wasn't aware i even HAD a virus until it was pointed out to me by a person on this site. so according to the instructions, i need to put this thing here...and attach another thing.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20 BrowserJavaVersion: 11.66.2
Run by keith at 9:01:40 on 2016-01-24
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.16279.13606 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Users\keith\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CleanBrowser\BrowserHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
uLocal Page = %11%\blank.htm
mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\keith\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableLUA = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2bd898be-79f2-4096-8ba0-b5c6c2403d8b} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{d523f528-8871-4741-b4b5-21d83209c477} : DHCPNameServer = 192.168.200.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
IFEO: sethc.exe - C:\WINDOWS\System32\msconfig.exe
x64-mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableLUA = dword:0
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-IFEO: sethc.exe - C:\WINDOWS\System32\msconfig.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Profiles\ldx2grfr.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-23 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2016-1-23 273784]
R0 ngvss;ngvss;C:\WINDOWS\System32\drivers\ngvss.sys [2016-1-23 147088]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-23 1065208]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2016-1-23 464256]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-23 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-23 97648]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-23 155304]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-1-23 226440]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-13 1155192]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-11-12 2546184]
R2 Intel(R) ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-2-19 131544]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-11-12 417552]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-13 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-13 5544568]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-13 410744]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-1-23 310904]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-1-23 5561368]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-1-23 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-13 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-11-13 50472]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu.sys [2015-10-30 3764736]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Service;C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [2016-1-12 63840]
R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-10-30 95744]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-23 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-1-14 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-1-17 174368]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-1-23 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2015-11-13 469688]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 sdfhgdf;sdfhgdf;C:\WINDOWS\System32\drivers\sdfhgdf.sys [2016-1-23 23208]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-01-24 08:40:47 -------- d--h--w- C:\$SysReset
2016-01-23 21:59:57 -------- d-----w- C:\WINDOWS\SysWow64\vbox
2016-01-23 21:59:57 -------- d-----w- C:\WINDOWS\System32\vbox
2016-01-23 20:51:55 147088 ----a-w- C:\WINDOWS\System32\drivers\ngvss.sys
2016-01-23 20:51:11 -------- d-----w- C:\Users\keith\AppData\Roaming\AVAST Software
2016-01-23 20:50:49 97648 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2016-01-23 20:50:49 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2016-01-23 20:50:49 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2016-01-23 20:50:49 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2016-01-23 20:50:49 273784 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2016-01-23 20:50:49 155304 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2016-01-23 20:50:49 1065208 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2016-01-23 20:50:48 43112 ----a-w- C:\WINDOWS\avastSS.scr
2016-01-23 20:50:17 -------- d-----w- C:\Program Files\AVAST Software
2016-01-23 20:50:09 -------- d-----w- C:\ProgramData\AVAST Software
2016-01-23 15:00:48 -------- d-----w- C:\Program Files (x86)\execnowait
2016-01-23 15:00:14 -------- d-----w- C:\Users\keith\.VirtualBox
2016-01-23 14:59:11 -------- d-----w- C:\Users\keith\AppData\Local\CleanBrowserApp
2016-01-23 14:58:37 -------- d-----w- C:\Program Files (x86)\CleanBrowser
2016-01-23 14:31:52 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-01-23 14:31:40 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-01-23 14:31:40 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-01-23 14:31:40 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-01-23 14:31:40 -------- d-----w- C:\ProgramData\Malwarebytes
2016-01-23 14:31:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-23 14:21:59 -------- d-----w- C:\Users\keith\AppData\Roaming\Store
2016-01-23 14:21:24 23208 ----a-w- C:\WINDOWS\System32\drivers\sdfhgdf.sys
2016-01-23 14:21:20 -------- d-----w- C:\ProgramData\Service1291
2016-01-23 14:21:20 -------- d-----w- C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-01-23 14:21:15 187904 ----a-w- C:\WINDOWS\rsrcs.dll
2016-01-23 14:14:58 -------- d-----w- C:\ProgramData\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Users\keith\AppData\Roaming\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Program Files\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Program Files (x86)\Avid
2016-01-23 14:10:38 -------- d-----w- C:\Users\keith\AppData\Local\start
2016-01-23 13:23:14 12288 ----a-w- C:\WINDOWS\SysFix.exe
2016-01-23 13:17:46 12800 ----a-w- C:\WINDOWS\amdave64Win.exe
2016-01-23 04:26:16 1349 ----a-w- C:\WINDOWS\run.vbs
2016-01-23 03:02:20 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{876BAEE1-6B5D-40E7-91A0-2F1FE445DA12}\mpengine.dll
2016-01-22 02:31:33 -------- d-----w- C:\Users\keith\AppData\Local\Google
2016-01-22 01:41:55 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{838AF98B-AB5B-40B8-BD91-AA227294AE4F}\gapaengine.dll
2016-01-22 01:41:48 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-01-19 19:44:03 -------- d-----w- C:\Users\keith\AppData\Local\LogMeIn Hamachi
2016-01-19 19:44:03 -------- d-----w- C:\Users\keith\AppData\Local\LogMeIn
2016-01-19 19:44:03 -------- d-----w- C:\ProgramData\LogMeIn
2016-01-19 19:43:42 -------- d---a-w- C:\Program Files (x86)\LogMeIn Hamachi
2016-01-19 19:28:53 -------- d-----w- C:\Users\keith\AppData\Roaming\java
2016-01-19 19:28:52 -------- d-----w- C:\Users\keith\AppData\Roaming\.minecraft
2016-01-19 07:28:01 -------- d-----w- C:\Users\keith\AppData\Roaming\Origin
2016-01-19 07:26:53 -------- d-----w- C:\ProgramData\Origin
2016-01-19 07:26:40 -------- d---a-w- C:\Program Files (x86)\Origin
2016-01-18 23:46:59 -------- d---a-w- C:\Program Files (x86)\Sonic and Knuckles & Sonic 3
2016-01-18 23:23:25 -------- d-----w- C:\Users\keith\AppData\Local\Macromedia
2016-01-18 23:22:48 -------- d-----w- C:\Users\keith\AppData\Local\Adobe
2016-01-18 23:19:49 -------- d-----w- C:\Users\keith\.oracle_jre_usage
2016-01-18 23:19:47 97888 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2016-01-18 23:19:38 -------- d-----w- C:\ProgramData\Oracle
2016-01-17 06:44:41 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2016-01-16 07:04:07 -------- d-----w- C:\Users\keith\AppData\Roaming\LolClient
2016-01-15 23:42:10 -------- d-----w- C:\Users\keith\AppData\Local\Programs
2016-01-15 04:40:58 -------- d-----w- C:\Users\keith\AppData\Local\Risk_of_Rain
2016-01-15 02:47:27 -------- d-----w- C:\Program Files (x86)\Hearthstone
2016-01-14 11:39:17 -------- d-----w- C:\Windows.old
2016-01-14 11:37:29 -------- d-----w- C:\WINDOWS\System32\Microsoft
2016-01-14 11:36:39 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2016-01-14 11:36:39 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2016-01-14 11:36:39 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 11:36:37 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2016-01-14 11:36:37 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 11:36:37 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2016-01-14 08:46:05 -------- d-sh--we C:\ProgramData\Documents
2016-01-14 08:46:05 -------- d-sh--w- C:\Recovery
2016-01-14 08:44:28 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2016-01-14 08:44:28 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2016-01-14 08:43:33 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2016-01-14 08:41:59 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2016-01-14 08:41:54 -------- d-----w- C:\Program Files\NVIDIA Corporation
2016-01-14 08:41:54 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2016-01-14 08:41:48 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2016-01-14 08:41:48 -------- d-----w- C:\Program Files\Realtek
2016-01-14 08:41:32 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2016-01-14 06:29:11 -------- d-----w- C:\Users\keith\AppData\Local\PackageStaging
2016-01-14 05:10:58 -------- d-----w- C:\Users\keith\AppData\Roaming\NVIDIA
2016-01-14 05:04:27 -------- d-----w- C:\Users\keith\AppData\Local\Warframe
2016-01-14 03:08:21 -------- d-----w- C:\Users\keith\AppData\Roaming\DarkSoulsII
2016-01-14 01:21:46 -------- d-----w- C:\ProgramData\Riot Games
2016-01-14 01:20:45 467984 ----a-w- C:\WINDOWS\SysWow64\d3dx10_39.dll
2016-01-14 01:20:45 1493528 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
2016-01-14 01:20:44 3851784 ----a-w- C:\WINDOWS\SysWow64\D3DX9_39.dll
2016-01-14 01:20:40 -------- d-----w- C:\Riot Games
2016-01-14 01:15:43 -------- d-----w- C:\Users\keith\AppData\Roaming\Riot Games
2016-01-14 00:33:06 -------- d-----w- C:\Users\keith\AppData\Local\Rockstar Games
2016-01-14 00:32:58 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2016-01-14 00:32:48 -------- d-----w- C:\Program Files\Rockstar Games
2016-01-13 19:27:49 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2016-01-13 19:27:48 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2016-01-13 19:27:48 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2016-01-13 19:27:48 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntfNT.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntf32.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntf16.dll
2016-01-13 19:27:43 610436 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2016-01-13 11:42:59 749056 ----a-w- C:\WINDOWS\System32\PhoneService.dll
2016-01-13 09:39:50 -------- d-----w- C:\Users\keith\AppData\Local\ActiveSync
2016-01-13 08:48:44 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2016-01-13 08:17:59 83736 ----a-w- C:\WINDOWS\System32\xinput1_2.dll
2016-01-12 20:50:02 40264 ----a-w- C:\WINDOWS\System32\nvhdap64.dll
2016-01-12 20:50:02 206152 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys
2016-01-12 20:50:02 1567560 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll
2016-01-12 20:49:50 63840 ----a-w- C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
2016-01-12 20:49:50 1795952 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
2016-01-12 20:49:50 129312 ----a-w- C:\WINDOWS\System32\drivers\TeeDriverx64.sys
2016-01-12 19:56:40 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-01-12 19:56:39 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A6ECF08-6ACD-40AB-94DD-CABBB7F91F1B}\gapaengine.dll
2016-01-12 19:56:28 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2016-01-12 19:55:15 -------- d-----w- C:\WINDOWS\System32\MRT
2016-01-12 18:09:10 -------- d---a-w- C:\Program Files (x86)\StarCraft II
2016-01-12 18:07:53 -------- d-----w- C:\Users\keith\AppData\Local\Blizzard Entertainment
2016-01-12 18:07:48 -------- d-----w- C:\Users\keith\AppData\Local\Battle.net
2016-01-12 18:07:48 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2016-01-12 18:07:13 -------- d---a-w- C:\Program Files (x86)\Battle.net
2016-01-12 18:06:59 -------- d-----w- C:\Users\keith\AppData\Roaming\Battle.net
2016-01-12 18:06:31 -------- d-----w- C:\ProgramData\Battle.net
2016-01-12 17:49:13 -------- d-----w- C:\Users\keith\AppData\Local\Steam
2016-01-12 17:49:13 -------- d-----w- C:\Users\keith\AppData\Local\CEF
2016-01-12 17:48:00 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-01-12 17:47:59 -------- d-----w- C:\Program Files (x86)\Steam
2016-01-12 17:47:10 -------- d-----w- C:\Users\keith\Tracing
2016-01-12 17:46:13 -------- d-----r- C:\Program Files (x86)\Skype
2016-01-12 17:43:39 -------- d-----r- C:\Users\keith\OneDrive
2016-01-12 17:43:32 -------- d-----w- C:\Users\keith\AppData\Local\MicrosoftEdge
2016-01-12 17:43:15 -------- d-----w- C:\Users\keith\AppData\Local\Comms
2016-01-12 17:42:06 -------- d-----w- C:\Users\keith\AppData\Local\Publishers
2016-01-12 17:42:01 -------- d-----r- C:\Users\keith\Searches
2016-01-12 17:42:01 -------- d-----r- C:\Users\keith\Contacts
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\VirtualStore
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\NVIDIA Corporation
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\NVIDIA
2016-01-12 17:41:59 -------- d-----w- C:\Users\keith\AppData\Local\TileDataLayer
2016-01-12 17:41:59 -------- d-----w- C:\Users\keith\AppData\Local\Packages
2016-01-12 17:41:57 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-HOS1RG7_defaultuser0_HistoryPrediction.bin
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Videos
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Saved Games
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Pictures
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Music
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Links
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Downloads
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Documents
2016-01-04 14:15:34 44544 ----a-w- C:\Users\keith\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
.
==================== Find3M ====================
.
2016-01-14 11:38:51 983464 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2016-01-05 02:51:20 7477600 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-01-05 02:51:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-01-05 02:51:19 1141496 ----a-w- C:\WINDOWS\System32\winload.exe
2016-01-05 02:50:53 713568 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-01-05 02:50:44 1173344 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-01-05 02:50:11 671472 ----a-w- C:\WINDOWS\System32\advapi32.dll
2016-01-05 02:49:06 513888 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-01-05 02:48:22 499432 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2016-01-05 02:45:30 2587696 ----a-w- C:\WINDOWS\System32\msxml6.dll
2016-01-05 02:42:27 2026736 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2016-01-05 02:37:53 2544256 ----a-w- C:\WINDOWS\System32\mfcore.dll
2016-01-05 02:37:52 858952 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2016-01-05 02:37:52 848160 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2016-01-05 02:37:52 1299504 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2016-01-05 02:37:51 785088 ----a-w- C:\WINDOWS\System32\evr.dll
2016-01-05 02:37:50 245840 ----a-w- C:\WINDOWS\System32\mfps.dll
2016-01-05 02:37:47 234504 ----a-w- C:\WINDOWS\System32\mftranscode.dll
2016-01-05 02:36:37 808800 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2016-01-05 02:33:24 2180128 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2016-01-05 02:33:19 1118208 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2016-01-05 02:33:18 701384 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2016-01-05 02:33:18 652312 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2016-01-05 02:33:17 709688 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2016-01-05 02:33:17 208176 ----a-w- C:\WINDOWS\SysWow64\mftranscode.dll
2016-01-05 02:33:16 116728 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2016-01-05 02:31:38 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-01-05 02:27:02 1594408 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-01-05 02:24:13 796352 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-01-05 02:23:42 1309376 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-01-05 02:23:32 786696 ----a-w- C:\WINDOWS\System32\WMADMOD.DLL
2016-01-05 02:23:12 1804664 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll
2016-01-05 02:23:10 119320 ----a-w- C:\WINDOWS\System32\MP3DMOD.DLL
2016-01-05 02:21:26 1371792 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-01-05 02:17:18 695752 ----a-w- C:\WINDOWS\SysWow64\WMADMOD.DLL
2016-01-05 02:16:58 100160 ----a-w- C:\WINDOWS\SysWow64\MP3DMOD.DLL
2016-01-05 01:59:10 22393856 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-01-05 01:57:09 76288 ----a-w- C:\WINDOWS\System32\RMSRoamingSecurity.dll
2016-01-05 01:57:06 43520 ----a-w- C:\WINDOWS\System32\usermgrcli.dll
2016-01-05 01:57:00 16986112 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-01-05 01:56:09 145920 ----a-w- C:\WINDOWS\System32\omadmclient.exe
2016-01-05 01:54:30 162816 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-01-05 01:53:00 148992 ----a-w- C:\WINDOWS\System32\wshom.ocx
2016-01-05 01:52:39 210432 ----a-w- C:\WINDOWS\System32\aepic.dll
2016-01-05 01:51:51 472576 ----a-w- C:\WINDOWS\System32\DscCore.dll
2016-01-05 01:51:09 248832 ----a-w- C:\WINDOWS\System32\UserMgrProxy.dll
2016-01-05 01:50:20 208896 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2016-01-05 01:50:17 638464 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2016-01-05 01:50:14 644096 ----a-w- C:\WINDOWS\System32\uReFS.dll
2016-01-05 01:49:34 1255936 ----a-w- C:\WINDOWS\System32\WMSPDMOE.DLL
2016-01-05 01:49:30 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-01-05 01:49:25 1582080 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2016-01-05 01:49:16 13018624 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-01-05 01:49:15 167936 ----a-w- C:\WINDOWS\System32\ProximityCommon.dll
2016-01-05 01:48:52 1009152 ----a-w- C:\WINDOWS\System32\WMSPDMOD.DLL
2016-01-05 01:48:14 34816 ----a-w- C:\WINDOWS\SysWow64\usermgrcli.dll
2016-01-05 01:48:02 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2016-01-05 01:47:41 305664 ----a-w- C:\WINDOWS\System32\ksproxy.ax
2016-01-05 01:47:25 628736 ----a-w- C:\WINDOWS\System32\MessagingDataModel2.dll
2016-01-05 01:47:17 479232 ----a-w- C:\WINDOWS\System32\schannel.dll
2016-01-05 01:45:22 678912 ----a-w- C:\WINDOWS\System32\qedit.dll
2016-01-05 01:45:17 275968 ----a-w- C:\WINDOWS\System32\facecredentialprovider.dll
2016-01-05 01:44:16 125440 ----a-w- C:\WINDOWS\SysWow64\wshom.ocx
2016-01-05 01:43:59 604672 ----a-w- C:\WINDOWS\System32\vbscript.dll
2016-01-05 01:43:47 912384 ----a-w- C:\WINDOWS\System32\usermgr.dll
2016-01-05 01:43:38 584704 ----a-w- C:\WINDOWS\System32\winlogon.exe
2016-01-05 01:42:34 166912 ----a-w- C:\WINDOWS\SysWow64\UserMgrProxy.dll
2016-01-05 01:41:55 18677760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-01-05 01:41:45 558592 ----a-w- C:\WINDOWS\SysWow64\uReFS.dll
2016-01-05 01:41:00 1070080 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
2016-01-05 01:40:48 123392 ----a-w- C:\WINDOWS\SysWow64\ProximityCommon.dll
2016-01-05 01:40:28 890880 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
2016-01-05 01:39:45 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2016-01-05 01:39:27 235008 ----a-w- C:\WINDOWS\SysWow64\ksproxy.ax
2016-01-05 01:39:26 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2016-01-05 01:39:12 498176 ----a-w- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
2016-01-05 01:38:55 389120 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
2016-01-05 01:36:38 573440 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2016-01-05 01:36:11 503296 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2016-01-05 01:33:02 1674240 ----a-w- C:\WINDOWS\System32\quartz.dll
2016-01-05 01:30:15 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2016-01-05 01:29:50 3667456 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2016-01-05 01:28:41 4894720 ----a-w- C:\WINDOWS\System32\jscript9.dll
2016-01-05 01:28:32 1542656 ----a-w- C:\WINDOWS\SysWow64\quartz.dll
2016-01-05 01:28:31 7826432 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-01-05 01:25:44 5660160 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-01-03 01:40:25 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-01-03 01:40:25 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-12-18 22:08:18 194976 ----a-w- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys
2015-12-18 22:08:18 117768 ----a-w- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys
2015-11-19 13:49:04 16148 ----a-w- C:\WINDOWS\System32\WIN-RAHE4U6GL12_Administrator_HistoryPrediction.bin
2015-11-12 16:47:06 45680 ----a-w- C:\WINDOWS\System32\drivers\Hamdrv.sys
2015-10-30 09:06:56 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2015-10-30 09:03:16 6359040 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-10-30 09:03:16 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-10-30 09:03:16 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-10-30 09:03:15 4847616 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-10-30 09:03:15 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-10-30 09:02:01 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2015-10-30 09:02:00 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
.
============= FINISH: 9:04:56.49 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20 BrowserJavaVersion: 11.66.2
Run by keith at 9:01:40 on 2016-01-24
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.16279.13606 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Users\keith\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CleanBrowser\BrowserHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\CleanBrowser\app\bin\nwjs\0.12\win-x86\nw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = Google
uLocal Page = %11%\blank.htm
mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\keith\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableLUA = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2bd898be-79f2-4096-8ba0-b5c6c2403d8b} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{d523f528-8871-4741-b4b5-21d83209c477} : DHCPNameServer = 192.168.200.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
IFEO: sethc.exe - C:\WINDOWS\System32\msconfig.exe
x64-mWinlogon: Userinit = wscript C:\WINDOWS\run.vbs,
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableLUA = dword:0
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-IFEO: sethc.exe - C:\WINDOWS\System32\msconfig.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Profiles\ldx2grfr.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-23 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2016-1-23 273784]
R0 ngvss;ngvss;C:\WINDOWS\System32\drivers\ngvss.sys [2016-1-23 147088]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-23 1065208]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2016-1-23 464256]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-23 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-23 97648]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-23 155304]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-1-23 226440]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-13 1155192]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-11-12 2546184]
R2 Intel(R) ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-2-19 131544]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-11-12 417552]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-13 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-11-13 5544568]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-13 410744]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-1-23 310904]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-1-23 5561368]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-1-23 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-13 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-11-13 50472]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu.sys [2015-10-30 3764736]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Service;C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [2016-1-12 63840]
R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-10-30 95744]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-23 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-1-14 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-1-17 174368]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-1-23 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2015-11-13 469688]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 sdfhgdf;sdfhgdf;C:\WINDOWS\System32\drivers\sdfhgdf.sys [2016-1-23 23208]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-01-24 08:40:47 -------- d--h--w- C:\$SysReset
2016-01-23 21:59:57 -------- d-----w- C:\WINDOWS\SysWow64\vbox
2016-01-23 21:59:57 -------- d-----w- C:\WINDOWS\System32\vbox
2016-01-23 20:51:55 147088 ----a-w- C:\WINDOWS\System32\drivers\ngvss.sys
2016-01-23 20:51:11 -------- d-----w- C:\Users\keith\AppData\Roaming\AVAST Software
2016-01-23 20:50:49 97648 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2016-01-23 20:50:49 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2016-01-23 20:50:49 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2016-01-23 20:50:49 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2016-01-23 20:50:49 273784 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2016-01-23 20:50:49 155304 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2016-01-23 20:50:49 1065208 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2016-01-23 20:50:48 43112 ----a-w- C:\WINDOWS\avastSS.scr
2016-01-23 20:50:17 -------- d-----w- C:\Program Files\AVAST Software
2016-01-23 20:50:09 -------- d-----w- C:\ProgramData\AVAST Software
2016-01-23 15:00:48 -------- d-----w- C:\Program Files (x86)\execnowait
2016-01-23 15:00:14 -------- d-----w- C:\Users\keith\.VirtualBox
2016-01-23 14:59:11 -------- d-----w- C:\Users\keith\AppData\Local\CleanBrowserApp
2016-01-23 14:58:37 -------- d-----w- C:\Program Files (x86)\CleanBrowser
2016-01-23 14:31:52 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-01-23 14:31:40 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-01-23 14:31:40 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-01-23 14:31:40 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-01-23 14:31:40 -------- d-----w- C:\ProgramData\Malwarebytes
2016-01-23 14:31:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-23 14:21:59 -------- d-----w- C:\Users\keith\AppData\Roaming\Store
2016-01-23 14:21:24 23208 ----a-w- C:\WINDOWS\System32\drivers\sdfhgdf.sys
2016-01-23 14:21:20 -------- d-----w- C:\ProgramData\Service1291
2016-01-23 14:21:20 -------- d-----w- C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2016-01-23 14:21:15 187904 ----a-w- C:\WINDOWS\rsrcs.dll
2016-01-23 14:14:58 -------- d-----w- C:\ProgramData\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Users\keith\AppData\Roaming\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Program Files\Avid
2016-01-23 14:10:56 -------- d-----w- C:\Program Files (x86)\Avid
2016-01-23 14:10:38 -------- d-----w- C:\Users\keith\AppData\Local\start
2016-01-23 13:23:14 12288 ----a-w- C:\WINDOWS\SysFix.exe
2016-01-23 13:17:46 12800 ----a-w- C:\WINDOWS\amdave64Win.exe
2016-01-23 04:26:16 1349 ----a-w- C:\WINDOWS\run.vbs
2016-01-23 03:02:20 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{876BAEE1-6B5D-40E7-91A0-2F1FE445DA12}\mpengine.dll
2016-01-22 02:31:33 -------- d-----w- C:\Users\keith\AppData\Local\Google
2016-01-22 01:41:55 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{838AF98B-AB5B-40B8-BD91-AA227294AE4F}\gapaengine.dll
2016-01-22 01:41:48 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-01-19 19:44:03 -------- d-----w- C:\Users\keith\AppData\Local\LogMeIn Hamachi
2016-01-19 19:44:03 -------- d-----w- C:\Users\keith\AppData\Local\LogMeIn
2016-01-19 19:44:03 -------- d-----w- C:\ProgramData\LogMeIn
2016-01-19 19:43:42 -------- d---a-w- C:\Program Files (x86)\LogMeIn Hamachi
2016-01-19 19:28:53 -------- d-----w- C:\Users\keith\AppData\Roaming\java
2016-01-19 19:28:52 -------- d-----w- C:\Users\keith\AppData\Roaming\.minecraft
2016-01-19 07:28:01 -------- d-----w- C:\Users\keith\AppData\Roaming\Origin
2016-01-19 07:26:53 -------- d-----w- C:\ProgramData\Origin
2016-01-19 07:26:40 -------- d---a-w- C:\Program Files (x86)\Origin
2016-01-18 23:46:59 -------- d---a-w- C:\Program Files (x86)\Sonic and Knuckles & Sonic 3
2016-01-18 23:23:25 -------- d-----w- C:\Users\keith\AppData\Local\Macromedia
2016-01-18 23:22:48 -------- d-----w- C:\Users\keith\AppData\Local\Adobe
2016-01-18 23:19:49 -------- d-----w- C:\Users\keith\.oracle_jre_usage
2016-01-18 23:19:47 97888 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2016-01-18 23:19:38 -------- d-----w- C:\ProgramData\Oracle
2016-01-17 06:44:41 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2016-01-16 07:04:07 -------- d-----w- C:\Users\keith\AppData\Roaming\LolClient
2016-01-15 23:42:10 -------- d-----w- C:\Users\keith\AppData\Local\Programs
2016-01-15 04:40:58 -------- d-----w- C:\Users\keith\AppData\Local\Risk_of_Rain
2016-01-15 02:47:27 -------- d-----w- C:\Program Files (x86)\Hearthstone
2016-01-14 11:39:17 -------- d-----w- C:\Windows.old
2016-01-14 11:37:29 -------- d-----w- C:\WINDOWS\System32\Microsoft
2016-01-14 11:36:39 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2016-01-14 11:36:39 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2016-01-14 11:36:39 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 11:36:37 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2016-01-14 11:36:37 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2016-01-14 11:36:37 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2016-01-14 08:46:05 -------- d-sh--we C:\ProgramData\Documents
2016-01-14 08:46:05 -------- d-sh--w- C:\Recovery
2016-01-14 08:44:28 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2016-01-14 08:44:28 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2016-01-14 08:43:33 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2016-01-14 08:41:59 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2016-01-14 08:41:54 -------- d-----w- C:\Program Files\NVIDIA Corporation
2016-01-14 08:41:54 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2016-01-14 08:41:48 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2016-01-14 08:41:48 -------- d-----w- C:\Program Files\Realtek
2016-01-14 08:41:32 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2016-01-14 06:29:11 -------- d-----w- C:\Users\keith\AppData\Local\PackageStaging
2016-01-14 05:10:58 -------- d-----w- C:\Users\keith\AppData\Roaming\NVIDIA
2016-01-14 05:04:27 -------- d-----w- C:\Users\keith\AppData\Local\Warframe
2016-01-14 03:08:21 -------- d-----w- C:\Users\keith\AppData\Roaming\DarkSoulsII
2016-01-14 01:21:46 -------- d-----w- C:\ProgramData\Riot Games
2016-01-14 01:20:45 467984 ----a-w- C:\WINDOWS\SysWow64\d3dx10_39.dll
2016-01-14 01:20:45 1493528 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
2016-01-14 01:20:44 3851784 ----a-w- C:\WINDOWS\SysWow64\D3DX9_39.dll
2016-01-14 01:20:40 -------- d-----w- C:\Riot Games
2016-01-14 01:15:43 -------- d-----w- C:\Users\keith\AppData\Roaming\Riot Games
2016-01-14 00:33:06 -------- d-----w- C:\Users\keith\AppData\Local\Rockstar Games
2016-01-14 00:32:58 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2016-01-14 00:32:48 -------- d-----w- C:\Program Files\Rockstar Games
2016-01-13 19:27:49 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2016-01-13 19:27:48 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2016-01-13 19:27:48 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2016-01-13 19:27:48 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntfNT.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntf32.dll
2016-01-13 19:27:47 0 ----a-w- C:\WINDOWS\SysWow64\SIntf16.dll
2016-01-13 19:27:43 610436 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2016-01-13 11:42:59 749056 ----a-w- C:\WINDOWS\System32\PhoneService.dll
2016-01-13 09:39:50 -------- d-----w- C:\Users\keith\AppData\Local\ActiveSync
2016-01-13 08:48:44 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2016-01-13 08:17:59 83736 ----a-w- C:\WINDOWS\System32\xinput1_2.dll
2016-01-12 20:50:02 40264 ----a-w- C:\WINDOWS\System32\nvhdap64.dll
2016-01-12 20:50:02 206152 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys
2016-01-12 20:50:02 1567560 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll
2016-01-12 20:49:50 63840 ----a-w- C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
2016-01-12 20:49:50 1795952 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
2016-01-12 20:49:50 129312 ----a-w- C:\WINDOWS\System32\drivers\TeeDriverx64.sys
2016-01-12 19:56:40 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-01-12 19:56:39 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A6ECF08-6ACD-40AB-94DD-CABBB7F91F1B}\gapaengine.dll
2016-01-12 19:56:28 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2016-01-12 19:55:15 -------- d-----w- C:\WINDOWS\System32\MRT
2016-01-12 18:09:10 -------- d---a-w- C:\Program Files (x86)\StarCraft II
2016-01-12 18:07:53 -------- d-----w- C:\Users\keith\AppData\Local\Blizzard Entertainment
2016-01-12 18:07:48 -------- d-----w- C:\Users\keith\AppData\Local\Battle.net
2016-01-12 18:07:48 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2016-01-12 18:07:13 -------- d---a-w- C:\Program Files (x86)\Battle.net
2016-01-12 18:06:59 -------- d-----w- C:\Users\keith\AppData\Roaming\Battle.net
2016-01-12 18:06:31 -------- d-----w- C:\ProgramData\Battle.net
2016-01-12 17:49:13 -------- d-----w- C:\Users\keith\AppData\Local\Steam
2016-01-12 17:49:13 -------- d-----w- C:\Users\keith\AppData\Local\CEF
2016-01-12 17:48:00 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-01-12 17:47:59 -------- d-----w- C:\Program Files (x86)\Steam
2016-01-12 17:47:10 -------- d-----w- C:\Users\keith\Tracing
2016-01-12 17:46:13 -------- d-----r- C:\Program Files (x86)\Skype
2016-01-12 17:43:39 -------- d-----r- C:\Users\keith\OneDrive
2016-01-12 17:43:32 -------- d-----w- C:\Users\keith\AppData\Local\MicrosoftEdge
2016-01-12 17:43:15 -------- d-----w- C:\Users\keith\AppData\Local\Comms
2016-01-12 17:42:06 -------- d-----w- C:\Users\keith\AppData\Local\Publishers
2016-01-12 17:42:01 -------- d-----r- C:\Users\keith\Searches
2016-01-12 17:42:01 -------- d-----r- C:\Users\keith\Contacts
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\VirtualStore
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\NVIDIA Corporation
2016-01-12 17:42:00 -------- d-----w- C:\Users\keith\AppData\Local\NVIDIA
2016-01-12 17:41:59 -------- d-----w- C:\Users\keith\AppData\Local\TileDataLayer
2016-01-12 17:41:59 -------- d-----w- C:\Users\keith\AppData\Local\Packages
2016-01-12 17:41:57 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-HOS1RG7_defaultuser0_HistoryPrediction.bin
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Videos
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Saved Games
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Pictures
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Music
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Links
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Downloads
2016-01-12 17:41:38 -------- d-----r- C:\Users\keith\Documents
2016-01-04 14:15:34 44544 ----a-w- C:\Users\keith\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
.
==================== Find3M ====================
.
2016-01-14 11:38:51 983464 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2016-01-05 02:51:20 7477600 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-01-05 02:51:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-01-05 02:51:19 1141496 ----a-w- C:\WINDOWS\System32\winload.exe
2016-01-05 02:50:53 713568 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-01-05 02:50:44 1173344 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-01-05 02:50:11 671472 ----a-w- C:\WINDOWS\System32\advapi32.dll
2016-01-05 02:49:06 513888 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-01-05 02:48:22 499432 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2016-01-05 02:45:30 2587696 ----a-w- C:\WINDOWS\System32\msxml6.dll
2016-01-05 02:42:27 2026736 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2016-01-05 02:37:53 2544256 ----a-w- C:\WINDOWS\System32\mfcore.dll
2016-01-05 02:37:52 858952 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2016-01-05 02:37:52 848160 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2016-01-05 02:37:52 1299504 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2016-01-05 02:37:51 785088 ----a-w- C:\WINDOWS\System32\evr.dll
2016-01-05 02:37:50 245840 ----a-w- C:\WINDOWS\System32\mfps.dll
2016-01-05 02:37:47 234504 ----a-w- C:\WINDOWS\System32\mftranscode.dll
2016-01-05 02:36:37 808800 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2016-01-05 02:33:24 2180128 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2016-01-05 02:33:19 1118208 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2016-01-05 02:33:18 701384 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2016-01-05 02:33:18 652312 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2016-01-05 02:33:17 709688 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2016-01-05 02:33:17 208176 ----a-w- C:\WINDOWS\SysWow64\mftranscode.dll
2016-01-05 02:33:16 116728 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2016-01-05 02:31:38 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-01-05 02:27:02 1594408 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-01-05 02:24:13 796352 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-01-05 02:23:42 1309376 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-01-05 02:23:32 786696 ----a-w- C:\WINDOWS\System32\WMADMOD.DLL
2016-01-05 02:23:12 1804664 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll
2016-01-05 02:23:10 119320 ----a-w- C:\WINDOWS\System32\MP3DMOD.DLL
2016-01-05 02:21:26 1371792 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-01-05 02:17:18 695752 ----a-w- C:\WINDOWS\SysWow64\WMADMOD.DLL
2016-01-05 02:16:58 100160 ----a-w- C:\WINDOWS\SysWow64\MP3DMOD.DLL
2016-01-05 01:59:10 22393856 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-01-05 01:57:09 76288 ----a-w- C:\WINDOWS\System32\RMSRoamingSecurity.dll
2016-01-05 01:57:06 43520 ----a-w- C:\WINDOWS\System32\usermgrcli.dll
2016-01-05 01:57:00 16986112 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-01-05 01:56:09 145920 ----a-w- C:\WINDOWS\System32\omadmclient.exe
2016-01-05 01:54:30 162816 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-01-05 01:53:00 148992 ----a-w- C:\WINDOWS\System32\wshom.ocx
2016-01-05 01:52:39 210432 ----a-w- C:\WINDOWS\System32\aepic.dll
2016-01-05 01:51:51 472576 ----a-w- C:\WINDOWS\System32\DscCore.dll
2016-01-05 01:51:09 248832 ----a-w- C:\WINDOWS\System32\UserMgrProxy.dll
2016-01-05 01:50:20 208896 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2016-01-05 01:50:17 638464 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2016-01-05 01:50:14 644096 ----a-w- C:\WINDOWS\System32\uReFS.dll
2016-01-05 01:49:34 1255936 ----a-w- C:\WINDOWS\System32\WMSPDMOE.DLL
2016-01-05 01:49:30 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-01-05 01:49:25 1582080 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2016-01-05 01:49:16 13018624 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-01-05 01:49:15 167936 ----a-w- C:\WINDOWS\System32\ProximityCommon.dll
2016-01-05 01:48:52 1009152 ----a-w- C:\WINDOWS\System32\WMSPDMOD.DLL
2016-01-05 01:48:14 34816 ----a-w- C:\WINDOWS\SysWow64\usermgrcli.dll
2016-01-05 01:48:02 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2016-01-05 01:47:41 305664 ----a-w- C:\WINDOWS\System32\ksproxy.ax
2016-01-05 01:47:25 628736 ----a-w- C:\WINDOWS\System32\MessagingDataModel2.dll
2016-01-05 01:47:17 479232 ----a-w- C:\WINDOWS\System32\schannel.dll
2016-01-05 01:45:22 678912 ----a-w- C:\WINDOWS\System32\qedit.dll
2016-01-05 01:45:17 275968 ----a-w- C:\WINDOWS\System32\facecredentialprovider.dll
2016-01-05 01:44:16 125440 ----a-w- C:\WINDOWS\SysWow64\wshom.ocx
2016-01-05 01:43:59 604672 ----a-w- C:\WINDOWS\System32\vbscript.dll
2016-01-05 01:43:47 912384 ----a-w- C:\WINDOWS\System32\usermgr.dll
2016-01-05 01:43:38 584704 ----a-w- C:\WINDOWS\System32\winlogon.exe
2016-01-05 01:42:34 166912 ----a-w- C:\WINDOWS\SysWow64\UserMgrProxy.dll
2016-01-05 01:41:55 18677760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-01-05 01:41:45 558592 ----a-w- C:\WINDOWS\SysWow64\uReFS.dll
2016-01-05 01:41:00 1070080 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
2016-01-05 01:40:48 123392 ----a-w- C:\WINDOWS\SysWow64\ProximityCommon.dll
2016-01-05 01:40:28 890880 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
2016-01-05 01:39:45 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2016-01-05 01:39:27 235008 ----a-w- C:\WINDOWS\SysWow64\ksproxy.ax
2016-01-05 01:39:26 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2016-01-05 01:39:12 498176 ----a-w- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
2016-01-05 01:38:55 389120 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
2016-01-05 01:36:38 573440 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2016-01-05 01:36:11 503296 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2016-01-05 01:33:02 1674240 ----a-w- C:\WINDOWS\System32\quartz.dll
2016-01-05 01:30:15 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2016-01-05 01:29:50 3667456 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2016-01-05 01:28:41 4894720 ----a-w- C:\WINDOWS\System32\jscript9.dll
2016-01-05 01:28:32 1542656 ----a-w- C:\WINDOWS\SysWow64\quartz.dll
2016-01-05 01:28:31 7826432 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-01-05 01:25:44 5660160 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-01-03 01:40:25 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-01-03 01:40:25 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-12-18 22:08:18 194976 ----a-w- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys
2015-12-18 22:08:18 117768 ----a-w- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys
2015-11-19 13:49:04 16148 ----a-w- C:\WINDOWS\System32\WIN-RAHE4U6GL12_Administrator_HistoryPrediction.bin
2015-11-12 16:47:06 45680 ----a-w- C:\WINDOWS\System32\drivers\Hamdrv.sys
2015-10-30 09:06:56 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2015-10-30 09:03:16 6359040 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-10-30 09:03:16 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-10-30 09:03:16 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-10-30 09:03:15 4847616 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-10-30 09:03:15 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-10-30 09:02:01 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2015-10-30 09:02:00 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
.
============= FINISH: 9:04:56.49 ===============