Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

help needed removing gamegogle

This is a discussion on help needed removing gamegogle within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. OS is windows 7 web browser is opera (yes some people use opera :p) i downloaded dreamscape to play a


Closed Thread
 
Thread Tools Search this Thread
Old 11-17-2015, 11:04 AM   #1
Registered Member
 
Join Date: Nov 2005
Location: England, Birkenhead
Posts: 464
OS: windows 10 64

My System


OS is windows 7 web browser is opera (yes some people use opera :p)

i downloaded dreamscape to play a video as my desktop backgroup. the installer was filled with crap and i think thats where i got the virus or malware whatever it is

all guides i have found online dont cover opera or vaguely tell me to edit my registery or to download and buy spyhunter. most guides say to go into programs and features and simply uninstall it (which be great if it was there)

as always i appreciate your help very much


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.19038
Run by Gary at 18:56:14 on 2015-11-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8142.5468 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Stardock\DeskScapes8\DeskScapes64.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Steam\Steam.exe
E:\Steam\bin\steamwebhelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera_crashreporter.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Program Files (x86)\Opera\33.0.1990.58\opera.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www-searching.com/?pid=s&s=FBEzamobl1598,2fe1b957-bdde-4833-8aa4-ccce15f0e9e6,&vp=ch&prd=set
mWinlogon: Userinit = userinit.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
uRun: [Steam] "E:\Steam\steam.exe" -silent
uRun: [WindApp] "C:\Users\Gary\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
uRun: [Selection Tools] "C:\Users\Gary\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{C2FB13D9-CC2D-48D6-BBC5-2C5F1F540B7C} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{D078EFC6-FEF0-4171-BCDF-5C972CBEA527} : DHCPNameServer = 192.168.42.129
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-10-30 274808]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-10-31 19264]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-10-30 1059656]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-10-30 449992]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\System32\drivers\HWiNFO64A.SYS [2015-11-16 27552]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-10-30 153744]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 DeskScapes8;Stardock DeskScapes 8;C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe [2014-3-10 75376]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-30 1156384]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2015-10-31 166720]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-30 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-30 5568288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-11-16 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-11-16 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-11-16 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-9 417584]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2015-10-31 365376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-10-31 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-10-31 789824]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-30 20768]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-10-30 50472]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-10-30 769168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 NetTcpHandler;Net.Tcp Service Handler;C:\Users\Gary\AppData\Roaming\NetService\netservice.exe -start --> C:\Users\Gary\AppData\Roaming\NetService\netservice.exe -start [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-10-30 19456]
S3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-6-2 13536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-10-30 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-10-30 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-10-30 1255736]
.
=============== File Associations ===============
.
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-11-16 16:53:17 27552 ----a-w- C:\Windows\System32\drivers\HWiNFO64A.SYS
2015-11-16 16:53:09 -------- d-----w- C:\Program Files\HWiNFO64
2015-11-16 15:49:09 -------- d-----w- C:\Program Files (x86)\RivaTuner Statistics Server
2015-11-16 15:48:04 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2015-11-16 10:35:25 -------- d-----w- C:\Program Files\Common Files\AV
2015-11-16 10:17:53 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2015-11-16 10:17:52 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2015-11-16 10:17:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-15 16:39:20 -------- d-----w- C:\Users\Gary\AppData\Roaming\NVIDIA
2015-11-15 16:39:14 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2015-11-15 16:39:14 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2015-11-15 16:39:14 -------- d-----w- C:\Program Files (x86)\OpenAL
2015-11-15 16:39:13 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2015-11-15 16:39:13 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2015-11-14 19:37:32 -------- d-----w- C:\Users\Gary\AppData\Roaming\WinAVI
2015-11-14 19:37:32 -------- d-----w- C:\Users\Gary\AppData\Local\WinAVI
2015-11-14 19:37:10 -------- d-----w- C:\Program Files (x86)\WinAVI
2015-11-14 14:45:25 -------- d-----w- C:\Users\Gary\AppData\Roaming\Apowersoft
2015-11-14 14:45:22 -------- d-----w- C:\ProgramData\Apowersoft
2015-11-14 14:45:22 -------- d-----w- C:\Program Files (x86)\Apowersoft
2015-11-14 14:34:10 -------- d-----w- C:\Users\Gary\AppData\Local\Stardock
2015-11-14 14:34:10 -------- d-----w- C:\ProgramData\Stardock
2015-11-14 14:34:05 -------- d-----w- C:\Program Files (x86)\Stardock
2015-11-14 14:31:02 -------- d-----w- C:\Users\Gary\AppData\Local\http___www.julien-manici
2015-11-14 14:30:16 -------- d-----w- C:\Program Files (x86)\Julien MANICI
2015-11-14 1439 275360 ----a-w- C:\Windows\System32\DreamScene.dll.0
2015-11-14 1439 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2015-11-14 14:02:53 -------- d-----w- C:\Program Files (x86)\DreamScene Seven
2015-11-14 14:01:50 -------- d-----w- C:\Users\Gary\AppData\Roaming\WTools
2015-11-14 14:01:44 -------- d-----w- C:\Users\Gary\AppData\Roaming\Store
2015-11-14 14:01:34 -------- d-----w- C:\Users\Gary\AppData\Roaming\Nosibay
2015-11-14 14:01:20 -------- d-----w- C:\Program Files (x86)\CinePlus-1.44V09.11
2015-11-14 14:00:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\RunDir
2015-11-14 14:00:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\NetService
2015-11-13 16:14:28 -------- d-----w- C:\Users\Gary\AppData\Roaming\PacificPoker
2015-11-13 16:14:21 -------- d-----w- C:\Program Files (x86)\PacificPoker
2015-11-13 14:40:28 -------- d-----w- C:\Program Files\LSoft Technologies
2015-11-13 14:09:17 -------- d-----w- C:\Users\Gary\AppData\Roaming\EncryptStick
2015-11-13 11:31:56 11140960 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63CFFAA6-A20A-4F88-B22B-9D1B4E3709EA}\mpengine.dll
2015-11-13 11:29:38 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-11-13 11:29:37 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-11-13 11:23:05 67072 ----a-w- C:\Windows\splwow64.exe
2015-11-13 11:23:05 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2015-11-12 20:09:29 -------- d-----w- C:\Users\Gary\AppData\Local\Arktos Entertainment
2015-11-12 20:07:30 -------- d-----w- C:\Users\Gary\AppData\Local\CrashRpt
2015-11-12 20:07:30 -------- d-----w- C:\Users\Gary\AppData\Local\Arktos
2015-11-12 11:07:08 -------- d-----w- C:\ProgramData\YTD Video Downloader
2015-11-12 1137 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2015-11-11 21:48:59 -------- d-----w- C:\Users\Gary\AppData\Local\Microsoft Games
2015-11-10 21:41:16 -------- d-----w- C:\Users\Gary\AppData\Roaming\Fallout2
2015-11-10 11:13:22 -------- d-----w- C:\Users\Gary\AppData\Local\Fallout4
2015-11-09 17:09:58 -------- d-----w- C:\ProgramData\Package Cache
2015-11-09 16:55:21 102704 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-11-08 12:30:19 -------- d-----w- C:\Users\Gary\AppData\Local\Gas Powered Games
2015-11-06 17:42:58 -------- d-----w- C:\Users\Gary\AppData\Roaming\BitTorrent
2015-11-06 16:23:09 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2015-11-06 16:23:09 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2015-11-06 16:23:09 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
2015-11-06 16:23:09 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2015-11-06 16:23:08 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
2015-11-06 16:23:08 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2015-11-05 18:36:11 -------- d-----w- C:\Users\Gary\AppData\Local\Rockstar Games
2015-11-05 18:35:34 -------- d-----w- C:\Windows\SysWow64\xlive
2015-11-05 18:35:34 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-11-05 15:38:31 -------- d-----w- C:\Users\Gary\AppData\Local\NVIDIA Corporation
2015-11-05 14:53:03 -------- d-----w- C:\Users\Gary\AppData\Roaming\Mionix
2015-11-05 14:53:03 -------- d-----w- C:\Program Files (x86)\Mionix
2015-11-05 14:52:48 -------- d-----w- C:\Users\Gary\AppData\Local\Downloaded Installations
2015-11-04 13:18:28 44544 ----a-w- C:\Users\Gary\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2015-11-02 11:05:48 -------- d-----w- C:\Program Files\VideoLAN
2015-11-01 18:09:35 -------- d-----w- C:\Users\Gary\AppData\Roaming\Media Converter
2015-10-31 19:59:53 -------- d-----w- C:\Users\Gary\AppData\Roaming\7DaysToDie
2015-10-31 19:59:05 238376 ----a-w- C:\Windows\SysWow64\EasyAntiCheat.exe
2015-10-31 18:05:32 -------- d-----w- C:\Users\Gary\AppData\Local\Steam
2015-10-31 18:05:32 -------- d-----w- C:\Users\Gary\AppData\Local\CEF
2015-10-31 18:04:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2015-10-31 17:47:04 -------- d-----w- C:\ProgramData\Freemake
2015-10-31 17:47:04 -------- d-----w- C:\Program Files (x86)\Common Files\Freemake Shared
2015-10-31 17:46:55 -------- d-----w- C:\Program Files (x86)\Freemake
2015-10-31 17:45:13 -------- d-----w- C:\Program Files (x86)\mkvtoavi_setup
2015-10-31 17:44:15 -------- d-----w- C:\Program Files (x86)\Free MKV to AVI Converter
2015-10-31 17:43:48 -------- d-----w- C:\Users\Gary\AppData\Local\Programs
2015-10-31 17:37:14 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2015-10-31 17:36:42 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2015-10-31 17:30:13 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2015-10-31 17:30:08 -------- d-----w- C:\Intel
2015-10-31 17:29:42 789824 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2015-10-31 17:29:42 357184 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2015-10-31 17:29:42 19264 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2015-10-31 17:29:42 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2015-10-31 17:12:12 -------- d-----w- C:\Users\Gary\AppData\Roaming\mIRC
2015-10-31 17:12:12 -------- d-----w- C:\Program Files (x86)\mIRC
2015-10-30 18:55:38 -------- d-----w- C:\Users\Gary\AppData\Roaming\BitLord
2015-10-30 18:55:38 -------- d-----w- C:\Users\Gary\AppData\Local\BitLord
2015-10-30 18:30:44 -------- d-----w- C:\Windows\System32\MRT
2015-10-30 18:27:38 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 18:27:38 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-30 18:20:47 -------- d-----w- C:\Windows\Panther
2015-10-30 18:18:09 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-10-30 18:18:09 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-10-30 18:18:09 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-10-30 18:18:09 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-10-30 18:18:09 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-10-30 18:18:08 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-10-30 18:18:08 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-10-30 18:13:36 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-10-30 18:13:36 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-10-30 18:02:41 -------- d-----w- C:\Windows\SysWow64\Wat
2015-10-30 18:02:41 -------- d-----w- C:\Windows\System32\Wat
2015-10-30 17:22:11 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2015-10-30 17:22:07 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2015-10-30 17:22:05 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2015-10-30 17:22:05 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-10-30 17:22:05 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2015-10-30 17:22:04 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2015-10-30 17:22:04 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2015-10-30 17:22:04 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2015-10-30 17:22:04 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2015-10-30 17:22:04 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2015-10-30 17:22:04 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2015-10-30 17:19:59 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2015-10-30 17:19:59 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2015-10-30 17:19:57 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2015-10-30 17:19:57 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2015-10-30 17:12:12 22528 ----a-w- C:\Windows\System32\icaapi.dll
2015-10-30 17:12:10 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2015-10-30 17:11:33 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-10-30 17:11:33 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-10-30 17:11:33 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-10-30 17:11:33 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-10-30 17:11:03 -------- d-----w- C:\Users\Gary\Tracing
2015-10-30 17:10:13 -------- d-----w- C:\Users\Gary\AppData\Local\Skype
2015-10-30 17:09:52 -------- d-----r- C:\Program Files (x86)\Skype
2015-10-30 16:51:34 -------- d-s---w- C:\Windows\System32\CompatTel
2015-10-30 16:51:34 -------- d-----w- C:\Windows\System32\appraiser
2015-10-30 16:51:24 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-10-30 16:51:24 -------- d-s---w- C:\Windows\System32\GWX
2015-10-30 14:44:27 -------- d-----w- C:\Windows\Migration
2015-10-30 14:31:57 11140960 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-10-30 14:25:43 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2015-10-30 13:19:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2015-10-30 13:19:47 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2015-10-30 13:19:47 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2015-10-30 13:19:47 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2015-10-30 13:19:46 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2015-10-30 13:19:46 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2015-10-30 13:19:46 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2015-10-30 13:12:59 83736 ----a-w- C:\Windows\System32\xinput1_2.dll
2015-10-30 13:03:43 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2015-10-30 13:03:43 5120 ----a-w- C:\Windows\System32\wmi.dll
2015-10-30 13:03:43 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2015-10-30 12:55:30 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-10-30 12:55:30 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-10-30 12:55:30 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-10-30 12:55:30 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-10-30 12:55:30 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-10-30 12:55:30 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-10-30 12:55:23 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-10-30 12:55:23 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-10-30 12:52:55 52736 ----a-w- C:\Windows\System32\basesrv.dll
2015-10-30 12:51:51 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2015-10-30 12:50:35 73216 ----a-w- C:\Windows\SysWow64\msiexec.exe
2015-10-30 12:49:49 455168 ----a-w- C:\Windows\System32\winlogon.exe
2015-10-30 12:48:54 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2015-10-30 12:47:59 327168 ----a-w- C:\Windows\System32\mswsock.dll
2015-10-30 12:46:57 210432 ----a-w- C:\Windows\System32\profsvc.dll
2015-10-30 12:45:50 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2015-10-30 12:37:22 780488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-10-30 12:37:22 142536 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-30 12:36:58 -------- d-----w- C:\Users\Gary\AppData\Local\Adobe
2015-10-30 12:27:45 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2015-10-30 11:40:26 769168 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2015-10-30 11:40:26 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2015-10-30 11:40:26 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2015-10-30 11:40:22 -------- d-----w- C:\Program Files (x86)\Realtek
2015-10-30 11:36:46 -------- d-----w- C:\Users\Gary\AppData\Local\NVIDIA
2015-10-30 11:36:16 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2015-10-30 11:36:16 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2015-10-30 11:36:15 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2015-10-30 11:36:15 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2015-10-30 11:36:15 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2015-10-30 11:36:15 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2015-10-30 11:34:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2015-10-30 11:32:12 -------- d-sh--w- C:\Windows\Installer
2015-10-30 11:31:06 72504 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2015-10-30 11:31:06 69416 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2015-10-30 11:31:06 50472 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2015-10-30 11:31:06 3579000 ----a-w- C:\Windows\System32\nvapi64.dll
2015-10-30 11:31:06 3158736 ----a-w- C:\Windows\SysWow64\nvapi.dll
2015-10-30 11:31:06 1905456 ----a-w- C:\Windows\System32\nvdispco6435850.dll
2015-10-30 11:31:06 17515208 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2015-10-30 11:31:06 1572496 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2015-10-30 11:31:06 1564976 ----a-w- C:\Windows\System32\nvdispgenco6435850.dll
2015-10-30 11:31:06 15121784 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2015-10-30 11:31:06 12770752 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2015-10-30 11:30:40 -------- d-----w- C:\Program Files\NVIDIA Corporation
2015-10-30 11:30:26 -------- d-----w- C:\NVIDIA
2015-10-30 11:27:39 -------- d-----w- C:\Users\Gary\AppData\Roaming\AVAST Software
2015-10-30 11:27:11 274808 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-10-30 11:27:11 153744 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-10-30 11:27:09 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-10-30 11:27:09 90968 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-10-30 11:27:09 65224 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-10-30 11:27:09 28656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-10-30 11:27:08 1059656 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2015-10-30 11:27:06 43112 ----a-w- C:\Windows\avastSS.scr
2015-10-30 11:26:27 -------- d-----w- C:\Program Files\AVAST Software
2015-10-30 11:25:49 -------- d-----w- C:\ProgramData\AVAST Software
2015-10-30 11:24:27 -------- d-----w- C:\Users\Gary\AppData\Roaming\Opera Software
2015-10-30 11:24:27 -------- d-----w- C:\Users\Gary\AppData\Local\Opera Software
.
==================== Find3M ====================
.
2015-11-05 15:13:09 6358648 ----a-w- C:\Windows\System32\nvcpl.dll
2015-11-05 15:13:09 2983032 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-11-05 15:13:08 938616 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-11-05 15:13:07 62584 ----a-w- C:\Windows\System32\nvshext.dll
2015-11-05 15:13:07 385328 ----a-w- C:\Windows\System32\nvmctray.dll
2015-11-05 15:13:07 2554488 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-11-05 02:20:06 1188864 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 02:19:53 611840 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-05 02:19:45 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2015-11-05 02:19:41 22528 ----a-w- C:\Windows\System32\corpol.dll
2015-11-05 02:19:21 47616 ----a-w- C:\Windows\System32\mshta.exe
2015-11-05 02:19:17 174592 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-05 02:19:04 1538048 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-05 02:12:17 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-05 02:12:06 429568 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-05 02:11:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2015-11-05 02:11:22 18944 ----a-w- C:\Windows\SysWow64\corpol.dll
2015-11-05 02:11:03 50176 ----a-w- C:\Windows\SysWow64\mshta.exe
2015-11-05 02:11:00 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-05 02:10:48 1466368 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-05 01:50:07 483328 ----a-w- C:\Windows\System32\html.iec
2015-11-05 01:37:41 386560 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-05 01:30:12 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-05 01:22:09 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-03 17:55:32 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-10-29 17:50:44 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-10-29 17:50:30 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-10-29 17:50:29 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-10-29 17:50:29 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50:21 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-10-29 17:50:14 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-10-29 17:49:58 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-10-29 17:49:57 562176 ----a-w- C:\Windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\Windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2015-10-28 07:42:27 6027430 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-10-20 18:42:14 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-10-20 18:42:14 3168768 ----a-w- C:\Windows\System32\wucltux.dll
2015-10-20 18:42:14 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-10-20 18:41:36 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-10-20 18:41:25 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-10-20 18:41:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-10-20 17:46:02 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-10-20 17:46:02 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-10-20 17:45:08 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-10-20 01:12:12 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 0118 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 0118 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 0118 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 0118 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-19 23:27:10 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 16:41:05 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-10-13 16:40:33 118272 ----a-w- C:\Windows\System32\drivers\tdx.sys
2015-10-13 04:57:21 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-10-13 01:29:08 875720 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 01:22:02 869568 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2015-10-12 03:05:01 1423304 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2015-10-12 03:05:01 1316000 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2015-10-12 03:04:46 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
2015-10-12 03:04:46 1710752 ----a-w- C:\Windows\System32\nvspcap64.dll
2015-10-01 1849 692672 ----a-w- C:\Windows\System32\winload.efi
2015-10-01 18:04:11 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-10-01 18:00:59 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-10-01 18:00:51 24576 ----a-w- C:\Windows\System32\jnwmon.dll
2015-10-01 18:00:50 275456 ----a-w- C:\Windows\System32\InkEd.dll
2015-10-01 18:00:43 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-10-01 18:00:43 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-10-01 18:00:06 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
.
============= FINISH: 18:56:52.71 ===============
Attached Files
File Type: txt attach.txt (6.9 KB, 21 views)
mephistophilus is offline  
Sponsored Links
Advertisement
 
Old 11-18-2015, 07:04 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I see you have P2P software ( BitTorrent ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

A reference for the risk of these programs is here and here

I would strongly recommend that you uninstall it. You can do so via Control Panel >> Programs and Features.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->(Programs)->Programs and Features if it still exists:

YTD Video Downloader<<Please read this

Also delete the following Folder if it still exists:

C:\Program Files (x86)\YTD Video Downloader

------------------------------------------------------

**Note - Please do NOT upgrade your OS to Windows 10 until your machine is clean, and we have uninstalled all our removal tools. Thanks.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Cleaning
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-24-2015, 05:44 AM   #3
Registered Member
 
Join Date: Nov 2005
Location: England, Birkenhead
Posts: 464
OS: windows 10 64

My System


my pc died a couple days ago so I will follow those steps as soon as its working. and a shame ytd is at fault I liked that program
mephistophilus is offline  
Sponsored Links
Advertisement
 
Old 12-19-2015, 08:24 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hyper-V Help Needed with Snapshots & AVHD's
Hello- I am having an issue with one of my VM's and my setup is like this. I have a physical server running 2008-R2 that is hosting two Virtual Servers through Hyper-V. One of the VM's is a very important server as it handles a lot of our budgeting stuff. The Admin before me depended on...
NetwrkEngineer Windows Servers 2 11-27-2014 04:03 PM
Possible worm/rootkit?
Hi /all- Recently I Have been having alot of slowdowns, lots of hanging programs/crashes, and most annoyingly people on my contact lists are recieving emails from me with ad's and links, that I did not send. ("uncoincedently" started about the time I let my siblings use my rig/user :upset: next...
BHM Resolved HJT Threads 7 02-15-2011 06:01 AM
Help Removing Trojan Downloader Win32 Unruy
I hope I posted this information correctly. I need help removing the downloader trojan Win32 Unruy. My system is running Vista Home Edition. I've tried removing it with Malware bytes and the most up to date Mcafee. I'm attaching the logs from DDS. I'm hoping someone can please help me.
sgarbelman Inactive Malware Help Topics 6 02-13-2011 08:30 PM
I installed java but it doesnt work
Ok, so heres the story. I tried running minecraft(a game) and i ge an error saying my JRE is non existent. I try uninstalling and reinstalling from the java site, it didnt work. I have all the administrator priveleges to my computer. I have vista(in case you didnt pick up). So when...
mikemac402 Windows 7 , Windows Vista Support 39 02-10-2011 04:33 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 12:11 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts