I am having an issue with two taskeng.exe windows popping up immediatly and going away instantly. I posted this issue to microsoft support however they had me run dir /s /a C:\windows\Tasks > 0 & notepad 0 and one of lines read as 08/28/2016 11:23 AM <DIR> ImCleanDisabled. The tech said that it could be redirecting malware.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18427
Run by ThatGuyDGAF at 7:30:24 on 2016-08-31
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.32708.28315 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
A:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
A:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\ThatGuyDGAF\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\ThatGuyDGAF\AppData\Local\razer\InGameEngine\cache\RzSynapse\RzCefRenderProcess.exe
A:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
A:\Program Files (x86)\Steam\Steam.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
A:\Program Files (x86)\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?gws_rd=ssl
mWinlogon: Userinit = userinit.exe
uRun: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
mRun: [Live Update] A:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [Kraken71ChromaHelper] C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe /start
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoSimpleNetIDList = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.62 209.18.47.61
TCP: Interfaces\{D402C876-9624-4A53-BEDE-0837C956509A} : DHCPNameServer = 209.18.47.62 209.18.47.61
SSODL: WebCheck - <orphaned>
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ThatGuyDGAF\AppData\Roaming\Mozilla\Firefox\Profiles\qb3yqbgi.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/#gws_rd=ssl
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2016-8-28 1469952]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2016-8-28 31712]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2016-8-27 20464]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-8-28 27552]
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9;C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-8-28 452384]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GamingApp_Service;GamingApp_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2016-8-30 39888]
R2 GamingHotkey_Service;GamingHotkey_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2016-8-30 2019792]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-8-30 1163712]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-3-11 260360]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-20 154584]
R2 MBAMScheduler;MBAMScheduler;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-8-28 1514464]
R2 MBAMService;MBAMService;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-8-28 1136608]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service;C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2016-8-30 54200]
R2 MSI_LiveUpdate_Service;MSI Live Update Service;A:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2016-8-30 2227152]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-8-30 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-8-30 2521024]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service;C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2016-8-18 69744]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-4 188072]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2016-8-31 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2016-8-31 130880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-8-30 424384]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2015-2-12 139992]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2016-8-28 444656]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2016-8-28 511952]
R3 I2cHkBurn;I2cHkBurn;C:\Windows\System32\drivers\I2cHkBurn.sys [2016-8-30 41760]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2016-8-27 383984]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2016-8-27 795120]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-8-28 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-8-28 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-8-28 64896]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-8-30 26560]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-8-30 3632576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2016-8-30 56384]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2016-6-22 51736]
R3 rzmpos;rzmpos;C:\Windows\System32\drivers\rzmpos.sys [2016-6-22 47632]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2016-6-22 203280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-8-28 2960672]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-8-28 1409032]
S3 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2016-8-28 249320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-8-28 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [2009-8-12 28984]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;D:\NTIOLib_X64.sys [2011-6-28 11888]
S3 Origin Client Service;Origin Client Service;A:\Program Files (x86)\Origin\OriginClientService.exe [2016-8-30 2122248]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-8-14 1310448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-8-30 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-8-30 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2016-8-30 1255736]
.
=============== Created Last 30 ================
.
2016-08-31 12:50:18 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2016-08-31 12:50:18 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2016-08-31 12:50:18 322560 ----a-w- C:\Windows\System32\aaclient.dll
2016-08-31 12:50:18 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2016-08-31 12:50:18 1050112 ----a-w- C:\Windows\SysWow64\mstsc.exe
2016-08-31 12:50:17 5780480 ----a-w- C:\Windows\System32\mstscax.dll
2016-08-31 12:50:17 4922368 ----a-w- C:\Windows\SysWow64\mstscax.dll
2016-08-31 12:50:17 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll
2016-08-31 12:50:17 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2016-08-31 12:50:17 1125888 ----a-w- C:\Windows\System32\mstsc.exe
2016-08-31 10:27:00 130880 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2016-08-31 10:26:55 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2016-08-31 10:25:06 -------- d-----w- C:\Program Files\Razer Chroma SDK
2016-08-31 10:25:06 -------- d-----w- C:\Program Files (x86)\Razer Chroma SDK
2016-08-31 10:23:59 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Razer
2016-08-31 02:48:00 133056 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2016-08-31 02:47:59 45344 ----a-w- C:\Windows\System32\vulkaninfo.exe
2016-08-31 02:47:59 40224 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2016-08-31 02:47:59 130848 ----a-w- C:\Windows\System32\vulkan-1.dll
2016-08-31 02:47:59 129824 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2016-08-31 02:47:59 -------- d-----w- C:\Program Files (x86)\VulkanRT
2016-08-30 23:06:30 -------- d-----w- C:\Windows\SysWow64\Wat
2016-08-30 23:06:30 -------- d-----w- C:\Windows\System32\Wat
2016-08-30 22:55:47 7168 ----a-w- C:\Windows\System32\kbdgeoqw.dll
2016-08-30 22:55:47 7168 ----a-w- C:\Windows\System32\KBDAZEL.DLL
2016-08-30 22:55:47 69120 ----a-w- C:\Windows\SysWow64\nlsbres.dll
2016-08-30 22:55:47 69120 ----a-w- C:\Windows\System32\nlsbres.dll
2016-08-30 22:55:47 6656 ----a-w- C:\Windows\SysWow64\kbdgeoqw.dll
2016-08-30 22:55:47 6656 ----a-w- C:\Windows\SysWow64\KBDAZEL.DLL
2016-08-30 22:55:09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2016-08-30 22:55:09 22528 ----a-w- C:\Windows\System32\icaapi.dll
2016-08-30 22:53:43 96768 ----a-w- C:\Windows\System32\fsutil.exe
2016-08-30 22:53:43 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2016-08-30 22:53:43 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2016-08-30 22:53:43 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2016-08-30 22:53:43 2565632 ----a-w- C:\Windows\System32\esent.dll
2016-08-30 22:53:43 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2016-08-30 22:53:43 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2016-08-30 22:53:43 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2016-08-30 22:53:43 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2016-08-30 22:49:12 -------- d-----w- C:\Windows\SysWow64\LiveUpdate
2016-08-30 22:46:02 -------- d-----w- C:\Program Files\MSI Kombustor 3
2016-08-30 22:45:56 11248 ----a-w- C:\Windows\acpimof.dll
2016-08-30 22:43:41 -------- d-----w- C:\NVIDIA
2016-08-30 20:36:03 -------- d-s---w- C:\Windows\System32\CompatTel
2016-08-30 20:36:03 -------- d-----w- C:\Windows\System32\appraiser
2016-08-30 15:14:59 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2016-08-30 15:14:59 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2016-08-30 15:14:59 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2016-08-30 15:14:59 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2016-08-30 15:14:59 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2016-08-30 15:14:59 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2016-08-30 15:14:59 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2016-08-30 15:11:03 396800 ----a-w- C:\Windows\System32\webio.dll
2016-08-30 15:11:03 316416 ----a-w- C:\Windows\SysWow64\webio.dll
2016-08-30 15:10:48 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2016-08-30 15:10:46 165888 ----a-w- C:\Windows\System32\charmap.exe
2016-08-30 15:10:46 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2016-08-30 15:10:43 3218944 ----a-w- C:\Windows\System32\win32k.sys
2016-08-30 15:10:43 20352 ----a-w- C:\Windows\System32\kdusb.dll
2016-08-30 15:10:43 19328 ----a-w- C:\Windows\System32\kd1394.dll
2016-08-30 15:10:43 17792 ----a-w- C:\Windows\System32\kdcom.dll
2016-08-30 14:03:06 -------- d--h--w- C:\Program Files\Common Files\EAInstaller
2016-08-30 13:41:09 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\Origin
2016-08-30 13:41:07 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Origin
2016-08-30 13:40:44 -------- d-----w- C:\ProgramData\Origin
2016-08-30 13:40:43 -------- d-----w- C:\ProgramData\Electronic Arts
2016-08-29 13:59:00 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2016-08-29 13:59:00 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2016-08-29 13:57:52 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2016-08-29 03:39:13 82432 ----a-w- C:\Windows\SysWow64\davclnt.dll
2016-08-29 03:38:54 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2016-08-29 03:38:54 118272 ----a-w- C:\Windows\System32\drivers\tdx.sys
2016-08-29 03:38:21 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2016-08-29 03:38:21 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2016-08-29 03:07:10 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2016-08-29 03:06:51 95744 ----a-w- C:\Windows\System32\synceng.dll
2016-08-29 03:06:51 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2016-08-29 03:06:51 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2016-08-29 03:06:51 59392 ----a-w- C:\Windows\System32\browcli.dll
2016-08-29 03:06:51 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2016-08-29 03:06:51 136704 ----a-w- C:\Windows\System32\browser.dll
2016-08-29 03:06:30 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2016-08-29 03:06:30 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2016-08-29 03:06:30 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2016-08-29 03:06:30 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2016-08-29 03:06:30 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2016-08-29 02:50:01 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 02:50:01 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 02:48:17 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2016-08-29 02:48:17 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2016-08-29 02:48:17 8856 ----a-w- C:\Windows\System32\icardres.dll
2016-08-29 02:48:17 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2016-08-29 02:48:17 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2016-08-29 02:48:17 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2016-08-29 02:48:15 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2016-08-29 02:48:15 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2016-08-29 02:38:32 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Macromedia
2016-08-29 02:36:59 950784 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2016-08-29 02:32:49 193536 ----a-w- C:\Windows\System32\notepad.exe
2016-08-29 02:32:49 193536 ----a-w- C:\Windows\notepad.exe
2016-08-29 02:32:49 179712 ----a-w- C:\Windows\SysWow64\notepad.exe
2016-08-29 02:29:53 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-08-29 02:29:44 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-08-29 02:29:44 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-08-29 02:29:44 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-08-29 02:29:44 -------- d-----w- C:\ProgramData\Malwarebytes
2016-08-29 02:23:58 -------- d-----w- C:\17c39c808cc9ef32bf09f34450ad8f6a
2016-08-28 22:54:21 142336 ----a-w- C:\Windows\System32\poqexec.exe
2016-08-28 22:54:21 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2016-08-28 22:27:54 -------- d-----w- C:\49dd0777aa29d35e1423
2016-08-28 18:59:07 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\OBS
2016-08-28 18:13:58 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\NVIDIA
2016-08-28 18:11:13 -------- d-----w- C:\Program Files (x86)\Overwolf
2016-08-28 18:11:13 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2016-08-28 18:11:10 -------- d-----w- C:\ProgramData\Overwolf
2016-08-28 18:05:20 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Overwolf
2016-08-28 17:59:29 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Ubisoft Game Launcher
2016-08-28 17:54:35 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Steam
2016-08-28 17:54:35 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\CEF
2016-08-28 17:53:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-08-28 17:38:49 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-08-28 17:38:49 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-08-28 17:38:11 -------- d-----w- C:\Windows\System32\DAX2
2016-08-28 17:35:47 444656 ----a-w- C:\Windows\System32\drivers\asmtxhci.sys
2016-08-28 17:28:36 27424 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2016-08-28 17:27:41 90608 ----a-w- C:\Windows\System32\NicInstD.dll
2016-08-28 17:27:41 80848 ----a-w- C:\Windows\System32\e1dmsg.dll
2016-08-28 17:27:41 511952 ----a-w- C:\Windows\System32\drivers\e1d62x64.sys
2016-08-28 17:27:41 125728 ----a-w- C:\Windows\System32\NicCo4.dll
2016-08-28 17:27:32 31712 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2016-08-28 17:27:32 1469952 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2016-08-28 17:26:48 181304 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys
2016-08-28 17:23:26 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\ProductData
2016-08-28 17:23:25 -------- d-----w- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-08-28 17:23:24 -------- d-----w- C:\Program Files (x86)\Common Files\IObit
2016-08-28 17:23:22 -------- d-----w- C:\Program Files (x86)\IObit
2016-08-28 17:23:11 -------- d-----w- C:\Windows\IObit
2016-08-28 17:23:11 -------- d-----w- C:\ProgramData\ProductData
2016-08-28 17:22:59 27552 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2016-08-28 17:22:59 -------- d-----w- C:\ProgramData\IObit
2016-08-28 17:22:58 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\IObit
2016-08-28 17:22:36 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Programs
2016-08-28 17:20:18 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Mozilla
2016-08-28 17:20:13 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 05:51:50 -------- d-----w- C:\Windows\Panther
2016-08-28 04:08:32 -------- d-----w- C:\72f6987d2d0faf88aa98eb
2016-08-28 04:08:13 -------- d-----w- C:\039ee18a0401433fb7c88ec4
2016-08-28 03:56:36 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-28 03:41:46 -------- d-----w- C:\Windows\System32\SPReview
2016-08-28 03:41:42 -------- d-----w- C:\Windows\System32\EventProviders
2016-08-28 03:26:52 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\NVIDIA
2016-08-28 03:20:50 -------- d-----w- C:\Windows\Migration
2016-08-28 03:18:11 -------- d-----w- C:\Windows\System32\MRT
2016-08-28 03:15:27 304128 ----a-w- C:\Windows\System32\EOSNotify.exe
2016-08-28 03:10:31 -------- d-----w- C:\Program Files (x86)\Common Files\PostureAgent
2016-08-28 03:10:08 -------- d-----w- C:\Users\ThatGuyDGAF\Intel
2016-08-28 03:07:23 20464 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2016-08-28 03:07:18 795120 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2016-08-28 03:07:18 383984 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2016-08-28 03:07:07 -------- d-----w- C:\Intel
2016-08-28 03:06:31 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2016-08-28 03:05:03 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2016-08-28 03:04:59 403256 ----a-r- C:\Windows\System32\PROUnstl.exe
2016-08-28 03:04:11 16896 ----a-w- C:\Windows\AsTaskSched.dll
2016-08-28 03:04:11 -------- d-----w- C:\Windows\MEI
2016-08-28 03:04:08 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2016-08-28 03:04:08 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2016-08-28 03:04:08 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2016-08-28 03:03:48 -------- d-----w- C:\Windows\SysWow64\RTCOM
2016-08-28 03:03:48 -------- d-----w- C:\Program Files\Realtek
2016-08-28 03:03:04 -------- d-----w- C:\Program Files (x86)\Realtek
2016-08-28 03:03:02 -------- d--h--w- C:\Program Files (x86)\Temp
2016-08-28 03:02:41 -------- d-sh--w- C:\Windows\Installer
2016-08-28 03:02:41 -------- d-----w- C:\ProgramData\Package Cache
2016-08-17 08:39:32 101488 ----a-w- C:\Windows\SysWow64\RzChromaSDK.dll
2016-08-17 08:39:22 108656 ----a-w- C:\Windows\System32\RzChromaSDK64.dll
2016-08-12 02:59:52 48768 ----a-w- C:\Windows\SysWow64\RzAPIChromaSDK.dll
.
==================== Find3M ====================
.
2016-08-30 22:54:55 950272 ----a-w- C:\Windows\System32\perftrack.dll
2016-08-28 17:37:58 5085952 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2016-08-28 03:57:26 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2016-08-28 03:56:36 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-28 03:42:47 175616 ----a-w- C:\Windows\System32\msclmd.dll
2016-08-28 03:42:47 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2016-08-25 21:10:08 6385720 ----a-w- C:\Windows\System32\nvcpl.dll
2016-08-25 21:10:08 2475064 ----a-w- C:\Windows\System32\nvsvc64.dll
2016-08-25 21:10:06 1764408 ----a-w- C:\Windows\System32\nvsvcr.dll
2016-08-25 21:10:06 1362368 ----a-w- C:\Windows\System32\nvvsvc.exe
2016-08-25 21:10:05 81856 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2016-08-25 21:10:05 71224 ----a-w- C:\Windows\System32\nvshext.dll
2016-08-25 21:10:05 548408 ----a-w- C:\Windows\System32\nv3dappshext.dll
2016-08-25 21:10:05 393784 ----a-w- C:\Windows\System32\nvmctray.dll
2016-08-22 15:18:03 7320235 ----a-w- C:\Windows\System32\nvcoproc.bin
2016-08-02 06:47:38 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-08-02 06:47:27 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-08-02 06:32:37 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-08-02 06:31:55 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-08-02 06:31:49 417792 ----a-w- C:\Windows\System32\html.iec
2016-08-02 06:31:32 572416 ----a-w- C:\Windows\System32\vbscript.dll
2016-08-02 06:31:14 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-08-02 06:19:01 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-08-02 06:19:01 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-08-02 06:18:44 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-08-02 06:18:32 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-08-02 06:11:45 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-08-02 06:03:48 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-08-02 06:00:28 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-08-02 05:51:57 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-08-02 05:51:49 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-08-02 05:51:12 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-08-02 05:51:03 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-08-02 05:50:11 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-08-02 05:41:43 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-08-02 05:41:24 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-08-02 05:37:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-08-02 05:36:40 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-08-02 05:29:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-08-02 05:23:24 2868224 ----a-w- C:\Windows\System32\wininet.dll
2016-08-02 05:21:20 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-08-02 05:14:32 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-08-02 05:14:02 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-08-02 04:56:28 2393088 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-07-26 19:24:24 504488 ------w- C:\Windows\System32\MpSigStub.exe
2016-07-26 03:18:24 15816 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2016-07-08 15:37:53 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-07-08 15:37:53 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-07-08 15:17:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-07-08 15:17:01 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-07-08 15:03:44 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-07-08 14:57:09 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-07-08 14:56:37 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-07-08 14:56:34 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-07-08 14:55:51 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-07-08 14:55:06 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-07-08 14:50:51 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-06-26 00:35:09 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-06-26 00:27:39 756736 ----a-w- C:\Windows\System32\win32spl.dll
2016-06-26 00:27:32 344576 ----a-w- C:\Windows\System32\ntprint.dll
2016-06-26 00:27:26 970240 ----a-w- C:\Windows\System32\localspl.dll
2016-06-26 00:27:25 22528 ----a-w- C:\Windows\System32\inetppui.dll
2016-06-26 00:27:25 166400 ----a-w- C:\Windows\System32\inetpp.dll
2016-06-26 00:27:07 1208320 ----a-w- C:\Windows\System32\aeinv.dll
2016-06-25 19:54:03 497152 ----a-w- C:\Windows\SysWow64\win32spl.dll
2016-06-25 19:53:56 297472 ----a-w- C:\Windows\SysWow64\ntprint.dll
2016-06-25 19:53:05 48640 ----a-w- C:\Windows\System32\wpnpinst.exe
2016-06-25 19:53:04 61952 ----a-w- C:\Windows\System32\ntprint.exe
2016-06-25 19:41:53 61952 ----a-w- C:\Windows\SysWow64\ntprint.exe
2016-06-22 17:06:38 1730328 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2016-06-22 17:06:34 203280 ----a-w- C:\Windows\System32\drivers\rzudd.sys
2016-06-22 17:06:32 47632 ----a-w- C:\Windows\System32\drivers\rzmpos.sys
2016-06-22 17:06:24 51736 ----a-w- C:\Windows\System32\drivers\rzendpt.sys
2016-06-22 13:06:29 268800 ----a-w- C:\Windows\System32\centel.dll
2016-06-17 18:24:29 571904 ----a-w- C:\Windows\System32\generaltel.dll
2016-06-17 18:24:29 544256 ----a-w- C:\Windows\System32\devinv.dll
2016-06-17 18:24:29 294912 ----a-w- C:\Windows\System32\invagent.dll
2016-06-17 18:24:28 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-06-17 18:24:28 219136 ----a-w- C:\Windows\System32\aepic.dll
2016-06-17 18:24:28 1490432 ----a-w- C:\Windows\System32\appraiser.dll
2016-06-14 20:01:27 1377800 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2016-06-14 20:01:27 1316184 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2016-06-14 20:01:07 1767944 ----a-w- C:\Windows\System32\nvspcap64.dll
2016-06-14 20:01:07 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
2016-06-14 20:01:07 112216 ----a-w- C:\Windows\System32\NvRtmpStreamer64.dll
2016-06-14 15:21:17 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2016-06-13 01:43:10 161752 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2016-06-13 01:43:10 110040 ----a-w- C:\Windows\SysWow64\rzvirtualdev.dll
2016-06-13 01:43:08 99288 ----a-w- C:\Windows\SysWow64\RzBTLE.dll
2016-06-13 01:43:08 97752 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
2016-06-13 01:43:08 554968 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2016-06-13 01:43:08 1409496 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2016-06-13 01:43:08 123352 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2016-06-07 09:35:08 222664 ----a-w- C:\Windows\System32\OpenCL.dll
2016-06-07 09:35:08 212032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-06-07 09:30:02 1590336 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2016-06-07 09:29:42 1580488 ----a-w- C:\Windows\System32\nvdispgenco6436839.dll
2016-06-07 09:29:36 1931328 ----a-w- C:\Windows\System32\nvdispco6436839.dll
.
============= FINISH: 7:30:35.29 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18427
Run by ThatGuyDGAF at 7:30:24 on 2016-08-31
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.32708.28315 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
A:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
A:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\ThatGuyDGAF\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Users\ThatGuyDGAF\AppData\Local\razer\InGameEngine\cache\RzSynapse\RzCefRenderProcess.exe
A:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
A:\Program Files (x86)\Steam\Steam.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\system32\taskhost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
A:\Program Files (x86)\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?gws_rd=ssl
mWinlogon: Userinit = userinit.exe
uRun: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
mRun: [Live Update] A:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [Kraken71ChromaHelper] C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe /start
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoSimpleNetIDList = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.62 209.18.47.61
TCP: Interfaces\{D402C876-9624-4A53-BEDE-0837C956509A} : DHCPNameServer = 209.18.47.62 209.18.47.61
SSODL: WebCheck - <orphaned>
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ThatGuyDGAF\AppData\Roaming\Mozilla\Firefox\Profiles\qb3yqbgi.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/#gws_rd=ssl
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2016-8-28 1469952]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2016-8-28 31712]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2016-8-27 20464]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-8-28 27552]
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9;C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-8-28 452384]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GamingApp_Service;GamingApp_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2016-8-30 39888]
R2 GamingHotkey_Service;GamingHotkey_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2016-8-30 2019792]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-8-30 1163712]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-3-11 260360]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-20 154584]
R2 MBAMScheduler;MBAMScheduler;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-8-28 1514464]
R2 MBAMService;MBAMService;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-8-28 1136608]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service;C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2016-8-30 54200]
R2 MSI_LiveUpdate_Service;MSI Live Update Service;A:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2016-8-30 2227152]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-8-30 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-8-30 2521024]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service;C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2016-8-18 69744]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-4 188072]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2016-8-31 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2016-8-31 130880]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-8-30 424384]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2015-2-12 139992]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2016-8-28 444656]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2016-8-28 511952]
R3 I2cHkBurn;I2cHkBurn;C:\Windows\System32\drivers\I2cHkBurn.sys [2016-8-30 41760]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2016-8-27 383984]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2016-8-27 795120]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-8-28 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-8-28 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-8-28 64896]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-8-30 26560]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-8-30 3632576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2016-8-30 56384]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2016-6-22 51736]
R3 rzmpos;rzmpos;C:\Windows\System32\drivers\rzmpos.sys [2016-6-22 47632]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2016-6-22 203280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-8-28 2960672]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-8-28 1409032]
S3 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2016-8-28 249320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-8-28 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [2009-8-12 28984]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;D:\NTIOLib_X64.sys [2011-6-28 11888]
S3 Origin Client Service;Origin Client Service;A:\Program Files (x86)\Origin\OriginClientService.exe [2016-8-30 2122248]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-8-14 1310448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-8-30 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-8-30 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2016-8-30 1255736]
.
=============== Created Last 30 ================
.
2016-08-31 12:50:18 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2016-08-31 12:50:18 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2016-08-31 12:50:18 322560 ----a-w- C:\Windows\System32\aaclient.dll
2016-08-31 12:50:18 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2016-08-31 12:50:18 1050112 ----a-w- C:\Windows\SysWow64\mstsc.exe
2016-08-31 12:50:17 5780480 ----a-w- C:\Windows\System32\mstscax.dll
2016-08-31 12:50:17 4922368 ----a-w- C:\Windows\SysWow64\mstscax.dll
2016-08-31 12:50:17 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll
2016-08-31 12:50:17 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2016-08-31 12:50:17 1125888 ----a-w- C:\Windows\System32\mstsc.exe
2016-08-31 10:27:00 130880 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2016-08-31 10:26:55 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2016-08-31 10:25:06 -------- d-----w- C:\Program Files\Razer Chroma SDK
2016-08-31 10:25:06 -------- d-----w- C:\Program Files (x86)\Razer Chroma SDK
2016-08-31 10:23:59 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Razer
2016-08-31 02:48:00 133056 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2016-08-31 02:47:59 45344 ----a-w- C:\Windows\System32\vulkaninfo.exe
2016-08-31 02:47:59 40224 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2016-08-31 02:47:59 130848 ----a-w- C:\Windows\System32\vulkan-1.dll
2016-08-31 02:47:59 129824 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2016-08-31 02:47:59 -------- d-----w- C:\Program Files (x86)\VulkanRT
2016-08-30 23:06:30 -------- d-----w- C:\Windows\SysWow64\Wat
2016-08-30 23:06:30 -------- d-----w- C:\Windows\System32\Wat
2016-08-30 22:55:47 7168 ----a-w- C:\Windows\System32\kbdgeoqw.dll
2016-08-30 22:55:47 7168 ----a-w- C:\Windows\System32\KBDAZEL.DLL
2016-08-30 22:55:47 69120 ----a-w- C:\Windows\SysWow64\nlsbres.dll
2016-08-30 22:55:47 69120 ----a-w- C:\Windows\System32\nlsbres.dll
2016-08-30 22:55:47 6656 ----a-w- C:\Windows\SysWow64\kbdgeoqw.dll
2016-08-30 22:55:47 6656 ----a-w- C:\Windows\SysWow64\KBDAZEL.DLL
2016-08-30 22:55:09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2016-08-30 22:55:09 22528 ----a-w- C:\Windows\System32\icaapi.dll
2016-08-30 22:53:43 96768 ----a-w- C:\Windows\System32\fsutil.exe
2016-08-30 22:53:43 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2016-08-30 22:53:43 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2016-08-30 22:53:43 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2016-08-30 22:53:43 2565632 ----a-w- C:\Windows\System32\esent.dll
2016-08-30 22:53:43 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2016-08-30 22:53:43 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2016-08-30 22:53:43 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2016-08-30 22:53:43 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2016-08-30 22:49:12 -------- d-----w- C:\Windows\SysWow64\LiveUpdate
2016-08-30 22:46:02 -------- d-----w- C:\Program Files\MSI Kombustor 3
2016-08-30 22:45:56 11248 ----a-w- C:\Windows\acpimof.dll
2016-08-30 22:43:41 -------- d-----w- C:\NVIDIA
2016-08-30 20:36:03 -------- d-s---w- C:\Windows\System32\CompatTel
2016-08-30 20:36:03 -------- d-----w- C:\Windows\System32\appraiser
2016-08-30 15:14:59 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2016-08-30 15:14:59 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2016-08-30 15:14:59 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2016-08-30 15:14:59 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2016-08-30 15:14:59 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2016-08-30 15:14:59 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2016-08-30 15:14:59 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2016-08-30 15:11:03 396800 ----a-w- C:\Windows\System32\webio.dll
2016-08-30 15:11:03 316416 ----a-w- C:\Windows\SysWow64\webio.dll
2016-08-30 15:10:48 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2016-08-30 15:10:46 165888 ----a-w- C:\Windows\System32\charmap.exe
2016-08-30 15:10:46 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2016-08-30 15:10:43 3218944 ----a-w- C:\Windows\System32\win32k.sys
2016-08-30 15:10:43 20352 ----a-w- C:\Windows\System32\kdusb.dll
2016-08-30 15:10:43 19328 ----a-w- C:\Windows\System32\kd1394.dll
2016-08-30 15:10:43 17792 ----a-w- C:\Windows\System32\kdcom.dll
2016-08-30 14:03:06 -------- d--h--w- C:\Program Files\Common Files\EAInstaller
2016-08-30 13:41:09 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\Origin
2016-08-30 13:41:07 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Origin
2016-08-30 13:40:44 -------- d-----w- C:\ProgramData\Origin
2016-08-30 13:40:43 -------- d-----w- C:\ProgramData\Electronic Arts
2016-08-29 13:59:00 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2016-08-29 13:59:00 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2016-08-29 13:57:52 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2016-08-29 03:39:13 82432 ----a-w- C:\Windows\SysWow64\davclnt.dll
2016-08-29 03:38:54 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2016-08-29 03:38:54 118272 ----a-w- C:\Windows\System32\drivers\tdx.sys
2016-08-29 03:38:21 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2016-08-29 03:38:21 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2016-08-29 03:07:10 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2016-08-29 03:06:51 95744 ----a-w- C:\Windows\System32\synceng.dll
2016-08-29 03:06:51 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2016-08-29 03:06:51 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2016-08-29 03:06:51 59392 ----a-w- C:\Windows\System32\browcli.dll
2016-08-29 03:06:51 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2016-08-29 03:06:51 136704 ----a-w- C:\Windows\System32\browser.dll
2016-08-29 03:06:30 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2016-08-29 03:06:30 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2016-08-29 03:06:30 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2016-08-29 03:06:30 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2016-08-29 03:06:30 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2016-08-29 02:50:01 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 02:50:01 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-08-29 02:48:17 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2016-08-29 02:48:17 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2016-08-29 02:48:17 8856 ----a-w- C:\Windows\System32\icardres.dll
2016-08-29 02:48:17 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2016-08-29 02:48:17 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2016-08-29 02:48:17 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2016-08-29 02:48:15 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2016-08-29 02:48:15 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2016-08-29 02:38:32 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Macromedia
2016-08-29 02:36:59 950784 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2016-08-29 02:32:49 193536 ----a-w- C:\Windows\System32\notepad.exe
2016-08-29 02:32:49 193536 ----a-w- C:\Windows\notepad.exe
2016-08-29 02:32:49 179712 ----a-w- C:\Windows\SysWow64\notepad.exe
2016-08-29 02:29:53 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-08-29 02:29:44 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-08-29 02:29:44 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-08-29 02:29:44 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-08-29 02:29:44 -------- d-----w- C:\ProgramData\Malwarebytes
2016-08-29 02:23:58 -------- d-----w- C:\17c39c808cc9ef32bf09f34450ad8f6a
2016-08-28 22:54:21 142336 ----a-w- C:\Windows\System32\poqexec.exe
2016-08-28 22:54:21 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2016-08-28 22:27:54 -------- d-----w- C:\49dd0777aa29d35e1423
2016-08-28 18:59:07 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\OBS
2016-08-28 18:13:58 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\NVIDIA
2016-08-28 18:11:13 -------- d-----w- C:\Program Files (x86)\Overwolf
2016-08-28 18:11:13 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2016-08-28 18:11:10 -------- d-----w- C:\ProgramData\Overwolf
2016-08-28 18:05:20 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Overwolf
2016-08-28 17:59:29 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Ubisoft Game Launcher
2016-08-28 17:54:35 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Steam
2016-08-28 17:54:35 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\CEF
2016-08-28 17:53:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2016-08-28 17:38:49 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-08-28 17:38:49 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-08-28 17:38:11 -------- d-----w- C:\Windows\System32\DAX2
2016-08-28 17:35:47 444656 ----a-w- C:\Windows\System32\drivers\asmtxhci.sys
2016-08-28 17:28:36 27424 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2016-08-28 17:27:41 90608 ----a-w- C:\Windows\System32\NicInstD.dll
2016-08-28 17:27:41 80848 ----a-w- C:\Windows\System32\e1dmsg.dll
2016-08-28 17:27:41 511952 ----a-w- C:\Windows\System32\drivers\e1d62x64.sys
2016-08-28 17:27:41 125728 ----a-w- C:\Windows\System32\NicCo4.dll
2016-08-28 17:27:32 31712 ----a-w- C:\Windows\System32\drivers\iaStorF.sys
2016-08-28 17:27:32 1469952 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2016-08-28 17:26:48 181304 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys
2016-08-28 17:23:26 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\ProductData
2016-08-28 17:23:25 -------- d-----w- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-08-28 17:23:24 -------- d-----w- C:\Program Files (x86)\Common Files\IObit
2016-08-28 17:23:22 -------- d-----w- C:\Program Files (x86)\IObit
2016-08-28 17:23:11 -------- d-----w- C:\Windows\IObit
2016-08-28 17:23:11 -------- d-----w- C:\ProgramData\ProductData
2016-08-28 17:22:59 27552 ----a-w- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
2016-08-28 17:22:59 -------- d-----w- C:\ProgramData\IObit
2016-08-28 17:22:58 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Roaming\IObit
2016-08-28 17:22:36 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Programs
2016-08-28 17:20:18 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\Mozilla
2016-08-28 17:20:13 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 05:51:50 -------- d-----w- C:\Windows\Panther
2016-08-28 04:08:32 -------- d-----w- C:\72f6987d2d0faf88aa98eb
2016-08-28 04:08:13 -------- d-----w- C:\039ee18a0401433fb7c88ec4
2016-08-28 03:56:36 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-28 03:41:46 -------- d-----w- C:\Windows\System32\SPReview
2016-08-28 03:41:42 -------- d-----w- C:\Windows\System32\EventProviders
2016-08-28 03:26:52 -------- d-----w- C:\Users\ThatGuyDGAF\AppData\Local\NVIDIA
2016-08-28 03:20:50 -------- d-----w- C:\Windows\Migration
2016-08-28 03:18:11 -------- d-----w- C:\Windows\System32\MRT
2016-08-28 03:15:27 304128 ----a-w- C:\Windows\System32\EOSNotify.exe
2016-08-28 03:10:31 -------- d-----w- C:\Program Files (x86)\Common Files\PostureAgent
2016-08-28 03:10:08 -------- d-----w- C:\Users\ThatGuyDGAF\Intel
2016-08-28 03:07:23 20464 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2016-08-28 03:07:18 795120 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2016-08-28 03:07:18 383984 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2016-08-28 03:07:07 -------- d-----w- C:\Intel
2016-08-28 03:06:31 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2016-08-28 03:05:03 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2016-08-28 03:04:59 403256 ----a-r- C:\Windows\System32\PROUnstl.exe
2016-08-28 03:04:11 16896 ----a-w- C:\Windows\AsTaskSched.dll
2016-08-28 03:04:11 -------- d-----w- C:\Windows\MEI
2016-08-28 03:04:08 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2016-08-28 03:04:08 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2016-08-28 03:04:08 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2016-08-28 03:03:48 -------- d-----w- C:\Windows\SysWow64\RTCOM
2016-08-28 03:03:48 -------- d-----w- C:\Program Files\Realtek
2016-08-28 03:03:04 -------- d-----w- C:\Program Files (x86)\Realtek
2016-08-28 03:03:02 -------- d--h--w- C:\Program Files (x86)\Temp
2016-08-28 03:02:41 -------- d-sh--w- C:\Windows\Installer
2016-08-28 03:02:41 -------- d-----w- C:\ProgramData\Package Cache
2016-08-17 08:39:32 101488 ----a-w- C:\Windows\SysWow64\RzChromaSDK.dll
2016-08-17 08:39:22 108656 ----a-w- C:\Windows\System32\RzChromaSDK64.dll
2016-08-12 02:59:52 48768 ----a-w- C:\Windows\SysWow64\RzAPIChromaSDK.dll
.
==================== Find3M ====================
.
2016-08-30 22:54:55 950272 ----a-w- C:\Windows\System32\perftrack.dll
2016-08-28 17:37:58 5085952 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2016-08-28 03:57:26 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2016-08-28 03:56:36 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-28 03:42:47 175616 ----a-w- C:\Windows\System32\msclmd.dll
2016-08-28 03:42:47 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2016-08-25 21:10:08 6385720 ----a-w- C:\Windows\System32\nvcpl.dll
2016-08-25 21:10:08 2475064 ----a-w- C:\Windows\System32\nvsvc64.dll
2016-08-25 21:10:06 1764408 ----a-w- C:\Windows\System32\nvsvcr.dll
2016-08-25 21:10:06 1362368 ----a-w- C:\Windows\System32\nvvsvc.exe
2016-08-25 21:10:05 81856 ----a-w- C:\Windows\System32\nv3dappshextr.dll
2016-08-25 21:10:05 71224 ----a-w- C:\Windows\System32\nvshext.dll
2016-08-25 21:10:05 548408 ----a-w- C:\Windows\System32\nv3dappshext.dll
2016-08-25 21:10:05 393784 ----a-w- C:\Windows\System32\nvmctray.dll
2016-08-22 15:18:03 7320235 ----a-w- C:\Windows\System32\nvcoproc.bin
2016-08-02 06:47:38 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-08-02 06:47:27 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-08-02 06:32:37 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-08-02 06:31:55 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-08-02 06:31:49 417792 ----a-w- C:\Windows\System32\html.iec
2016-08-02 06:31:32 572416 ----a-w- C:\Windows\System32\vbscript.dll
2016-08-02 06:31:14 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-08-02 06:19:01 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-08-02 06:19:01 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-08-02 06:18:44 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-08-02 06:18:32 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-08-02 06:11:45 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-08-02 06:03:48 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-08-02 06:00:28 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-08-02 05:51:57 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-08-02 05:51:49 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-08-02 05:51:12 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-08-02 05:51:03 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-08-02 05:50:11 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-08-02 05:41:43 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-08-02 05:41:24 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-08-02 05:37:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-08-02 05:36:40 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-08-02 05:29:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-08-02 05:23:24 2868224 ----a-w- C:\Windows\System32\wininet.dll
2016-08-02 05:21:20 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-08-02 05:14:32 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-08-02 05:14:02 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-08-02 04:56:28 2393088 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-07-26 19:24:24 504488 ------w- C:\Windows\System32\MpSigStub.exe
2016-07-26 03:18:24 15816 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2016-07-08 15:37:53 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-07-08 15:37:53 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-07-08 15:17:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-07-08 15:17:01 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-07-08 15:03:44 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-07-08 14:57:09 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-07-08 14:56:37 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-07-08 14:56:34 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-07-08 14:55:51 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-07-08 14:55:06 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-07-08 14:50:51 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-06-26 00:35:09 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-06-26 00:27:39 756736 ----a-w- C:\Windows\System32\win32spl.dll
2016-06-26 00:27:32 344576 ----a-w- C:\Windows\System32\ntprint.dll
2016-06-26 00:27:26 970240 ----a-w- C:\Windows\System32\localspl.dll
2016-06-26 00:27:25 22528 ----a-w- C:\Windows\System32\inetppui.dll
2016-06-26 00:27:25 166400 ----a-w- C:\Windows\System32\inetpp.dll
2016-06-26 00:27:07 1208320 ----a-w- C:\Windows\System32\aeinv.dll
2016-06-25 19:54:03 497152 ----a-w- C:\Windows\SysWow64\win32spl.dll
2016-06-25 19:53:56 297472 ----a-w- C:\Windows\SysWow64\ntprint.dll
2016-06-25 19:53:05 48640 ----a-w- C:\Windows\System32\wpnpinst.exe
2016-06-25 19:53:04 61952 ----a-w- C:\Windows\System32\ntprint.exe
2016-06-25 19:41:53 61952 ----a-w- C:\Windows\SysWow64\ntprint.exe
2016-06-22 17:06:38 1730328 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2016-06-22 17:06:34 203280 ----a-w- C:\Windows\System32\drivers\rzudd.sys
2016-06-22 17:06:32 47632 ----a-w- C:\Windows\System32\drivers\rzmpos.sys
2016-06-22 17:06:24 51736 ----a-w- C:\Windows\System32\drivers\rzendpt.sys
2016-06-22 13:06:29 268800 ----a-w- C:\Windows\System32\centel.dll
2016-06-17 18:24:29 571904 ----a-w- C:\Windows\System32\generaltel.dll
2016-06-17 18:24:29 544256 ----a-w- C:\Windows\System32\devinv.dll
2016-06-17 18:24:29 294912 ----a-w- C:\Windows\System32\invagent.dll
2016-06-17 18:24:28 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-06-17 18:24:28 219136 ----a-w- C:\Windows\System32\aepic.dll
2016-06-17 18:24:28 1490432 ----a-w- C:\Windows\System32\appraiser.dll
2016-06-14 20:01:27 1377800 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2016-06-14 20:01:27 1316184 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2016-06-14 20:01:07 1767944 ----a-w- C:\Windows\System32\nvspcap64.dll
2016-06-14 20:01:07 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
2016-06-14 20:01:07 112216 ----a-w- C:\Windows\System32\NvRtmpStreamer64.dll
2016-06-14 15:21:17 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2016-06-13 01:43:10 161752 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2016-06-13 01:43:10 110040 ----a-w- C:\Windows\SysWow64\rzvirtualdev.dll
2016-06-13 01:43:08 99288 ----a-w- C:\Windows\SysWow64\RzBTLE.dll
2016-06-13 01:43:08 97752 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
2016-06-13 01:43:08 554968 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2016-06-13 01:43:08 1409496 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2016-06-13 01:43:08 123352 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2016-06-07 09:35:08 222664 ----a-w- C:\Windows\System32\OpenCL.dll
2016-06-07 09:35:08 212032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-06-07 09:30:02 1590336 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2016-06-07 09:29:42 1580488 ----a-w- C:\Windows\System32\nvdispgenco6436839.dll
2016-06-07 09:29:36 1931328 ----a-w- C:\Windows\System32\nvdispco6436839.dll
.
============= FINISH: 7:30:35.29 ===============