-4789-8451-8A40C1EDFD7B}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{3BCDB80A-DC66-4420-B62A-3FBE33A6AFED}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{9440C6E1-A8A6-4C21-9A58-0AAB068FB834}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{97CD9C94-FE6C-41DB-ABAB-BFB8CE86B653}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0179DF71-69E5-48DE-A2FA-EEB2AF2DF37E}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A35ED699-C84F-48E0-8C92-2B0B19F23DA8}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{770643B1-521D-49FD-959F-E6449B494F62}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B84499E9-FBA0-42EF-867D-2B784AEC72E1}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{6436401D-79C7-4981-8C53-1E72875A8562}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{BB8739A6-B8C2-4724-80EB-78C4F8E4724B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{F34C58ED-C95F-4CA8-BA2F-CA5D41BDFC2C}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{9968C1A0-ED67-4830-90AC-1E5FAFB740B4}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe

==================== Restore Points =========================

08-02-2016 02:20:20 02/08/16
09-02-2016 20:24:36 02/08/16
12-02-2016 12:42:17 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2016 07:45:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 07:14:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc225
Faulting module name: dwmcore.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda08
Exception code: 0xc0000005
Fault offset: 0x0005fce9
Faulting process id: 0x7d0
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].

Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:52:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: tuscanx.exe, version: 16.13.1.47453, time stamp: 0x566adf2a
Faulting module name: libcef.dll, version: 3.1547.1412.0, time stamp: 0x521884fe
Exception code: 0xc0000005
Fault offset: 0x00e4f3ca
Faulting process id: 0x65c
Faulting application start time: 0xtuscanx.exe0
Faulting application path: tuscanx.exe1
Faulting module path: tuscanx.exe2
Report Id: tuscanx.exe3

Error: (02/08/2016 04:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Faulting module name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Exception code: 0xc0000005
Fault offset: 0x00004e4c
Faulting process id: 0x96c
Faulting application start time: 0xTuneUpUtilitiesService32.exe0
Faulting application path: TuneUpUtilitiesService32.exe1
Faulting module path: TuneUpUtilitiesService32.exe2
Report Id: TuneUpUtilitiesService32.exe3

Error: (02/08/2016 04:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: upnp.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb28
Exception code: 0xc0000005
Fault offset: 0x0000845d
Faulting process id: 0x6b4
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3

Error: (02/08/2016 03:57:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: upnp.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb28
Exception code: 0xc0000005
Fault offset: 0x0000845d
Faulting process id: 0x554
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3

Error: (02/08/2016 11:55:19 AM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10050Initialize call failed, bailing out

Error: (02/08/2016 02:18:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program dota2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1444

Start Time: 01d161be8d9d210e

Termination Time: 20251

Application Path: C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe

Report Id: 2033ae11-cdc7-11e5-ae10-448a5bb8d5ea

System errors:
=============
Error: (02/12/2016 12:37:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (02/12/2016 12:35:39 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Torch Crash Handler service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 12:35:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 12:35:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 12:35:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

==================== Memory info ===========================

Processor: AMD A4-6300 APU with Radeon™ HD Graphics
Percentage of memory in use: 48%
Total physical RAM: 1480.14 MB
Available physical RAM: 759.11 MB
Total Virtual: 2960.29 MB
Available Virtual: 1877.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:430.14 GB) NTFS
Drive e: (Low MB ) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0B3AFE36)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#6 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 05:29 AM

Thank you. :thumbup:

I'll check these as soon as I have time and reply soon.

japjap4 likes this

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#7 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 06:24 AM

You need to move Farbar Recovery Scan Tool to your desktop otherwise fixes will not work.

go to the following location and locate Farbar Recovery Scan Tool:

C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4G99A7X
right click and select Cut
go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

Run Farbar Recovery Scan Tool

Open notepad (Start >All Programs > Accessories > Notepad). Please copy the entire contents of the code box below and paste it into Notepad.

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
2016-02-07 13:52 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\SETEB29.tmp
2016-01-31 06:07 - 2016-01-30 18:56 - 00026096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD54.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD64.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDD6.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD96.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDE7.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDF8.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD75.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDC6.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD85.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1418.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1749.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw167C.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1843.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw18B1.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw15FD.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw16EA.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw165C.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2C39.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D86.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D65.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D87.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2DA7.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D44.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D75.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D54.tmp
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Users\comp\AppData\Roaming\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\ProgramData\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Program Files\IObit
2016-01-24 00:34 - 2016-02-01 06:56 - 00000000 ____D C:\Users\comp\AppData\LocalLow\IObit
2016-01-24 00:34 - 2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-24 00:34 - 2016-01-24 00:34 - 00023840 _____ (REALiX™) C:\Windows\system32\Drivers\HWiNFO32.SYS
2016-01-24 00:34 - 2016-01-24 00:34 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
CustomCLSID: HKU\S-1-5-21-1597179411-2372084101-3668902816-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\comp\AppData\Local\Torch\Application\45.0.0.10802\delegate_execute.exe" => No File
FirewallRules: [{D05B9921-AA61-4CC6-B2C2-D52231B26973}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{C4DA7E43-9BBD-459B-9499-0320852E073E}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2A87CF92-E1E2-48F5-8C94-59808CBD4419}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BBB1361A-C0B6-47EF-8947-DA5C25F09A6B}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0FA15E1F-C794-417E-A64B-BC46962E860F}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8C624F02-406C-48D2-B35A-93A82B7459AD}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{10B5F0EF-9A21-4C22-B165-527412ABF1BA}] => (Allow) C:\Users\comp\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{10D0E8B3-3034-4789-8451-8A40C1EDFD7B}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{3BCDB80A-DC66-4420-B62A-3FBE33A6AFED}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
C:\Users\comp\AppData\Local\Torch
C:\Program Files\IObit
EmptyTemp:

NOTE: this script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
run FRST then click Fix just once and wait
it will create a log (Fixlog.txt); please post it to your reply.

================================================

Multiple antiviruses

You have AVG and BitDefender antivirus programs installed.

You can not run two real-time antiviruses at the same time. Although many have different methods of searching for and recognising threats, they will all be 'fighting' in memory to kick each other out, rendering them all ineffective.

I would suggest you uninstall AVG but it is your choice.

click Start, Control Panel, Programs and Features
scroll down the list click on either AVG or BitDefender and then on Remove.

Run AVG removal tool

If you uninstalled AVG there will still be some remnants on your computer even after the uninstall so please download and run AVG Removal Tool from here.

================================================

Please run FRST again and make sure there is a checkmark next to "Addition.txt" before you hit “Scan”.

Logs to include with next post:

Fixlog.txt
New Frst.txt
New Addition.txt

Thanks

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#8 japjap4

New Member

Authentic Member
13 posts

Posted 12 February 2016 - 06:35 AM

Hi Satchfan,

I can't seem to find Content.IE5\B4G99A7X but I have found an application called FRST in C:\Users\comp\AppData\Local\Microsoft\Windows\Temporary Internet Files\. Are those two the same?

Edited by japjap4, 12 February 2016 - 06:35 AM.

#9 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 07:10 AM

Yep, that's the one.

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#10 japjap4

New Member

Authentic Member
13 posts

Posted 12 February 2016 - 07:20 AM

Hi Satchfan,

I was able to do the fix but after performing it successfully, AVG detected it as a virus and classified it as "IDP.ALEXA.51" (had to restore it from AVG to perform the remaining ones). Was that a common thing? Anyways, here are the logs you requested:

Fix result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by comp (2016-02-12 21:12:16) Run:1
Running from C:\Users\comp\Desktop
Loaded Profiles: comp (Available Profiles: comp)
Boot Mode: Normal

==============================================

fixlist content:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
2016-02-07 13:52 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\Windows\system32\Drivers\SETEB29.tmp
2016-01-31 06:07 - 2016-01-30 18:56 - 00026096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD54.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD64.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDD6.tmp
2016-01-31 06:07 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD96.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDE7.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDF8.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD75.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCDC6.tmp
2016-01-31 06:07 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswCD85.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1418.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1749.tmp
2016-01-30 18:56 - 2016-01-30 18:19 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw167C.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1843.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw18B1.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw15FD.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw16EA.tmp
2016-01-30 18:56 - 2016-01-30 18:18 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw165C.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2C39.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D86.tmp
2016-01-24 02:03 - 2016-01-24 01:57 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D65.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D87.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2DA7.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D44.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D75.tmp
2016-01-24 02:03 - 2016-01-24 01:56 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2D54.tmp
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Users\comp\AppData\Roaming\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\ProgramData\IObit
2016-01-24 00:34 - 2016-02-12 12:42 - 00000000 ____D C:\Program Files\IObit
2016-01-24 00:34 - 2016-02-01 06:56 - 00000000 ____D C:\Users\comp\AppData\LocalLow\IObit
2016-01-24 00:34 - 2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-24 00:34 - 2016-01-24 00:34 - 00023840 _____ (REALiX™) C:\Windows\system32\Drivers\HWiNFO32.SYS
2016-01-24 00:34 - 2016-01-24 00:34 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
CustomCLSID: HKU\S-1-5-21-1597179411-2372084101-3668902816-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\comp\AppData\Local\Torch\Application\45.0.0.10802\delegate_execute.exe" => No File
FirewallRules: [{D05B9921-AA61-4CC6-B2C2-D52231B26973}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{C4DA7E43-9BBD-459B-9499-0320852E073E}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2A87CF92-E1E2-48F5-8C94-59808CBD4419}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BBB1361A-C0B6-47EF-8947-DA5C25F09A6B}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0FA15E1F-C794-417E-A64B-BC46962E860F}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8C624F02-406C-48D2-B35A-93A82B7459AD}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{10B5F0EF-9A21-4C22-B165-527412ABF1BA}] => (Allow) C:\Users\comp\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{10D0E8B3-3034-4789-8451-8A40C1EDFD7B}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{3BCDB80A-DC66-4420-B62A-3FBE33A6AFED}] => (Allow) C:\Users\comp\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
C:\Users\comp\AppData\Local\Torch
C:\Program Files\IObit
EmptyTemp:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\Drivers\SETEB29.tmp => moved successfully
C:\Windows\system32\Drivers\aswCD54.tmp => moved successfully
C:\Windows\system32\Drivers\aswCD64.tmp => moved successfully
C:\Windows\system32\Drivers\aswCDD6.tmp => moved successfully
C:\Windows\system32\Drivers\aswCD96.tmp => moved successfully
C:\Windows\system32\Drivers\aswCDE7.tmp => moved successfully
C:\Windows\system32\Drivers\aswCDF8.tmp => moved successfully
C:\Windows\system32\Drivers\aswCD75.tmp => moved successfully
C:\Windows\system32\Drivers\aswCDC6.tmp => moved successfully
C:\Windows\system32\Drivers\aswCD85.tmp => moved successfully
C:\Windows\system32\Drivers\asw1418.tmp => moved successfully
C:\Windows\system32\Drivers\asw1749.tmp => moved successfully
C:\Windows\system32\Drivers\asw167C.tmp => moved successfully
C:\Windows\system32\Drivers\asw1843.tmp => moved successfully
C:\Windows\system32\Drivers\asw18B1.tmp => moved successfully
C:\Windows\system32\Drivers\asw15FD.tmp => moved successfully
C:\Windows\system32\Drivers\asw16EA.tmp => moved successfully
C:\Windows\system32\Drivers\asw165C.tmp => moved successfully
C:\Windows\system32\Drivers\asw2C39.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D86.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D65.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D87.tmp => moved successfully
C:\Windows\system32\Drivers\asw2DA7.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D44.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D75.tmp => moved successfully
C:\Windows\system32\Drivers\asw2D54.tmp => moved successfully
C:\Users\comp\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files\IObit => moved successfully
C:\Users\comp\AppData\LocalLow\IObit => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 => moved successfully
C:\Windows\system32\Drivers\HWiNFO32.SYS => moved successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"HKU\S-1-5-21-1597179411-2372084101-3668902816-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}" => key removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D05B9921-AA61-4CC6-B2C2-D52231B26973} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4DA7E43-9BBD-459B-9499-0320852E073E} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A87CF92-E1E2-48F5-8C94-59808CBD4419} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BBB1361A-C0B6-47EF-8947-DA5C25F09A6B} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FA15E1F-C794-417E-A64B-BC46962E860F} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C624F02-406C-48D2-B35A-93A82B7459AD} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10B5F0EF-9A21-4C22-B165-527412ABF1BA} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10D0E8B3-3034-4789-8451-8A40C1EDFD7B} => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BCDB80A-DC66-4420-B62A-3FBE33A6AFED} => value removed successfully.
"C:\Users\comp\AppData\Local\Torch" => not found.
"C:\Program Files\IObit" => not found.
EmptyTemp: => 395.9 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 21:12:56 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by comp (administrator) on KUUHAKU-PC (12-02-2016 21:17:58)
Running from C:\Users\comp\Desktop
Loaded Profiles: comp (Available Profiles: comp)
Platform: Microsoft Windows 7 Home Basic (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\comp\Desktop\FRST[1].exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7745792 2016-01-24] (Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [*EMPTYTEMP] => cmd /c rd /q/s C:\FRST\Temp
HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3014224 2016-02-05] (Valve Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 121.1.3.81 192.168.0.1
Tcpip\..\Interfaces\{C4E1DE4D-B1A7-49C4-A018-1C8BC3C6D0CE}: [DhcpNameServer] 121.1.3.81 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\comp\AppData\Roaming\Mozilla\Firefox\Profiles\4zwb0x1q.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-12] ()
FF Extension: Disable Ads - C:\Users\comp\AppData\Roaming\Mozilla\Firefox\Profiles\4zwb0x1q.default\Extensions\@com.virtualjame.disableads.xpi [2016-02-12]

Chrome:
=======
CHR Profile: C:\Users\comp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\comp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73928 2016-01-24] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [36040 2016-01-24] (Advanced Micro Devices)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R1 HWiNFO32; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-12 21:17 - 2016-02-12 21:18 - 00006737 _____ C:\Users\comp\Desktop\FRST.txt
2016-02-12 21:12 - 2016-02-12 21:12 - 00009450 _____ C:\Users\comp\Desktop\Fixlog.txt
2016-02-12 20:40 - 2016-02-12 20:40 - 00097762 _____ C:\ProgramData\1455280786.bdinstall.bin
2016-02-12 20:39 - 2016-02-12 20:39 - 00037931 _____ C:\ProgramData\1455280781.bdinstall.bin
2016-02-12 20:34 - 2016-02-12 12:45 - 01721344 _____ (Farbar) C:\Users\comp\Desktop\FRST[1].exe
2016-02-12 18:57 - 2016-02-12 18:57 - 00000000 ____D C:\Users\comp\AppData\Local\Macromedia
2016-02-12 18:52 - 2016-02-12 18:57 - 00000000 ____D C:\Users\comp\AppData\Local\Adobe
2016-02-12 18:42 - 2016-02-12 18:48 - 00000000 ____D C:\Users\comp\AppData\Local\Mozilla
2016-02-12 18:42 - 2016-02-12 18:42 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-12 18:42 - 2016-02-12 18:42 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-12 18:42 - 2016-02-12 18:42 - 00000000 ____D C:\Users\comp\AppData\Roaming\Mozilla
2016-02-12 18:42 - 2016-02-12 18:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-12 18:41 - 2016-02-12 18:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-12 12:45 - 2016-02-12 21:17 - 00000000 ____D C:\FRST
2016-02-12 12:43 - 2016-02-12 12:43 - 00002820 _____ C:\Users\comp\Desktop\JRT.txt
2016-02-12 12:38 - 2016-02-12 12:44 - 00001921 _____ C:\Users\comp\Desktop\AdwCleaner.txt
2016-02-12 07:14 - 2016-02-12 12:35 - 00000000 ____D C:\AdwCleaner
2016-02-12 07:13 - 2016-02-12 07:14 - 01609032 _____ (Malwarebytes) C:\Users\comp\Downloads\JRT.exe
2016-02-12 07:13 - 2016-02-12 07:14 - 01508352 _____ C:\Users\comp\Downloads\adwcleaner_5.033.exe
2016-02-10 11:14 - 2016-02-10 11:15 - 00000000 ____D C:\Windows\system32\config\mybackup
2016-02-09 19:24 - 2016-02-09 19:24 - 00000000 __SHD C:\found.001
2016-02-09 07:04 - 2016-02-12 10:49 - 00000000 ____D C:\Windows\pss
2016-02-08 15:42 - 2016-02-09 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2016-02-07 19:05 - 2016-02-12 23:08 - 00000000 ____D C:\Users\comp\AppData\Roaming\AVG
2016-02-07 19:04 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-07 19:04 - 2016-02-07 19:04 - 00000000 ____D C:\Users\comp\AppData\Roaming\TuneUp Software
2016-02-07 19:03 - 2016-02-07 19:03 - 00000000 ___HD C:\$AVG
2016-02-07 18:55 - 2016-02-12 18:08 - 00000000 ____D C:\ProgramData\MFAData
2016-02-07 18:55 - 2016-02-07 18:55 - 00000000 ____D C:\Users\comp\AppData\Local\MFAData
2016-02-07 18:46 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-02-07 18:46 - 2016-02-07 18:46 - 00000832 _____ C:\Users\Public\Desktop\AVG.lnk
2016-02-07 18:35 - 2016-02-12 23:08 - 00000000 ____D C:\ProgramData\Avg
2016-02-07 18:35 - 2016-02-12 23:08 - 00000000 ____D C:\Program Files\AVG
2016-02-07 18:24 - 2016-02-09 20:35 - 00000000 ____D C:\Users\comp\AppData\Local\AvgSetupLog
2016-02-07 18:24 - 2016-02-08 15:41 - 00000000 ____D C:\Users\comp\AppData\Local\Avg
2016-02-07 15:18 - 2016-02-07 15:19 - 02946424 _____ (AVG Technologies CZ, s.r.o.) C:\Users\comp\Downloads\AVG_Protection_Free_698.exe
2016-02-07 13:52 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-02-07 13:24 - 2016-02-07 18:18 - 00000000 ____D C:\Program Files\Bitdefender
2016-02-07 13:23 - 2016-02-08 16:41 - 00000000 ____D C:\Users\comp\AppData\Roaming\QuickScan
2016-02-05 07:04 - 2016-02-05 07:04 - 00000000 ____D C:\Program Files\CPUID
2016-02-05 05:38 - 2016-02-05 05:38 - 00000000 ____D C:\Users\comp\AppData\Roaming\Macromedia
2016-02-05 05:34 - 2016-02-05 05:34 - 00000000 ____D C:\Users\comp\AppData\Roaming\Adobe
2016-02-04 18:58 - 2016-02-12 20:59 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-04 18:57 - 2016-02-12 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-04 18:57 - 2016-02-04 18:57 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-04 18:57 - 2016-02-04 18:57 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-04 18:57 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-04 18:57 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-04 18:57 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-04 18:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-02-04 18:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-02-04 18:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-02-04 18:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-02-04 18:51 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-02-04 18:51 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-02-04 18:51 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-02-04 18:51 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-02-04 18:51 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-02-04 18:51 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-02-04 18:51 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-02-04 18:51 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-02-04 18:51 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-02-04 18:51 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-02-04 18:51 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-02-04 18:51 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-02-04 18:51 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-02-04 18:51 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-02-04 18:51 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-02-04 18:51 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-02-04 18:51 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-02-04 18:51 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-02-04 18:51 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-02-04 18:51 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-02-04 18:51 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-02-04 18:51 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-02-04 18:51 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-02-04 18:51 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-02-04 18:51 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-02-04 18:51 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-02-04 18:51 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-02-04 18:51 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-02-04 18:51 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-02-04 18:51 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-02-04 18:51 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-02-04 18:51 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-02-04 18:51 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-02-04 18:51 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-02-04 18:51 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-02-04 18:51 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-02-04 18:51 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-02-04 18:51 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-02-04 18:51 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-02-04 18:51 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-02-04 18:51 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-02-04 18:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-02-04 18:51 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-02-04 18:51 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-02-04 18:51 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-02-04 18:51 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-02-04 18:51 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-02-04 18:51 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-02-04 18:51 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-02-04 18:51 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-02-04 18:51 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-02-04 18:51 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-02-04 18:51 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-02-04 18:51 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-02-04 18:51 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-02-04 18:51 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-02-04 18:51 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-02-04 18:51 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-02-04 18:51 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-02-04 18:48 - 2016-02-12 21:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-04 18:48 - 2016-02-12 18:56 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-04 18:48 - 2016-02-12 18:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-04 18:48 - 2016-02-04 18:48 - 00000000 ____D C:\Windows\system32\Macromed
2016-02-04 18:44 - 2016-02-04 18:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-31 20:39 - 2016-01-31 20:39 - 00000000 __RSH C:\MSDOS.SYS
2016-01-31 20:39 - 2016-01-31 20:39 - 00000000 __RSH C:\IO.SYS
2016-01-31 00:29 - 2016-01-31 00:29 - 00007602 _____ C:\Users\comp\AppData\Local\Resmon.ResmonCfg
2016-01-30 21:08 - 2016-01-30 21:08 - 00000000 ____D C:\Users\comp\AppData\Local\AVAST Software
2016-01-30 18:58 - 2016-01-30 18:58 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-01-25 21:05 - 2016-01-25 21:05 - 00000000 ____D C:\Users\comp\AppData\Local\AMD
2016-01-25 07:54 - 2016-02-08 16:48 - 00000000 __SHD C:\found.000
2016-01-24 09:03 - 2016-02-10 12:28 - 00000000 ____D C:\Windows\Minidump
2016-01-24 02:26 - 2016-01-26 10:51 - 00000000 ____D C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-24 02:26 - 2016-01-24 02:26 - 00000213 _____ C:\Users\comp\Desktop\Dota 2.url
2016-01-24 01:56 - 2016-02-07 19:04 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-24 01:55 - 2016-01-31 14:29 - 00000000 ____D C:\Users\comp\AppData\Local\Steam
2016-01-24 01:55 - 2016-01-24 01:55 - 00000000 ____D C:\Users\comp\AppData\Local\CEF
2016-01-24 01:45 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-01-24 01:29 - 2016-02-12 18:07 - 00000000 ____D C:\Program Files\Steam
2016-01-24 01:29 - 2016-02-08 10:22 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-01-24 01:29 - 2016-01-26 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-24 01:29 - 2016-01-24 01:29 - 00000925 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-24 01:04 - 2016-02-12 12:52 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-01-24 01:00 - 2016-01-24 01:00 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-01-24 00:59 - 2016-01-24 17:26 - 00000000 ____D C:\Windows\system32\DAX2
2016-01-24 00:59 - 2016-01-24 00:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-24 00:58 - 2016-01-24 01:59 - 00000000 ____D C:\Windows\system32\RTCOM
2016-01-24 00:58 - 2016-01-24 00:58 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2016-01-24 00:58 - 2016-01-24 00:58 - 13798184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 12014440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 11922512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO40.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 07170872 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 07053696 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-01-24 00:58 - 2016-01-24 00:58 - 05132496 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04763576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04236168 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 04005405 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-01-24 00:58 - 2016-01-24 00:58 - 03629312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2016-01-24 00:58 - 2016-01-24 00:58 - 02895632 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02826496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2016-01-24 00:58 - 2016-01-24 00:58 - 02702592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02610208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02424264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 02400312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO70.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01983096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01948808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01832072 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01816352 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01791808 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01531680 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01515176 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01512320 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01400808 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01313128 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01239808 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01180352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01074056 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01039224 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 01028016 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00990792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00965680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00954200 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00936624 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00883376 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00868464 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00863608 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00860520 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00858264 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00834328 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00799016 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00786352 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00669592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00645824 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00625000 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00615872 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00589080 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00575936 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00532896 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00522712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00522712 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00471288 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00439608 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00415872 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00402072 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00401056 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00387624 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00384520 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00371816 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00369792 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00364024 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00357992 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00357160 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00308064 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00307240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00302744 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00285632 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00243864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00232424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00231880 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00230912 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229592 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229584 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00229040 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00225048 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00197440 _____ C:\Windows\system32\AcpiServiceVnA.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00196008 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00183616 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00181232 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00151920 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo32.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00150560 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00144688 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00142328 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00116648 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00105656 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00101624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00101336 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00096608 _____ C:\Windows\system32\audioLibVc.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00088280 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00083648 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00078488 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00074384 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00071712 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00067752 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2016-01-24 00:58 - 2016-01-24 00:58 - 00022160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2016-01-24 00:56 - 2016-01-24 17:26 - 00000000 ____D C:\Users\comp\Desktop\Thank you
2016-01-24 00:48 - 2016-01-24 17:26 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-01-24 00:48 - 2016-01-24 00:48 - 39712768 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 25052160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atioglxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 19581440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-01-24 00:48 - 2016-01-24 00:48 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 09468448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 07898704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdva.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 07167416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumdag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 05129728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 03471376 _____ C:\Windows\system32\atiumdva.cap
2016-01-24 00:48 - 2016-01-24 00:48 - 01194928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00995342 _____ C:\Windows\system32\amdocl_as32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00934400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00842001 _____ C:\Windows\system32\amdicdxx.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00798734 _____ C:\Windows\system32\amdocl_ld32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00669696 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00662456 _____ C:\Windows\system32\atiapfxx.blb
2016-01-24 00:48 - 2016-01-24 00:48 - 00564224 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00370688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-01-24 00:48 - 2016-01-24 00:48 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00294912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00259072 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00203776 _____ C:\Windows\system32\clinfo.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00201216 _____ C:\Windows\system32\amdgfxinfo32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00189440 _____ C:\Windows\system32\atieah32.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00177344 _____ C:\Windows\system32\ativce03.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00175648 _____ C:\Windows\system32\amde31a.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00164352 _____ (AMD) C:\Windows\system32\atitmmxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00158208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atigktxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00142848 _____ C:\Windows\system32\hsa-thunk.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00136624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxpag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00123240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9pag.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00100816 _____ C:\Windows\system32\ativce02.dat
2016-01-24 00:48 - 2016-01-24 00:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00090624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl32.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00059392 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00045056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-01-24 00:48 - 2016-01-24 00:48 - 00043536 _____ C:\Windows\system32\kapp_si.sbin
2016-01-24 00:48 - 2016-01-24 00:48 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00029184 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-01-24 00:48 - 2016-01-24 00:48 - 00000000 ____D C:\Program Files\AMD
2016-01-24 00:41 - 2016-01-24 00:41 - 00073928 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2016-01-24 00:41 - 2016-01-24 00:41 - 00036040 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2016-01-24 00:40 - 2016-01-24 00:40 - 00095808 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-01-24 00:40 - 2016-01-24 00:40 - 00087576 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW73.sys
2016-01-24 00:39 - 2016-01-24 00:39 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-01-24 00:36 - 2016-01-24 00:36 - 00769280 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2016-01-24 00:36 - 2016-01-24 00:36 - 00109648 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2016-01-24 00:36 - 2016-01-24 00:36 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2016-01-24 00:20 - 2016-01-24 17:25 - 00000000 ____D C:\Users\comp\AppData\Local\Microsoft Games
2016-01-24 00:12 - 2016-01-24 00:12 - 00031832 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2016-01-23 23:54 - 2016-01-23 23:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-01-23 16:47 - 2016-01-31 15:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-23 16:43 - 2016-01-25 20:01 - 00000000 ____D C:\Users\comp\AppData\Local\Deployment
2016-01-23 16:43 - 2016-01-25 20:01 - 00000000 ____D C:\Users\comp\AppData\Local\Apps\2.0
2016-01-23 16:43 - 2016-01-24 01:11 - 00000000 ____D C:\Users\comp\AppData\Local\Google
2016-01-23 16:43 - 2016-01-24 01:11 - 00000000 ____D C:\Program Files\Google
2016-01-23 16:39 - 2016-01-24 17:26 - 00000000 ____D C:\Program Files\Realtek
2016-01-23 16:39 - 2016-01-23 16:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-01-23 16:03 - 2016-01-23 16:03 - 00057560 _____ C:\Users\comp\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-23 16:03 - 2016-01-23 16:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-01-23 15:22 - 2016-01-23 16:18 - 00000000 ____D C:\Users\comp\AppData\Local\ElevatedDiagnostics
2016-01-23 15:12 - 2016-02-07 22:52 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-23 15:08 - 2016-01-23 15:08 - 00001417 _____ C:\Users\comp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-23 15:07 - 2016-02-12 23:09 - 00000000 ____D C:\Users\comp\AppData\Local\VirtualStore
2016-01-23 15:07 - 2016-02-12 07:10 - 00000000 ____D C:\Users\comp
2016-01-23 15:07 - 2016-01-23 15:07 - 00000020 ___SH C:\Users\comp\ntuser.ini
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\My Documents
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Videos
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Pictures
2016-01-23 15:07 - 2016-01-23 15:07 - 00000000 _SHDL C:\Users\comp\Documents\My Music
2016-01-22 15:13 - 2016-01-22 15:13 - 00198576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-12 23:09 - 2009-07-14 12:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\registration
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\inf
2016-02-12 23:09 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\AppCompat
2016-02-12 23:08 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\sysprep
2016-02-12 18:14 - 2009-07-14 12:34 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-12 18:14 - 2009-07-14 12:34 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-12 18:07 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-07 22:35 - 2009-07-14 07:47 - 12866560 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-01-31 22:03 - 2009-07-14 10:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-31 15:15 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-26 10:51 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\system32\MUI
2016-01-24 17:26 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\security
2016-01-24 07:05 - 2009-07-14 12:33 - 00257736 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-24 07:02 - 2009-07-14 12:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-01-24 01:29 - 2009-07-14 12:53 - 00011354 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-23 16:33 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\tracing
2016-01-23 15:07 - 2009-07-14 12:34 - 00000000 ____D C:\Windows\Setup
2016-01-23 15:07 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2016-01-31 00:29 - 2016-01-31 00:29 - 0007602 _____ () C:\Users\comp\AppData\Local\Resmon.ResmonCfg
2016-02-12 20:39 - 2016-02-12 20:39 - 0037931 _____ () C:\ProgramData\1455280781.bdinstall.bin
2016-02-12 20:40 - 2016-02-12 20:40 - 0097762 _____ () C:\ProgramData\1455280786.bdinstall.bin
2016-01-24 00:59 - 2016-01-24 00:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-11 19:44

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-02-2016
Ran by comp (2016-02-12 21:18:48)
Running from C:\Users\comp\Desktop
Microsoft Windows 7 Home Basic (X86) (2016-01-23 07:07:19)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1597179411-2372084101-3668902816-500 - Administrator - Disabled)
comp (S-1-5-21-1597179411-2372084101-3668902816-1000 - Administrator - Enabled) => C:\Users\comp
Guest (S-1-5-21-1597179411-2372084101-3668902816-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: Bitdefender Antivirus Free Edition (Disabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Driver Booster 3.2 (HKLM\...\Driver Booster_is1) (Version: 3.2 - IObit)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15BE16E0-9A1C-4C9D-AD36-8C0450AA4A79} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-24] (AVAST Software)
Task: {57AB1A14-DB9C-4C91-A4EC-5E96876F69C5} - System32\Tasks\SafeZone scheduled Autoupdate 1454151524 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {5E80B004-C143-4B38-87E1-48B2FCDEF5D6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1597179411-2372084101-3668902816-1000
Task: {677EEFA3-A2CE-4BD3-9481-5D71E791A08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-24 01:54 - 2015-12-15 13:54 - 00782336 _____ () C:\Program Files\Steam\SDL2.dll
2016-01-24 01:54 - 2015-07-04 00:12 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2016-01-24 01:54 - 2015-07-04 00:12 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2016-01-24 01:54 - 2015-07-04 00:12 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2016-01-24 01:54 - 2016-02-05 05:02 - 02546768 _____ () C:\Program Files\Steam\video.dll
2016-01-24 01:54 - 2015-09-24 08:33 - 02549248 _____ () C:\Program Files\Steam\libavcodec-56.dll
2016-01-24 01:54 - 2015-09-24 08:33 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2016-01-24 01:54 - 2015-09-24 08:33 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2016-01-24 01:54 - 2015-09-24 08:33 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2016-01-24 01:54 - 2015-09-24 08:33 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2016-01-24 01:54 - 2016-02-05 05:01 - 00802896 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2016-01-24 01:54 - 2015-12-30 09:51 - 00208896 _____ () C:\Program Files\Steam\bin\openvr_api.dll
2016-02-07 18:35 - 2016-02-07 18:33 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
2016-01-24 01:54 - 2016-01-06 09:52 - 48387872 _____ () C:\Program Files\Steam\bin\libcef.dll
2016-01-24 01:54 - 2015-09-25 07:56 - 00119208 _____ () C:\Program Files\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1597179411-2372084101-3668902816-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\comp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 121.1.3.81 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80795403-1DEB-4582-B07F-8EAF58C7924A}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{B49DBE99-2EAF-4A6F-958C-29A6197FCED5}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{3C7BE42E-A385-48A9-9E37-17963DDE95FB}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE89A2BE-7D11-42E6-98F3-25CBFFCA9479}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{9440C6E1-A8A6-4C21-9A58-0AAB068FB834}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{97CD9C94-FE6C-41DB-ABAB-BFB8CE86B653}] => (Allow) C:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0179DF71-69E5-48DE-A2FA-EEB2AF2DF37E}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{A35ED699-C84F-48E0-8C92-2B0B19F23DA8}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe
FirewallRules: [{770643B1-521D-49FD-959F-E6449B494F62}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{B84499E9-FBA0-42EF-867D-2B784AEC72E1}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe
FirewallRules: [{6436401D-79C7-4981-8C53-1E72875A8562}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{BB8739A6-B8C2-4724-80EB-78C4F8E4724B}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe
FirewallRules: [{F34C58ED-C95F-4CA8-BA2F-CA5D41BDFC2C}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{9968C1A0-ED67-4830-90AC-1E5FAFB740B4}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe
FirewallRules: [{7FC0CBC0-39FC-4410-849B-2A0591FA6A4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4E356D0C-BCB4-42DA-8A54-6AA4E96E134C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

08-02-2016 02:20:20 02/08/16
09-02-2016 20:24:36 02/08/16
12-02-2016 12:42:17 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/12/2016 09:12:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.2.5884, time stamp: 0x56bbf417
Faulting module name: mozglue.dll, version: 44.0.2.5884, time stamp: 0x56bbe58e
Exception code: 0x80000003
Fault offset: 0x0000ed3b
Faulting process id: 0x1550
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (02/12/2016 09:00:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.19.0, time stamp: 0x55e84649
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc0000005
Fault offset: 0x00051ffe
Faulting process id: 0x80c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3

Error: (02/12/2016 12:49:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc225
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc0000005
Fault offset: 0x00051ffe
Faulting process id: 0xe98
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/11/2016 07:45:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 07:14:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc225
Faulting module name: dwmcore.dll, version: 6.1.7600.16385, time stamp: 0x4a5bda08
Exception code: 0xc0000005
Fault offset: 0x0005fce9
Faulting process id: 0x7d0
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].

Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:53:22 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (02/08/2016 04:52:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: tuscanx.exe, version: 16.13.1.47453, time stamp: 0x566adf2a
Faulting module name: libcef.dll, version: 3.1547.1412.0, time stamp: 0x521884fe
Exception code: 0xc0000005
Fault offset: 0x00e4f3ca
Faulting process id: 0x65c
Faulting application start time: 0xtuscanx.exe0
Faulting application path: tuscanx.exe1
Faulting module path: tuscanx.exe2
Report Id: tuscanx.exe3

Error: (02/08/2016 04:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Faulting module name: TuneUpUtilitiesService32.exe, version: 16.13.1.47453, time stamp: 0x566adf57
Exception code: 0xc0000005
Fault offset: 0x00004e4c
Faulting process id: 0x96c
Faulting application start time: 0xTuneUpUtilitiesService32.exe0
Faulting application path: TuneUpUtilitiesService32.exe1
Faulting module path: TuneUpUtilitiesService32.exe2
Report Id: TuneUpUtilitiesService32.exe3

Error: (02/08/2016 04:00:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: upnp.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb28
Exception code: 0xc0000005
Fault offset: 0x0000845d
Faulting process id: 0x6b4
Faulting application start time: 0xsvchost.exe_wuauserv0
Faulting application path: svchost.exe_wuauserv1
Faulting module path: svchost.exe_wuauserv2
Report Id: svchost.exe_wuauserv3

System errors:
=============
Error: (02/12/2016 09:12:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/12/2016 09:00:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 06:07:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (02/12/2016 12:37:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (02/12/2016 12:35:39 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/12/2016 12:35:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Torch Crash Handler service terminated unexpectedly. It has done this 1 time(s).

==================== Memory info ===========================

Processor: AMD A4-6300 APU with Radeon™ HD Graphics
Percentage of memory in use: 59%
Total physical RAM: 1480.14 MB
Available physical RAM: 599.39 MB
Total Virtual: 2960.29 MB
Available Virtual: 1397.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:429.89 GB) NTFS
Drive e: (Low MB ) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0B3AFE36)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Advertisements

Register to Remove

#11 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 07:45 AM

I was able to do the fix but after performing it successfully, AVG detected it as a virus

I'm not a fan of AVG for many reasoms but one of them is that it flags some well-know security tools as "suspicious" so it's not unusual for that to happen.

You should have seen an improvement but I'd like another scan.

Run Malwarebytes’ Anti-Malware

I noticed that you had MBAM on your system: if you no longer have it, you can download it from here:

start Malwarebytes-Anti-Malware and update it, (“Update” tab}
once it is updated, click on “Scan” tab, select Threat Scan, then click Scan.
when the scan is complete, if no malicious items are found you can close the program
if malicious items are found be sure that everything is checked and click Quarantine
when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
copy and paste the contents of that report in your next reply and exit MBAM.

NOTE: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Can you tell me if there are any outstanding problems.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#12 japjap4

New Member

Authentic Member
13 posts

Posted 12 February 2016 - 08:11 AM

Hi Satchfan,

There seems to be no problem at all aside from a startup repair occurance everytime I reboot. Here's the log you requested:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/12/2016
Scan Time: 10:01 PM
Logfile: aa.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.12.02
Rootkit Database: v2016.02.08.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7
CPU: x86
File System: NTFS
User: comp

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 284037
Time Elapsed: 6 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#13 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 09:03 AM

When did the Startup Repair problem begin?

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#14 japjap4

New Member

Authentic Member
13 posts

Posted 12 February 2016 - 11:04 AM

Hi Satchfan,

If I'm not mistaken, I think it started around the time I downloaded Torch.

#15 Satchfan

SuperHelper

Malware Team
6,813 posts

Interests:LFC, music, more LFC, more music

Posted 12 February 2016 - 04:42 PM

Let’s have a different look.

Download and run ComboFix

Download Combofix from either of the links below.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------

double click on ComboFix.exe & follow the prompts.
when finished, it will produce a report: please post the C:\ComboFix.txt log in your reply.

Satchfan

NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

Also tagged with one or more of these keywords: Virus

Malware Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Weird behavior on my pc Started by ba_jets , 29 Jan 2024 Malware, Virus	0 replies 47,518 views	ba_jets 29 Jan 2024
Virus Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → How do i delete this Virus? (dllhost.exe) Started by Noalch , 11 Dec 2022 Virus, Dllhost.exe, Dllhost and 4 more...	0 replies 32,817 views	Noalch 11 Dec 2022
Virus Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → How do i delete this Virus? (dllhost.exe) Started by Noalch , 11 Dec 2022 Virus, Dllhost.exe, Dllhost and 4 more...	0 replies 24,742 views	Noalch 11 Dec 2022
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → spyware, possibly a virus, programs i cant delete, internet slowing do Started by Tractorboy44 , 26 May 2021 spyware, virus	9 replies 43,432 views	Juliet 28 Jun 2021
Hardware → General Hardware → Apps freeze, trackpad freezes, other strange phenomenon. No explanatio Started by Structure56 , 25 Dec 2019 mac, catalina, virus	1 reply 24,322 views	Tomk 31 Dec 2019

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Body Background

skin color theme

Possible Bandwidth Stealing Virus [Solved]

#1 japjap4

Advertisements

Register to Remove

#2 Satchfan

#3 japjap4

#4 Satchfan

#5 japjap4

#6 Satchfan

#7 Satchfan

#8 japjap4

#9 Satchfan

#10 japjap4

Advertisements

Register to Remove

#11 Satchfan

#12 japjap4

#13 Satchfan

#14 japjap4

#15 Satchfan

Related Topics

Also tagged with one or more of these keywords: Virus

Weird behavior on my pc

How do i delete this Virus? (dllhost.exe)

How do i delete this Virus? (dllhost.exe)

spyware, possibly a virus, programs i cant delete, internet slowing do

Apps freeze, trackpad freezes, other strange phenomenon. No explanatio

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

Possible Bandwidth Stealing Virus [Solved]

#1 japjap4

Advertisements Register to Remove

#2 Satchfan

#3 japjap4

#4 Satchfan

#5 japjap4

#6 Satchfan

#7 Satchfan

#8 japjap4

#9 Satchfan

#10 japjap4

Advertisements Register to Remove

#11 Satchfan

#12 japjap4

#13 Satchfan

#14 japjap4

#15 Satchfan

Related Topics

Also tagged with one or more of these keywords: Virus

Weird behavior on my pc

How do i delete this Virus? (dllhost.exe)

How do i delete this Virus? (dllhost.exe)

spyware, possibly a virus, programs i cant delete, internet slowing do

Apps freeze, trackpad freezes, other strange phenomenon. No explanatio

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove