Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02 Ran by MONSTER (administrator) on ABRA (17-02-2017 23:00:09) Running from C:\Users\MONSTER\Desktop Loaded Profiles: MONSTER (Available Profiles: defaultuser1 & MONSTER) Platform: Windows 10 Home Single Language Version 1607 (X64) Language: Türkçe (Türkiye) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Insyde Software Corp.) C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Scarlet.Crush Productions) C:\Users\MONSTER\Desktop\MANETTE PS3 SUR PC\ScpServer\bin\ScpService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (CLEVO CO.) C:\Program Files (x86)\Hotkey\HotkeyService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Zemi Interactive Inc.) C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\4Story\PrePatch.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.102.213.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.102.213.0\OverwolfHelper64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe () C:\Windows\Temp\gB524.tmp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mojang) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang) C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Oracle Corporation) C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1443328 2015-08-27] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6004512 2017-01-11] (IObit) HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\4Story\PrePatch.exe [327680 2014-04-24] (Zemi Interactive Inc.) HKLM\...\RunOnce: [wd] => C:\Windows\TEMP\gB524.tmp.exe [248320 2017-02-17] () <===== ATTENTION HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27421144 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1057840 2017-02-02] () HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1223728 2017-02-06] (CyberGhost S.R.L.) HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4293120 2016-05-31] (Disc Soft Ltd) HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Run: [Advanced SystemCare 10] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3919136 2017-02-08] (IObit) HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\RunOnce: [Uninstall C:\Users\MONSTER\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\MONSTER\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3888481642-677613265-3218227817-1002\...\MountPoints2: {ffeb9ebc-b7f0-11e6-bbe4-806e6f6e6963} - "D:\autorun.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut1.lnk [2016-10-01] ShortcutTarget: NewShortcut1.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{763e97cd-ead8-4daf-8dc7-541f5e7a661f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{87d12af3-eb26-4042-9c90-fd4a74bfac6c}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3888481642-677613265-3218227817-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x41F SearchScopes: HKU\S-1-5-21-3888481642-677613265-3218227817-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 SearchScopes: HKU\S-1-5-21-3888481642-677613265-3218227817-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3888481642-677613265-3218227817-1002 -> {1BED9290-AF3B-4EF2-BB67-6CC8F3EB90F8} URL = hxxp://www.google.com/search?hl=en&q={searchTerms} SearchScopes: HKU\S-1-5-21-3888481642-677613265-3218227817-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.com.tr/search/?text={searchTerms}&clid=2233630 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation) BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2016-12-22] (EagleGet.com) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit) Edge: ====== Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-02-17] FireFox: ======== FF DefaultProfile: yp7f5wtb.default FF ProfilePath: C:\Users\MONSTER\AppData\Roaming\Mozilla\Firefox\Profiles\yp7f5wtb.default [2017-02-17] FF user.js: detected! => C:\Users\MONSTER\AppData\Roaming\Mozilla\Firefox\Profiles\yp7f5wtb.default\user.js [2017-02-17] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yp7f5wtb.default -> Google FF Homepage: Mozilla\Firefox\Profiles\yp7f5wtb.default -> hxxps://www.google.com/ FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\MONSTER\AppData\Roaming\Mozilla\Firefox\Profiles\yp7f5wtb.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18] FF Extension: (Fasterfox) - C:\Users\MONSTER\AppData\Roaming\Mozilla\Firefox\Profiles\yp7f5wtb.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2017-02-17] FF Extension: (Adblock Plus) - C:\Users\MONSTER\AppData\Roaming\Mozilla\Firefox\Profiles\yp7f5wtb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-02-16] FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3888481642-677613265-3218227817-1002: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (EagleGet) FF Plugin HKU\S-1-5-21-3888481642-677613265-3218227817-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-15] () Chrome: ======= CHR Profile: C:\Users\MONSTER\AppData\Local\Google\Chrome\User Data\backupDefault [2017-02-17] <==== ATTENTION CHR Profile: C:\Users\MONSTER\AppData\Local\Google\Chrome\User Data\Default [2017-02-17] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-01-29] CHR HKU\S-1-5-21-3888481642-677613265-3218227817-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-01-29] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-01-29] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2017-01-26] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2017-01-26] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [515608 2017-01-26] (BlueStack Systems, Inc.) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [76848 2017-02-06] (CyberGhost S.R.L) S3 cphs; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-11-02] (Intel Corporation) S3 cplspcon; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-11-02] (Intel Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd) R2 Ds3Service; C:\Users\MONSTER\Desktop\MANETTE PS3 SUR PC\ScpServer\bin\ScpService.exe [381952 2014-04-03] (Scarlet.Crush Productions) [File not signed] S2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [247464 2016-12-22] () R2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [256480 2015-11-26] (Insyde Software Corp.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-11-02] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1740576 2017-01-10] (IObit) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-12-16] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] () S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [6053312 2016-08-22] (INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-02-02] (Overwolf LTD) R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [29696 2016-06-23] (CLEVO CO.) [File not signed] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-09-08] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [33496 2015-07-17] (Insyde Corporation) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2017-01-26] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-15] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-15] (Disc Soft Ltd) S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2017-02-15] (Disc Soft Ltd) R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [87192 2016-07-03] (eagleGet) S3 EagleX64; C:\Windows\system32\drivers\EagleX64.sys [140600 2016-12-23] (AhnLab, Inc.) R0 FPWinIo; C:\Windows\System32\drivers\FPWinIo.sys [23536 2014-10-07] (Egis Technology Inc.) R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2016-03-31] (BitDefender LLC) R3 HKKbdFltr; C:\Windows\system32\DRIVERS\HKKbdFltr.sys [51400 2015-11-26] (Insyde Software Corp.) R3 HKMouFltr; C:\Windows\system32\DRIVERS\HKMouFltr.sys [48344 2015-11-26] (Insyde Software Corp.) R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-23] (REALiX(tm)) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [736000 2016-12-12] (Intel Corporation) R3 igfx; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-11-02] (Intel Corporation) S4 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-12-16] (IObit) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7311120 2017-01-23] (Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvcvwu.inf_amd64_b4f4d51ffe882e05\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-12-16] (IObit.com) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [955424 2017-01-23] (Realtek ) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2017-01-23] (Realsil Semiconductor Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit) S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-09-08] (Synaptics Incorporated) R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows (R) Win 7 DDK provider) R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [452040 2016-03-31] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WsAudioDevice_383; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2016-10-13] (Wondershare) S3 xhunter1; C:\Windows\xhunter1.sys [36808 2016-12-20] (Wellbia.com Co., Ltd.) S3 catchme; \??\C:\Users\MONSTER\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-17 23:00 - 2017-02-17 23:00 - 00025468 _____ C:\Users\MONSTER\Desktop\FRST.txt 2017-02-17 23:00 - 2017-02-17 23:00 - 00000000 ____D C:\FRST 2017-02-17 22:59 - 2017-02-17 22:59 - 02422272 _____ (Farbar) C:\Users\MONSTER\Desktop\FRST64.exe 2017-02-17 22:00 - 2017-02-17 22:00 - 00003024 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (MONSTER) 2017-02-17 21:43 - 2017-02-17 21:43 - 00181484 _____ C:\Users\MONSTER\Desktop\ZHPDiag.txt 2017-02-17 21:40 - 2017-02-17 21:40 - 00000000 ___HD C:\OneDriveTemp 2017-02-17 21:38 - 2017-02-17 21:38 - 00003188 _____ C:\Users\MONSTER\Desktop\ZHPFixReport.txt 2017-02-17 17:06 - 2017-02-17 17:06 - 02705920 _____ C:\Users\MONSTER\Downloads\ZHPCleaner.exe 2017-02-17 17:06 - 2017-02-17 17:06 - 00000879 _____ C:\Users\MONSTER\Desktop\ZHPCleaner.lnk 2017-02-17 16:47 - 2017-02-17 16:49 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2017-02-17 16:47 - 2017-02-17 16:47 - 00001918 _____ C:\Users\MONSTER\Desktop\ZHPFix.lnk 2017-02-17 16:47 - 2017-02-17 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2017-02-17 16:46 - 2017-02-17 16:46 - 03521617 _____ (Nicolas Coolman ) C:\Users\MONSTER\Downloads\ZHPFix.exe 2017-02-17 16:45 - 2017-02-17 21:43 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\ZHP 2017-02-17 16:45 - 2017-02-17 16:45 - 02664960 _____ C:\Users\MONSTER\Downloads\ZHPDiag3.exe 2017-02-17 16:45 - 2017-02-17 16:45 - 00000867 _____ C:\Users\MONSTER\Desktop\ZHPDiag.lnk 2017-02-17 15:57 - 2017-02-17 16:04 - 00000000 ____D C:\Program Files\CCleaner 2017-02-17 15:57 - 2017-02-17 15:57 - 00002852 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-02-17 15:57 - 2017-02-17 15:57 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-02-17 15:57 - 2017-02-17 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-02-17 15:52 - 2017-02-17 15:55 - 09261616 _____ (Piriform Ltd) C:\Users\MONSTER\Downloads\ccsetup527.exe 2017-02-17 14:53 - 2017-02-17 14:53 - 00001196 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2017-02-17 14:53 - 2017-02-17 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2017-02-17 14:53 - 2017-02-17 14:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2017-02-17 14:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2017-02-17 14:27 - 2016-03-31 17:54 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2017-02-17 14:27 - 2016-03-31 17:54 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2017-02-17 14:19 - 2017-02-17 14:19 - 00000000 ____D C:\Users\MONSTER\AppData\Local\AdAwareDesktop 2017-02-17 14:01 - 2017-02-17 14:01 - 00000000 ____D C:\Users\MONSTER\AppData\Local\AdAwareUpdater 2017-02-17 14:01 - 2017-02-17 14:01 - 00000000 ____D C:\Program Files\Common Files\adaware 2017-02-17 13:41 - 2017-02-17 13:41 - 00000000 ____D C:\ProgramData\Lavasoft 2017-02-17 13:13 - 2017-02-17 13:14 - 04015056 _____ C:\Users\MONSTER\Desktop\Adw Cleaner.exe 2017-02-17 13:13 - 2017-02-17 13:13 - 00000398 _____ C:\DelFix.txt 2017-02-17 12:30 - 2017-02-17 12:30 - 95059968 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2017-02-17 12:30 - 2017-02-17 12:30 - 02576384 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak 2017-02-17 12:30 - 2017-02-17 12:30 - 00073728 _____ C:\Windows\system32\config\SAM.iodefrag.bak 2017-02-17 12:30 - 2017-02-17 12:30 - 00040960 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak 2017-02-17 12:09 - 2017-02-17 12:09 - 00003376 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler 2017-02-17 12:09 - 2017-02-17 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4 2017-02-17 11:57 - 2017-02-17 11:57 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Malwarebytes 2017-02-17 11:56 - 2017-02-17 11:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-17 11:53 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe 2017-02-17 11:51 - 2017-02-17 11:51 - 00002486 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_MONSTER 2017-02-17 11:51 - 2017-02-17 11:51 - 00000292 _____ C:\Windows\Tasks\Uninstaller_SkipUac_MONSTER.job 2017-02-17 11:51 - 2017-02-17 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2017-02-17 11:47 - 2017-02-17 11:48 - 00002238 _____ C:\Users\Public\Desktop\Advanced SystemCare 10.lnk 2017-02-17 11:47 - 2017-02-17 11:47 - 00003100 _____ C:\Windows\System32\Tasks\ASC10_PerformanceMonitor 2017-02-17 11:47 - 2017-02-17 11:47 - 00002898 _____ C:\Windows\System32\Tasks\ASC10_SkipUac_MONSTER 2017-02-17 11:47 - 2017-02-17 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2017-02-17 11:27 - 2017-02-17 11:27 - 00000000 ____D C:\Program Files (x86)\Chuvch 2017-02-17 11:26 - 2017-02-17 11:26 - 00000000 ____D C:\Users\MONSTER\Yeni klasör 2017-02-17 11:05 - 2017-02-17 11:05 - 00000000 ____D C:\Users\MONSTER\Documents\Rush To The Horizon Adventure Game Free Download Need For Speed 2 influenced .zipRush To The Horizon Adventure Game Free Download Need For Speed 2 influence 2017-02-17 07:42 - 2017-02-17 19:06 - 00000000 ____D C:\Users\MONSTER\Desktop\Fatih 2017-02-16 22:02 - 2017-02-16 22:02 - 00062929 _____ C:\Users\MONSTER\Documents\Monte cristo 4.odt 2017-02-16 21:47 - 2017-02-16 21:47 - 00053963 _____ C:\Users\MONSTER\Documents\mONTE CRİSTO 3.odt 2017-02-16 21:27 - 2017-02-16 21:27 - 00078169 _____ C:\Users\MONSTER\Documents\Monte cristo 2.odt 2017-02-16 20:42 - 2017-02-16 20:42 - 00051823 _____ C:\Users\MONSTER\Documents\Monte cristo Marseille 1.odt 2017-02-16 18:40 - 2017-02-17 12:25 - 00000000 ____D C:\Users\MONSTER\AppData\LocalLow\Mozilla 2017-02-16 18:39 - 2017-02-16 19:25 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Mozilla 2017-02-15 19:15 - 2017-02-15 19:15 - 00003180 _____ C:\Windows\System32\Tasks\{E76F02D3-96A0-4C8B-9458-12098EDC59DC} 2017-02-15 19:08 - 2017-02-15 19:08 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2017-02-15 19:08 - 2017-02-15 19:08 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Disc_Soft_Ltd 2017-02-15 19:06 - 2017-02-17 11:53 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\DAEMON Tools Lite 2017-02-15 19:06 - 2017-02-15 19:08 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2017-02-15 19:06 - 2017-02-15 19:06 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2017-02-15 19:06 - 2017-02-15 19:06 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2017-02-15 19:06 - 2017-02-15 19:06 - 00001824 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2017-02-15 19:06 - 2017-02-15 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2017-02-15 18:20 - 2017-02-15 18:20 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtproscsibus.sys 2017-02-15 18:20 - 2017-02-15 18:20 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\DAEMON Tools Pro 2017-02-15 18:19 - 2017-02-15 18:19 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro 2017-02-15 17:58 - 2017-02-15 18:05 - 00001448 _____ C:\Users\MONSTER\Desktop\nativelog.txt 2017-02-14 23:41 - 2017-02-15 19:06 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2017-02-14 22:39 - 2017-02-14 22:41 - 00000000 ____D C:\Users\MONSTER\Documents\Fax 2017-02-14 22:39 - 2017-02-14 22:39 - 00000000 ___RD C:\Users\MONSTER\Documents\Scanned Documents 2017-02-14 19:24 - 2017-02-15 18:04 - 00851013 _____ C:\Users\MONSTER\Desktop\averfight.exe 2017-02-14 19:24 - 2017-02-14 19:38 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\.averfight2.0 2017-02-12 23:07 - 2017-02-12 23:07 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-02-12 23:07 - 2017-02-12 23:07 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-12 23:03 - 2017-02-14 17:42 - 00000000 ____D C:\Program Files\TrueKey 2017-02-12 23:03 - 2017-02-12 23:03 - 00002132 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2017-02-12 23:03 - 2017-02-12 23:03 - 00000000 ____D C:\ProgramData\McAfee 2017-02-12 23:03 - 2017-02-12 23:03 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-02-12 17:14 - 2017-02-12 17:14 - 00001021 _____ C:\Users\MONSTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2017-02-12 17:14 - 2017-02-12 17:14 - 00001013 _____ C:\Users\MONSTER\Desktop\osu!.lnk 2017-02-12 17:09 - 2017-02-12 21:35 - 00000000 ____D C:\Users\MONSTER\AppData\Local\osu! 2017-02-12 16:57 - 2017-02-17 20:14 - 00000000 ____D C:\AdwCleaner 2017-02-12 10:42 - 2017-02-17 21:38 - 00000000 ___HD C:\ProgramData\8958l50A34c720 2017-02-12 10:42 - 2017-02-12 10:42 - 00016812 _____ C:\Windows\System32\Tasks\8958l50A34c720 2017-02-11 21:05 - 2017-02-11 21:05 - 00000084 _____ C:\Users\MONSTER\Documents\Sans titre.m2ts.sfl 2017-02-11 21:03 - 2017-02-11 21:05 - 46098432 _____ C:\Users\MONSTER\Documents\Sans titre.m2ts 2017-02-11 15:21 - 2017-02-11 15:21 - 00001140 _____ C:\Users\Public\Desktop\Gameforge Live.lnk 2017-02-11 15:21 - 2017-02-11 15:21 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Gameforge4d 2017-02-10 19:41 - 2016-12-29 15:28 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-02-10 19:40 - 2017-02-10 19:40 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-02-10 19:40 - 2016-12-29 16:16 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-02-10 19:40 - 2016-12-29 16:16 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-02-10 19:40 - 2016-09-09 21:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-02-10 19:40 - 2016-09-09 21:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll 2017-02-10 19:40 - 2016-09-09 21:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-02-10 19:40 - 2016-09-09 21:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe 2017-02-09 15:26 - 2017-02-09 15:26 - 00000000 ____D C:\Users\MONSTER\Documents\League of Legends 2017-02-02 19:57 - 2017-02-02 19:57 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Macromedia 2017-02-02 19:55 - 2017-02-06 20:26 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2017-02-02 19:55 - 2016-11-23 16:37 - 00000570 _____ C:\Users\MONSTER\AppData\Local\TroubleshooterConfig.json 2017-02-02 19:54 - 2017-02-02 19:54 - 00001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk 2017-02-02 19:53 - 2017-02-02 19:53 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Bluestacks 2017-02-02 19:52 - 2017-02-02 19:54 - 00000000 ____D C:\Program Files (x86)\Bluestacks 2017-01-31 17:10 - 2017-02-01 19:55 - 00000000 ____D C:\Users\MONSTER\AppData\Local\SquirrelTemp 2017-01-31 17:10 - 2017-02-01 19:55 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Discord 2017-01-31 17:10 - 2017-02-01 19:54 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-01-31 17:10 - 2017-01-31 22:52 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\discord 2017-01-29 20:02 - 2017-02-16 18:40 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Mozilla 2017-01-29 20:02 - 2017-02-01 19:56 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Octoshape 2017-01-29 14:05 - 2016-08-22 14:48 - 06053312 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2017-01-29 13:51 - 2017-01-29 13:51 - 00000379 _____ C:\Users\MONSTER\Geri Dönüşüm Kutusu.lnk 2017-01-29 09:46 - 2017-01-29 13:43 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Temporary Projects 2017-01-29 09:32 - 2017-01-29 09:46 - 00000000 ____D C:\Users\MONSTER\Documents\Visual Studio 2010 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-01-29 09:32 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-01-29 09:31 - 2017-01-29 09:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0 2017-01-29 09:31 - 2017-01-29 09:31 - 00000000 ____D C:\Windows\symbols 2017-01-29 09:31 - 2017-01-29 09:31 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0 2017-01-29 09:31 - 2017-01-29 09:31 - 00000000 ____D C:\Program Files\Microsoft Help Viewer 2017-01-29 09:31 - 2017-01-29 09:31 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2017-01-29 09:21 - 2017-01-29 09:21 - 00000000 ____D C:\temp 2017-01-29 09:19 - 2016-12-12 06:03 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-01-29 09:19 - 2016-12-12 06:03 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-01-29 09:15 - 2016-12-29 16:16 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-01-29 09:14 - 2017-02-14 22:58 - 00000000 ____D C:\Windows\LastGood 2017-01-29 09:13 - 2017-01-24 03:00 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-01-29 09:13 - 2017-01-24 03:00 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-01-29 09:13 - 2017-01-24 03:00 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-01-29 08:50 - 2017-02-17 13:25 - 00000000 ____D C:\Users\MONSTER\Documents\EGDownloads 2017-01-29 00:16 - 2016-07-03 22:24 - 00087192 _____ (eagleGet) C:\Windows\system32\Drivers\eagleGet.update 2017-01-29 00:16 - 2016-07-03 22:24 - 00087192 _____ (eagleGet) C:\Windows\system32\Drivers\eagleGet.sys 2017-01-29 00:15 - 2017-01-29 00:15 - 00001076 _____ C:\Users\Public\Desktop\EagleGet.lnk 2017-01-29 00:15 - 2017-01-29 00:15 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\EagleGet 2017-01-29 00:15 - 2017-01-29 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet 2017-01-29 00:15 - 2017-01-29 00:15 - 00000000 ____D C:\ProgramData\EagleGet 2017-01-29 00:15 - 2017-01-29 00:15 - 00000000 ____D C:\Program Files (x86)\EagleGet 2017-01-28 22:24 - 2017-01-20 19:38 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437849.dll 2017-01-28 22:24 - 2017-01-20 19:38 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437849.dll 2017-01-28 22:06 - 2017-01-28 22:26 - 00000000 ____D C:\Windows\LastGood.Tmp 2017-01-28 22:06 - 2017-01-28 22:06 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003884 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-28 22:06 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-28 22:06 - 2017-01-20 21:39 - 01872320 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-01-28 22:06 - 2017-01-20 21:39 - 01464768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-01-28 22:06 - 2017-01-20 21:39 - 00156608 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-01-28 22:06 - 2017-01-20 21:39 - 00124352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-01-28 22:06 - 2017-01-20 21:39 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-01-28 22:06 - 2017-01-20 21:39 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-01-27 15:40 - 2017-01-27 15:40 - 00002409 _____ C:\Users\MONSTER\Documents\MumbleAutomaticCertificateBackup.p12 2017-01-27 15:39 - 2017-01-28 21:41 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Mumble 2017-01-27 15:39 - 2017-01-27 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble 2017-01-27 15:39 - 2017-01-27 15:39 - 00000000 ____D C:\Program Files (x86)\Mumble 2017-01-26 15:34 - 2017-02-09 15:27 - 00001763 _____ C:\Users\Public\Desktop\League of Legends.lnk 2017-01-26 15:34 - 2017-01-26 15:34 - 00000000 ____D C:\Riot Games 2017-01-26 15:34 - 2017-01-26 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-01-25 12:48 - 2016-12-21 10:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2017-01-25 12:48 - 2016-12-21 07:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2017-01-24 22:20 - 2017-01-24 22:20 - 00002343 _____ C:\Users\MONSTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-24 18:17 - 2017-01-24 18:15 - 01866104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2017-01-23 21:13 - 2017-01-23 21:13 - 91508736 _____ C:\Windows\system32\config\SOFTWARE.iobit 2017-01-23 21:13 - 2017-01-23 21:13 - 06885376 _____ C:\Windows\system32\config\DRIVERS.iobit 2017-01-23 21:13 - 2017-01-23 21:13 - 01236992 _____ C:\Windows\system32\config\DEFAULT.iobit 2017-01-23 21:13 - 2017-01-23 21:13 - 00040960 _____ C:\Windows\system32\config\SECURITY.iobit 2017-01-23 21:13 - 2017-01-23 21:13 - 00040960 _____ C:\Windows\system32\config\SAM.iobit 2017-01-23 21:13 - 2017-01-23 21:13 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\device backup 2017-01-23 21:10 - 2017-02-17 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IOTransfer 2017-01-23 21:08 - 2017-01-23 21:08 - 00003250 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze 2017-01-23 21:08 - 2017-01-23 21:08 - 00003090 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup 2017-01-23 21:08 - 2017-01-23 21:08 - 00003090 _____ C:\Windows\System32\Tasks\IObitSelfCheckTask 2017-01-23 21:08 - 2017-01-23 21:08 - 00003086 _____ C:\Windows\System32\Tasks\SmartDefrag_Update 2017-01-23 21:08 - 2017-01-23 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2017-01-23 21:08 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll 2017-01-23 21:08 - 2016-03-22 11:02 - 00036824 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe 2017-01-23 21:08 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys 2017-01-23 21:07 - 2017-01-23 21:07 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled 2017-01-23 20:58 - 2017-01-23 20:58 - 00000000 ____D C:\ProgramData\BDLogging 2017-01-23 20:52 - 2017-01-23 20:52 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\ProductData 2017-01-23 20:51 - 2017-01-23 20:51 - 00001246 _____ C:\Users\MONSTER\Desktop\IObit Malware Fighter.lnk 2017-01-23 20:51 - 2017-01-23 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2017-01-23 20:29 - 2017-01-23 20:29 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA 2017-01-23 20:23 - 2017-01-23 20:23 - 10017320 _____ C:\Windows\system32\Drivers\Netwfw04.dat 2017-01-23 20:18 - 2017-01-23 21:01 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\MAXON 2017-01-23 20:17 - 2017-01-23 20:17 - 00000057 _____ C:\Windows\system32\Drivers\370b12230035291000.bseq 2017-01-23 20:16 - 2017-01-23 20:16 - 09891328 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll 2017-01-23 20:16 - 2017-01-23 20:16 - 04332032 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCRU64.exe 2017-01-23 20:16 - 2017-01-23 20:16 - 00091272 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2017-01-23 20:15 - 2015-01-27 18:05 - 00317440 _____ (CANON INC.) C:\Windows\system32\CNC_CBC.dll 2017-01-23 20:15 - 2015-01-27 18:05 - 00105984 _____ (CANON INC.) C:\Windows\system32\CNC_CBI.dll 2017-01-23 19:43 - 2017-02-17 11:51 - 00000000 ____D C:\ProgramData\ProductData 2017-01-23 19:43 - 2017-01-23 19:43 - 00000000 ____D C:\Windows\IObit 2017-01-23 19:42 - 2017-02-17 12:09 - 00000000 ____D C:\Program Files (x86)\IObit 2017-01-23 19:42 - 2017-02-17 12:07 - 00000000 ____D C:\Users\MONSTER\AppData\LocalLow\IObit 2017-01-23 19:42 - 2017-01-24 09:55 - 00000000 ____D C:\ProgramData\IObit 2017-01-23 19:42 - 2017-01-23 21:08 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\IObit 2017-01-23 19:42 - 2017-01-23 19:42 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2017-01-23 19:40 - 2017-01-23 19:40 - 00000000 ____D C:\ProgramData\WEBZEN 2017-01-22 19:09 - 2017-01-22 19:09 - 00000000 ____D C:\AeriaGames 2017-01-22 18:39 - 2017-01-22 18:41 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2017-01-22 18:39 - 2017-01-22 18:39 - 00003322 _____ C:\Windows\System32\Tasks\{F63FD8E6-7715-4C2B-8922-F72697B0CBA2} 2017-01-22 18:39 - 2017-01-22 18:39 - 00003298 _____ C:\Windows\System32\Tasks\{05B71A02-F15F-482D-BA72-195965CB09BF} 2017-01-22 18:39 - 2017-01-22 18:39 - 00000000 ____D C:\Users\MONSTER\AppData\LocalLow\Sony Online Entertainment 2017-01-22 18:34 - 2017-01-22 18:34 - 00006807 _____ C:\Users\MONSTER\AppData\Localtransition_ffc308f6ee54ecebb1ffc0a833ecb89a.ini 2017-01-22 18:33 - 2017-01-22 18:33 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Ankama 2017-01-22 18:17 - 2017-02-13 17:46 - 00000000 ____D C:\Program Files (x86)\GameforgeLive 2017-01-19 23:04 - 2016-10-13 09:58 - 00031080 _____ (Wondershare) C:\Windows\system32\Drivers\VirtualAudio.sys 2017-01-19 22:49 - 2017-01-22 18:36 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Wondershare 2017-01-19 22:49 - 2017-01-22 18:36 - 00000000 ____D C:\Program Files (x86)\Wondershare 2017-01-19 22:49 - 2017-01-19 22:49 - 00000000 ____D C:\Users\MONSTER\AppData\Local\WonderShare 2017-01-19 22:49 - 2017-01-19 22:49 - 00000000 ____D C:\ProgramData\wondershare 2017-01-19 22:49 - 2016-11-10 15:20 - 00000232 _____ C:\Windows\SysWOW64\dllhost.exe.config 2017-01-19 22:46 - 2017-01-19 23:03 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2017-01-19 21:05 - 2017-01-19 23:04 - 00000000 ____D C:\Program Files\iTunes 2017-01-19 21:05 - 2017-01-19 22:36 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Apple Computer 2017-01-19 21:05 - 2017-01-19 21:05 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-01-19 21:05 - 2017-01-19 21:05 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Apple Computer 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Apple 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\ProgramData\Apple Computer 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\Program Files\iPod 2017-01-19 21:05 - 2017-01-19 21:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-01-19 21:04 - 2017-01-19 21:05 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-01-19 21:04 - 2017-01-19 21:04 - 00000000 ____D C:\ProgramData\Apple 2017-01-19 21:04 - 2017-01-19 21:04 - 00000000 ____D C:\Program Files\Bonjour 2017-01-19 21:04 - 2017-01-19 21:04 - 00000000 ____D C:\Program Files (x86)\Bonjour ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-17 22:56 - 2016-12-02 21:04 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Skype 2017-02-17 21:57 - 2016-12-03 15:09 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\TS3Client 2017-02-17 21:51 - 2016-12-02 21:03 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\.minecraft 2017-02-17 21:50 - 2016-10-01 14:20 - 00000000 ____D C:\Users\MONSTER 2017-02-17 21:46 - 2016-10-01 14:24 - 05922348 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-17 21:46 - 2016-07-17 01:12 - 02760730 _____ C:\Windows\system32\perfh01F.dat 2017-02-17 21:46 - 2016-07-17 01:12 - 00773054 _____ C:\Windows\system32\perfc01F.dat 2017-02-17 21:40 - 2016-12-03 15:08 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Overwolf 2017-02-17 21:40 - 2016-10-01 14:22 - 00000000 ___RD C:\Users\MONSTER\OneDrive 2017-02-17 21:40 - 2016-10-01 09:43 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-17 21:40 - 2016-10-01 09:41 - 00000000 __SHD C:\Users\MONSTER\IntelGraphicsProfiles 2017-02-17 21:39 - 2016-10-01 14:11 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-17 21:39 - 2016-07-16 09:04 - 00524288 _____ C:\Windows\system32\config\BBI 2017-02-17 20:12 - 2016-12-03 12:32 - 00004178 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C81BF2BE-7126-43A8-A478-511543DC5A59} 2017-02-17 17:39 - 2016-07-16 14:47 - 00000000 ____D C:\Windows\AppReadiness 2017-02-17 17:34 - 2016-10-01 14:20 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Packages 2017-02-17 17:34 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-17 16:35 - 2016-07-16 14:45 - 00000000 ____D C:\Windows\INF 2017-02-17 16:07 - 2017-01-10 19:38 - 00000000 ____D C:\Windows\Minidump 2017-02-17 16:07 - 2017-01-01 23:26 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\uTorrent 2017-02-17 16:07 - 2016-12-02 20:46 - 00000000 ____D C:\Users\MONSTER\AppData\Local\CrashDumps 2017-02-17 14:58 - 2016-12-22 11:31 - 00000000 ____D C:\Users\MONSTER\Desktop\Furkan 2017-02-17 11:53 - 2016-12-02 21:22 - 00000000 ____D C:\Program Files (x86)\Steam 2017-02-17 11:27 - 2016-07-16 14:47 - 00008776 _____ C:\Windows\system32\Drivers\etc\HOSTS.MVP 2017-02-17 07:41 - 2016-10-01 14:11 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-02-16 17:43 - 2016-12-02 20:57 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-13 17:46 - 2016-12-11 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2017-02-12 23:05 - 2016-12-26 01:35 - 00000000 ____D C:\Users\MONSTER\AppData\LocalLow\Adobe 2017-02-12 23:05 - 2016-12-26 01:34 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Adobe 2017-02-12 23:05 - 2016-12-26 01:34 - 00000000 ____D C:\ProgramData\Adobe 2017-02-12 23:05 - 2016-10-01 14:20 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Adobe 2017-02-12 21:01 - 2016-12-02 20:57 - 00000000 ____D C:\Program Files (x86)\Minecraft 2017-02-12 08:21 - 2017-01-15 13:44 - 00000000 ____D C:\Users\MONSTER\AppData\Local\Ubisoft Game Launcher 2017-02-11 20:58 - 2016-12-22 12:19 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\VEGAS 2017-02-11 08:33 - 2016-12-02 21:04 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-02-11 08:33 - 2016-12-02 21:04 - 00000000 ____D C:\ProgramData\Skype 2017-02-10 19:41 - 2016-10-01 09:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-02-08 18:00 - 2016-12-03 15:10 - 00000000 ____D C:\Program Files (x86)\Overwolf 2017-02-07 17:41 - 2016-12-02 20:57 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-02 19:54 - 2016-07-16 14:47 - 00000000 __RHD C:\Users\Public\Libraries 2017-01-29 13:54 - 2016-12-15 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest 2017-01-29 13:54 - 2016-12-15 16:45 - 00000000 ____D C:\Program Files (x86)\NCWest 2017-01-29 09:31 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-01-29 09:21 - 2016-10-01 09:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-28 22:06 - 2016-12-03 09:25 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-28 22:06 - 2016-10-01 09:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-26 18:12 - 2016-12-24 19:54 - 00000000 ____D C:\Program Files\CyberGhost 6 2017-01-26 15:34 - 2016-12-03 00:22 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Riot Games 2017-01-25 17:36 - 2016-07-16 14:36 - 00000000 ____D C:\Windows\CbsTemp 2017-01-25 11:35 - 2016-10-01 14:20 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-24 18:08 - 2016-12-04 00:51 - 00000000 ____D C:\Windows\SysWOW64\directx 2017-01-23 21:14 - 2016-12-20 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6 2017-01-23 21:14 - 2016-10-01 15:10 - 00000000 ____D C:\Windows\Panther 2017-01-23 20:31 - 2016-12-21 00:01 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2017-01-23 20:31 - 2016-12-21 00:01 - 00000000 ____D C:\Program Files\Java 2017-01-23 20:31 - 2016-12-02 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-23 20:30 - 2016-12-02 22:30 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-01-23 20:30 - 2016-12-02 22:29 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-23 20:29 - 2016-10-01 09:40 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-23 20:23 - 2016-10-01 09:44 - 00000000 ____D C:\Windows\SysWOW64\sda 2017-01-23 20:23 - 2016-06-07 02:51 - 07311120 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw04.sys 2017-01-23 20:16 - 2016-10-01 09:44 - 00779232 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys 2017-01-23 20:16 - 2016-10-01 09:44 - 00084480 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll 2017-01-23 20:16 - 2016-10-01 09:43 - 00955424 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys 2017-01-23 20:16 - 2015-11-12 20:05 - 00795640 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys 2017-01-23 20:03 - 2015-10-08 21:16 - 00204896 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys 2017-01-22 23:41 - 2016-12-20 21:22 - 00005307 _____ C:\ProgramData\NvTelemetryContainer.log_backup1 2017-01-22 21:13 - 2016-12-17 07:49 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2017-01-22 19:44 - 2016-12-02 21:34 - 00000000 ____D C:\Users\MONSTER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-01-22 18:36 - 2016-12-15 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2017-01-22 18:36 - 2016-10-01 09:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-01-20 21:39 - 2016-12-03 09:25 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-01-20 21:39 - 2016-12-03 09:25 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-01-20 21:39 - 2016-12-03 09:25 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-01-20 16:36 - 2016-12-20 21:22 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat ==================== Files in the root of some directories ======= 2016-12-26 02:02 - 2016-12-26 09:10 - 0000132 _____ () C:\Users\MONSTER\AppData\Roaming\Adobe PNG Format CS5 Prefs 2016-12-09 19:27 - 2016-12-09 19:27 - 0000727 _____ () C:\Users\MONSTER\AppData\Roaming\AdobeWLCMR2Cache.dat 2016-12-11 12:29 - 2016-12-11 12:31 - 0000088 _____ () C:\Users\MONSTER\AppData\Roaming\infos.properties 2017-02-02 19:55 - 2016-11-23 16:37 - 0000570 _____ () C:\Users\MONSTER\AppData\Local\TroubleshooterConfig.json 2016-12-20 21:22 - 2017-01-23 19:00 - 0005701 _____ () C:\ProgramData\NvTelemetryContainer.log 2016-12-20 21:22 - 2017-01-22 23:41 - 0005307 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Files to move or delete: ==================== C:\Windows\TEMP\gB524.tmp.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-14 19:46 ==================== End of FRST.txt ============================