Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy settings keep automatically changing to 127.0.0.1:8800


  • This topic is locked This topic is locked
20 replies to this topic

#1 Kachi

Kachi

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 23 November 2014 - 04:56 PM

Can someone please give me some guidance on how to get rid of this? I've tried everything that I can think of, and can't figure out what's causing the changes to revert back automatically. I can use firefox to get around the proxy settings, but nothing I try is helping with the system proxy settings.

 

Any help is apreciated.


Edited by Kachi, 23 November 2014 - 04:57 PM.


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:27 AM

Posted 28 November 2014 - 05:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/557403 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 29 November 2014 - 09:56 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#4 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 29 November 2014 - 12:13 PM

Thanks for helping me with this nasdaq. Here are the logs and updates

 

# AdwCleaner v4.102 - Report created 29/11/2014 at 11:01:51
# Updated 23/11/2014 by Xplode
# Database : 2014-11-23.7 [Local]
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : josh - JOS_PC
# Running from : C:\Users\josh\Downloads\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\josh\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\josh\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\josh\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\josh\AppData\Roaming\pdfforge

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.1.1 (x86 en-US)

[nbzi1wq9.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "default-search.net");

-\\ Google Chrome v39.0.2171.71

[C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

*************************

AdwCleaner[R0].txt - [5931 octets] - [29/11/2014 10:59:08]
AdwCleaner[S0].txt - [5848 octets] - [29/11/2014 11:01:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5908 octets] ##########

 

----------------

 

no improvement after first scan

 

----------------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by josh (administrator) on JOS_PC on 29-11-2014 11:07:13
Running from C:\Users\josh\Downloads
Loaded Profile: josh (Available profiles: josh & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dell) C:\Users\josh\AppData\Local\Apps\2.0\YYA9JO53.VRN\0A1HYQ2R.8BD\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe
(Dropbox, Inc.) C:\Users\josh\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Farbar) C:\Users\josh\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Dell Unifying Software Launcher] => C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe [3209608 2012-12-21] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179928 2013-01-02] (cyberlink)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-06-27] (Power Software Ltd)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-2103106186-1472817338-2463948403-1002\...\Run: [GoogleChromeAutoLaunch_DC48B780CB35ABEA64741A353B4FD05E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-25] (Google Inc.)
HKU\S-1-5-21-2103106186-1472817338-2463948403-1002\...\Run: [DellSystemDetect] => C:\Users\josh\AppData\Local\Apps\2.0\YYA9JO53.VRN\0A1HYQ2R.8BD\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-08-14] (Dell)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-12] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-11-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-11-12] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2103106186-1472817338-2463948403-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM -> {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 -> DefaultScope {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 -> {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKU\S-1-5-21-2103106186-1472817338-2463948403-1002 -> {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL =
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 64.233.207.8 64.233.207.9

FireFox:
========
FF ProfilePath: C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\nbzi1wq9.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103106186-1472817338-2463948403-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2103106186-1472817338-2463948403-1002: @talk.google.com/O1DPlugin -> C:\Users\josh\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2103106186-1472817338-2463948403-1002: @tools.google.com/Google Update;version=3 -> C:\Users\josh\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2103106186-1472817338-2463948403-1002: @tools.google.com/Google Update;version=9 -> C:\Users\josh\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\josh\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\josh\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Adblock Plus - C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\nbzi1wq9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-12]
CHR Extension: (Google Drive) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-12]
CHR Extension: (YouTube) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-12]
CHR Extension: (Google Search) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-12]
CHR Extension: (AdBlock) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-12]
CHR Extension: (Google Wallet) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-12]
CHR Extension: (Gmail) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S4 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245888 2013-01-02] (CyberLink)
S4 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [135168 2013-09-13] () [File not signed]
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-11-23] (SurfRight B.V.)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
S4 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S4 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [179688 2013-01-19] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S4 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [497664 2013-01-31] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2013-11-21] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3203440 2013-01-31] (Qualcomm Atheros, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-14] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-01-31] (Qualcomm Atheros, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [20968 2013-01-19] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [19944 2013-01-19] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-11-27] ()
S3 cpuz136; \??\C:\Users\josh\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-29 11:07 - 2014-11-29 11:07 - 00020048 _____ () C:\Users\josh\Downloads\FRST.txt
2014-11-29 11:06 - 2014-11-29 11:06 - 02117632 _____ (Farbar) C:\Users\josh\Downloads\FRST64(1).exe
2014-11-29 11:03 - 2014-11-29 11:03 - 00000000 ___RD () C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-29 10:59 - 2014-11-29 11:01 - 00000000 ____D () C:\AdwCleaner
2014-11-29 10:58 - 2014-11-29 10:58 - 02148864 _____ () C:\Users\josh\Downloads\adwcleaner_4.102.exe
2014-11-27 23:39 - 2014-11-27 23:40 - 00000843 _____ () C:\WINDOWS\setupact.log
2014-11-27 23:39 - 2014-11-27 23:39 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-24 19:05 - 2014-11-24 19:07 - 00000000 ____D () C:\Users\josh\Downloads\Kaspersky Rescue2Usb
2014-11-24 19:01 - 2014-11-24 19:04 - 308432896 _____ () C:\Users\josh\Downloads\kav_rescue_10.iso
2014-11-24 19:01 - 2014-11-24 19:01 - 00387584 _____ () C:\Users\josh\Downloads\rescue2usb.exe
2014-11-24 06:34 - 2014-11-29 09:25 - 00510304 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-23 15:44 - 2014-11-28 20:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2103106186-1472817338-2463948403-1002
2014-11-23 15:38 - 2014-11-29 11:02 - 00003014 _____ () C:\WINDOWS\PFRO.log
2014-11-23 15:37 - 2014-11-23 15:37 - 00000470 _____ () C:\WINDOWS\system32\.crusader
2014-11-23 15:12 - 2014-11-23 15:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-23 15:12 - 2014-11-23 15:12 - 00001911 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-11-23 15:12 - 2014-11-23 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-11-23 15:12 - 2014-11-23 15:12 - 00000000 ____D () C:\Program Files\HitmanPro
2014-11-23 15:11 - 2014-11-23 15:12 - 11222744 _____ (SurfRight B.V.) C:\Users\josh\Downloads\HitmanPro_x64.exe
2014-11-23 15:06 - 2014-11-23 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 14:52 - 2014-11-29 11:07 - 00000000 ____D () C:\FRST
2014-11-23 14:48 - 2014-11-23 14:50 - 02118144 _____ (Farbar) C:\Users\josh\Downloads\FRST64.exe
2014-11-23 14:48 - 2014-11-23 14:48 - 00024899 _____ () C:\Users\josh\Downloads\index.php
2014-11-23 14:31 - 2014-11-23 14:31 - 00061554 _____ () C:\Users\josh\Documents\cc_20141123_143135.reg
2014-11-23 14:19 - 2014-11-23 14:19 - 00000810 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-11-23 14:19 - 2014-11-23 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-11-23 14:19 - 2014-11-23 14:19 - 00000000 ____D () C:\Program Files\Speccy
2014-11-23 14:17 - 2014-11-23 14:18 - 04890736 _____ (Piriform Ltd) C:\Users\josh\Downloads\spsetup126.exe
2014-11-23 14:13 - 2014-11-23 14:13 - 00014687 _____ () C:\Users\josh\Downloads\hijackthis.log
2014-11-23 14:10 - 2014-11-23 14:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\josh\Downloads\HijackThis.exe
2014-11-23 13:50 - 2014-11-23 13:50 - 00000835 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.txt
2014-11-23 13:48 - 2014-11-23 13:50 - 00000835 _____ () C:\Users\josh\hosts.txt
2014-11-23 12:32 - 2014-11-23 12:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-23 12:32 - 2014-11-23 12:32 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-23 12:32 - 2014-11-12 14:46 - 00615624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-11-23 12:29 - 2014-11-12 18:20 - 31893136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 24557712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 20986592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 20922512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 19966344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 18514616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 17259664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 14032984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 13944952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 13213512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-11-23 12:29 - 2014-11-12 18:20 - 11397744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 11336432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 04292416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 04011208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434475.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434475.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00964928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00923792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00900928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00500880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00418112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00393024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00352016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00348304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-11-23 12:29 - 2014-11-12 18:20 - 00303600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-11-22 17:40 - 2014-11-22 17:40 - 00000997 _____ () C:\Users\Administrator\Desktop\SARDU.lnk
2014-11-22 17:40 - 2014-11-22 17:40 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
2014-11-22 17:40 - 2014-11-22 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SARDU
2014-11-22 12:14 - 2014-11-22 12:14 - 00000000 ____D () C:\Users\josh\Downloads\SARDU_3_beta6
2014-11-22 12:13 - 2014-11-22 12:13 - 17472962 _____ () C:\Users\josh\Downloads\SARDU_3_beta6.zip
2014-11-22 00:10 - 2014-11-22 00:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-22 00:10 - 2014-11-22 00:09 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-22 00:10 - 2014-11-22 00:09 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-22 00:10 - 2014-11-22 00:09 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-22 00:10 - 2014-11-22 00:09 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-22 00:09 - 2014-11-22 00:09 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 21:36 - 2014-11-19 21:36 - 00000000 __SHD () C:\Users\josh\AppData\Local\EmieBrowserModeList
2014-11-18 14:07 - 2014-11-09 17:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-18 14:07 - 2014-11-09 17:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-18 14:07 - 2014-11-09 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-18 14:07 - 2014-11-09 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-15 23:26 - 2014-11-15 23:26 - 00000000 ____D () C:\Users\josh\AppData\Local\Macromedia
2014-11-15 23:24 - 2014-11-29 10:50 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-15 23:24 - 2014-11-25 13:50 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-11 18:02 - 2014-10-17 01:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-11 18:02 - 2014-10-17 00:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-11 18:02 - 2014-09-27 01:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-11 18:02 - 2014-09-26 23:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-11 18:02 - 2014-09-26 21:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-11 18:02 - 2014-09-26 21:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-11 18:02 - 2014-09-26 21:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-11 18:02 - 2014-08-30 18:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-11 18:01 - 2014-09-10 00:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-11 18:01 - 2014-09-07 21:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-11 18:01 - 2014-09-07 21:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-11 18:01 - 2014-09-07 16:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-11 18:01 - 2014-09-04 16:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-11 18:01 - 2014-09-04 16:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-11 18:01 - 2014-09-03 21:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-11 18:01 - 2014-09-03 20:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-11 18:01 - 2014-09-03 19:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-11 18:01 - 2014-09-03 18:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-11 18:01 - 2014-08-30 18:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-11 18:01 - 2014-08-30 16:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-11 18:01 - 2014-08-30 16:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-11 18:01 - 2014-08-30 15:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-11 18:01 - 2014-08-30 15:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-11 18:01 - 2014-08-30 14:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-11 18:01 - 2014-08-30 14:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-11 18:01 - 2014-08-27 20:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-11 18:01 - 2014-08-27 18:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-11 18:01 - 2014-08-27 18:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-11 18:01 - 2014-08-22 23:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-11 18:01 - 2014-08-22 23:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-11 18:01 - 2014-08-22 22:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-11 18:01 - 2014-08-01 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-11 18:01 - 2014-08-01 18:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-11 18:00 - 2014-10-12 20:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-11 18:00 - 2014-10-10 18:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-11 18:00 - 2014-10-10 18:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-11 18:00 - 2014-10-08 01:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-11 18:00 - 2014-10-08 01:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-11 18:00 - 2014-10-08 00:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-11 18:00 - 2014-10-07 23:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-11 18:00 - 2014-10-07 23:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-11 18:00 - 2014-09-21 22:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-11 18:00 - 2014-09-21 21:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-11 18:00 - 2014-09-21 21:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-11 18:00 - 2014-09-21 20:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-11 18:00 - 2014-09-18 18:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-11 18:00 - 2014-09-02 16:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-11 18:00 - 2014-09-02 16:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-11 17:59 - 2014-10-09 19:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-11 17:59 - 2014-10-09 19:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-11 17:59 - 2014-10-09 19:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-11 17:59 - 2014-10-08 01:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-11 17:59 - 2014-10-08 01:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-11 17:59 - 2014-10-08 01:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-11 17:59 - 2014-10-08 01:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-11 17:59 - 2014-10-08 00:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-11 17:59 - 2014-10-08 00:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-11 17:59 - 2014-10-08 00:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-11 17:59 - 2014-10-08 00:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-11 17:59 - 2014-10-08 00:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-11 17:59 - 2014-10-07 23:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-11 17:58 - 2014-10-18 03:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-11 17:58 - 2014-10-18 02:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-11 17:58 - 2014-10-18 02:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-11 17:58 - 2014-10-18 01:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-11 17:58 - 2014-10-18 00:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-11 17:58 - 2014-10-18 00:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-11 17:58 - 2014-10-18 00:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-11 17:58 - 2014-10-18 00:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-11 17:58 - 2014-10-18 00:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-11 17:58 - 2014-10-18 00:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-11 17:58 - 2014-10-18 00:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-11 17:58 - 2014-10-18 00:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-11 17:58 - 2014-10-18 00:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-11 17:58 - 2014-10-18 00:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-11 17:58 - 2014-10-18 00:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-11 17:58 - 2014-10-18 00:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-11 17:55 - 2014-10-30 23:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-11 17:55 - 2014-10-30 21:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-11 17:54 - 2014-10-30 23:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-11 17:54 - 2014-10-30 23:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-11 17:54 - 2014-10-30 23:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-11 17:54 - 2014-10-30 23:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-11 17:54 - 2014-10-30 23:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-11 17:54 - 2014-10-30 23:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-11 17:54 - 2014-10-30 22:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-11 17:54 - 2014-10-30 22:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-11 17:54 - 2014-10-30 22:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-11 17:54 - 2014-10-30 22:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-11 17:54 - 2014-10-30 22:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-11 17:54 - 2014-10-30 22:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-11 17:54 - 2014-10-30 22:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-11 17:54 - 2014-10-30 22:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-11 17:54 - 2014-10-30 22:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-11 17:54 - 2014-10-30 22:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-11 17:54 - 2014-10-30 22:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-11 17:54 - 2014-10-30 22:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-11 17:54 - 2014-10-30 22:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-11 17:54 - 2014-10-30 22:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-11 17:54 - 2014-10-30 22:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-11 17:54 - 2014-10-30 22:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-11 17:54 - 2014-10-30 22:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-11 17:54 - 2014-10-30 22:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-11 17:54 - 2014-10-30 22:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-11 17:54 - 2014-10-30 22:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-11 17:54 - 2014-10-30 22:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-11 17:54 - 2014-10-30 22:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-11 17:54 - 2014-10-30 22:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-11 17:54 - 2014-10-30 22:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-11 17:54 - 2014-10-30 22:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-11 17:54 - 2014-10-30 22:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-11 17:54 - 2014-10-30 22:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-11 17:54 - 2014-10-30 21:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-11 17:54 - 2014-10-30 21:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-11 17:54 - 2014-10-30 21:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-11 17:54 - 2014-10-30 21:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-11 17:54 - 2014-10-30 21:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-11 17:54 - 2014-10-30 21:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-11 17:54 - 2014-10-30 21:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-11 17:54 - 2014-10-30 21:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-11 17:54 - 2014-10-30 21:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-11 17:54 - 2014-10-30 21:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-11 17:54 - 2014-10-30 21:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-11 17:54 - 2014-10-30 21:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-11 17:54 - 2014-10-30 21:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-11 17:54 - 2014-10-30 21:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-11 17:54 - 2014-10-30 21:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-11 17:54 - 2014-10-30 21:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-11 17:54 - 2014-10-30 21:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-11 17:54 - 2014-10-30 21:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-11 17:54 - 2014-10-30 21:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-11 17:54 - 2014-10-30 21:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-11 17:54 - 2014-10-30 21:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-11 17:54 - 2014-10-30 21:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-11 17:54 - 2014-10-30 21:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-11 17:54 - 2014-10-30 21:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-11 17:54 - 2014-10-30 20:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 17:54 - 2014-10-30 20:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-11 17:54 - 2014-10-30 20:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-11 17:54 - 2014-10-30 20:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-11 17:54 - 2014-10-30 20:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-11 17:54 - 2014-10-30 20:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-11 17:54 - 2014-10-30 20:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-11 17:54 - 2014-10-30 20:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-11 17:54 - 2014-10-30 20:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-11 17:54 - 2014-10-30 20:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-11 17:54 - 2014-10-30 20:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-11 17:54 - 2014-10-30 20:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-11 17:54 - 2014-10-30 20:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-11 17:54 - 2014-10-30 20:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-11 17:54 - 2014-10-30 20:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-11 17:54 - 2014-10-30 20:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-11 17:54 - 2014-10-30 20:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-11 17:54 - 2014-10-30 20:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-11 17:54 - 2014-10-30 20:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-11 17:54 - 2014-10-30 20:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-11 17:54 - 2014-10-30 20:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-11 17:54 - 2014-10-30 20:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-11 17:53 - 2014-11-04 17:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-11 17:53 - 2014-11-03 18:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-11 17:53 - 2014-10-30 23:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-11 17:53 - 2014-10-30 23:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-11 17:53 - 2014-10-30 23:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-11 17:53 - 2014-10-30 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-11 17:53 - 2014-10-30 23:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-11 17:53 - 2014-10-30 23:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-11 17:53 - 2014-10-30 22:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-11 17:53 - 2014-10-30 22:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-11 17:53 - 2014-10-30 22:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-11 17:53 - 2014-10-30 22:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-11 17:53 - 2014-10-30 21:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-11 17:53 - 2014-10-30 21:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-11 17:53 - 2014-10-30 21:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-11 17:53 - 2014-10-30 21:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-11 17:53 - 2014-10-22 23:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-11 17:53 - 2014-10-22 23:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-11 17:53 - 2014-10-07 00:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-11 17:53 - 2014-10-07 00:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-11 17:53 - 2014-10-07 00:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-11 17:53 - 2014-10-07 00:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-11 17:53 - 2014-10-07 00:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-11 17:53 - 2014-10-06 21:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-11 17:53 - 2014-10-06 21:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-11 17:53 - 2014-10-06 21:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-11 17:53 - 2014-10-06 21:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-11 17:53 - 2014-10-06 19:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-11 17:53 - 2014-10-06 19:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-11 17:53 - 2014-08-22 23:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-11 17:53 - 2014-08-22 23:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-09 18:23 - 2014-10-29 22:53 - 01876296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434460.dll
2014-11-09 18:23 - 2014-10-29 22:53 - 01539272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434460.dll
2014-11-07 10:17 - 2014-11-07 10:17 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb
2014-11-05 02:55 - 2014-11-05 02:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-11-05 02:55 - 2014-11-05 02:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-29 11:07 - 2014-03-18 04:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-29 11:04 - 2014-08-14 20:22 - 00000000 ____D () C:\Users\josh\AppData\Roaming\ClassicShell
2014-11-29 11:04 - 2014-08-11 19:49 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Dropbox
2014-11-29 11:04 - 2014-08-11 19:45 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-29 11:04 - 2014-04-26 09:47 - 00000000 ___RD () C:\Users\josh\Dropbox
2014-11-29 11:03 - 2014-08-23 00:03 - 00000000 __RDO () C:\Users\josh\OneDrive
2014-11-29 11:03 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-29 11:02 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-29 11:02 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-29 11:01 - 2014-08-11 19:45 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-29 10:53 - 2014-10-22 07:43 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002UA.job
2014-11-29 10:35 - 2014-08-11 19:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-29 08:50 - 2014-09-01 21:01 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{983FE4C4-E617-4BCC-95B5-E06B228A305E}
2014-11-28 18:53 - 2014-10-22 07:43 - 00000866 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002Core.job
2014-11-28 00:20 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-28 00:05 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-28 00:01 - 2014-08-11 19:45 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-27 23:50 - 2014-08-11 19:56 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Apple Computer
2014-11-27 23:26 - 2013-12-12 16:59 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-11-27 23:26 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-27 23:21 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-27 23:19 - 2013-12-12 16:50 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-11-27 23:18 - 2014-08-22 23:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-27 23:18 - 2013-12-12 16:54 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-11-25 19:25 - 2013-12-12 16:55 - 00000000 ____D () C:\ProgramData\PCDr
2014-11-24 18:59 - 2014-08-11 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-23 15:44 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\GMT-MAX.ORG
2014-11-23 15:44 - 2014-09-03 19:26 - 00000000 ____D () C:\Users\josh\AppData\Roaming\BitTorrent
2014-11-23 14:44 - 2014-08-12 21:09 - 00003192 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2014-11-23 14:43 - 2014-08-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-23 14:42 - 2014-08-23 12:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-23 14:22 - 2013-08-22 09:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-11-23 14:13 - 2014-08-11 19:17 - 00000000 ____D () C:\Users\josh\AppData\Local\VirtualStore
2014-11-23 14:05 - 2014-08-11 19:56 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-23 13:48 - 2014-08-22 23:43 - 00000000 ____D () C:\Users\josh
2014-11-23 13:24 - 2014-08-24 12:51 - 00001286 _____ () C:\Users\josh\Desktop\Revo Uninstaller.lnk
2014-11-23 13:24 - 2014-08-24 12:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-23 12:34 - 2014-10-07 09:59 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-23 12:33 - 2014-08-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-23 12:33 - 2013-12-12 16:59 - 00000000 ____D () C:\Temp
2014-11-23 12:32 - 2014-08-22 23:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-23 12:31 - 2014-08-11 19:48 - 00000000 ____D () C:\ProgramData\Skype
2014-11-23 12:29 - 2014-08-12 21:06 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Skype
2014-11-22 18:41 - 2014-10-07 09:59 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-22 18:41 - 2014-10-07 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-22 18:41 - 2014-10-07 09:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-22 17:40 - 2014-07-01 20:06 - 00000981 _____ () C:\Users\josh\Desktop\SARDU.lnk
2014-11-22 17:37 - 2014-07-01 20:04 - 00000000 ____D () C:\Users\josh\Downloads\SARDU_2.0.6.5
2014-11-21 22:30 - 2014-09-03 19:42 - 00000000 ____D () C:\Program Files\PeerBlock
2014-11-20 14:51 - 2014-10-18 10:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 14:51 - 2014-10-18 10:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 22:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-16 15:08 - 2014-08-11 19:48 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Spotify
2014-11-16 14:29 - 2014-09-05 22:30 - 00000000 ____D () C:\Users\josh\AppData\Local\Spotify
2014-11-16 14:20 - 2014-08-16 22:32 - 00000000 ____D () C:\Users\josh\AppData\Roaming\vlc
2014-11-16 10:21 - 2014-08-12 21:14 - 00000000 ____D () C:\ProgramData\softthinks
2014-11-16 09:10 - 2014-10-21 07:50 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-16 09:10 - 2014-08-11 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-15 23:40 - 2014-08-11 19:50 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 23:40 - 2014-04-26 07:52 - 00001028 _____ () C:\Users\josh\Desktop\Dropbox.lnk
2014-11-15 23:34 - 2013-08-22 08:44 - 00510512 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 23:30 - 2014-08-14 21:39 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 23:30 - 2013-08-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-15 23:25 - 2014-09-27 17:18 - 00000000 ____D () C:\Users\josh\AppData\Local\Adobe
2014-11-14 06:56 - 2014-08-11 19:45 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 06:56 - 2014-08-11 19:45 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 18:48 - 2014-10-22 07:43 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002UA
2014-11-12 18:48 - 2014-10-22 07:43 - 00003482 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002Core
2014-11-12 18:20 - 2014-08-11 19:36 - 16884632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 03262784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 02874456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 00989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 00871648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 00174856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 00156840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-11-12 18:20 - 2014-08-11 19:36 - 00027094 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-11-12 15:56 - 2014-08-22 23:35 - 06897352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 03534152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 01092752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 00934032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-11-12 15:56 - 2014-08-22 23:35 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-11-12 15:56 - 2014-08-22 23:35 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-11-12 04:41 - 2014-09-09 19:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 04:32 - 2014-08-16 10:57 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 04:26 - 2014-08-16 10:57 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-11 04:29 - 2014-08-22 23:35 - 04100776 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-11-10 21:48 - 2014-08-19 19:36 - 00000000 ____D () C:\Users\josh\AppData\Roaming\Mozilla
2014-11-05 02:55 - 2014-08-11 19:48 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-05 02:55 - 2014-08-11 19:48 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-05 02:55 - 2014-08-11 19:48 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-05 02:55 - 2014-08-11 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

Some content of TEMP:
====================
C:\Users\josh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8z4xe5.dll
C:\Users\josh\AppData\Local\Temp\Quarantine.exe
C:\Users\josh\AppData\Local\Temp\speccycpuid.dll
C:\Users\josh\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-28 04:07

==================== End Of Log ============================

 

still having the same issue
 



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 29 November 2014 - 02:14 PM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

Winlogon\Notify\igfxcui: igfxdev.dll [X]
SearchScopes: HKLM -> DefaultScope {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM -> {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 -> DefaultScope {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 -> {DF5B6BE1-4B6D-4CDD-943C-E277FAEB0F82} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
CHR Extension: (Google Wallet) - C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-12]
S3 cpuz136; \??\C:\Users\josh\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
C:\Users\josh\AppData\Local\Temp\speccycpuid.dll

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Remove the proxy settings on both browsers.

In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:8800 if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
===

If you use Firefox in Tools Menu > Options... > Advanced Tab > Network Tab > Connection > Settings. Select the Auto-detect proxy settings for this network option. Or no proxy if you do not need it.
===

Restart the computer normally to reset the registry.

===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#6 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 29 November 2014 - 03:18 PM

No changes right now.

 

Results of screen317's Security Check version 0.99.91  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
Windows Defender                  
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 2.0.3.1025  
 Java 7 Update 71  
 Adobe Flash Player     15.0.0.239  
 Adobe Reader XI  
 Mozilla Firefox (33.1.1)
 Google Chrome (39.0.2171.65)
 Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 30 November 2014 - 08:49 AM

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
If the proxy problem continues please let me know which browsers in a problem.

#8 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 30 November 2014 - 11:55 AM

I am only able to get by this proxy issue with firefox becuse firefox has it's own proxy settings. ANY other program on my computer can't access the internet. (ie, chrome, windows update, steam, origin, dropbox, microsoft store, google drive, etc).

 

---------------------------------------

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by josh (administrator) on 30-11-2014 at 10:37:51
Running from "C:\Users\josh\Downloads"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
Killer Wireless-N 1202 (2.4GHz and 5GHz) = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration

 

------------------------------------------
 

 

Here is a screenshot of something odd I noticed that might help. not sure if the circled area gives any help. I am the only user on this computer, and the only administrator.

 

proxy%20problem.jpg



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 30 November 2014 - 01:39 PM

Refer to the last image.
Did you press the Lan Settings button.

My previous instructions.
In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:xxxxx if found, then uncheck "Use a proxy server" and check "Automatically detect settings".
===

#10 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 30 November 2014 - 02:21 PM

I have. any time I make any changes to that menu it automatically reverts back to the settings shown below.

 

loopback1.jpg

 

loopback2.jpg



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 30 November 2014 - 02:38 PM

Uncheck the "Use a proxy server for Lan...."

Click the OK button.

How is it now?

#12 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 30 November 2014 - 03:40 PM

Still the same issue. When I went in after changing it the settings reverted back to what they are above.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:27 AM

Posted 06 December 2014 - 09:21 AM

ttLR1ki.jpg
  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
----------

#14 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 06 December 2014 - 03:08 PM

otl file

 

OTL logfile created on: 12/6/2014 1:51:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\josh\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.92 Gb Total Physical Memory | 12.63 Gb Available Physical Memory | 79.31% Memory free
31.92 Gb Paging File | 25.87 Gb Available in Paging File | 81.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1847.00 Gb Total Space | 1147.34 Gb Free Space | 62.12% Space Free | Partition Type: NTFS
Drive X: | 450.00 Mb Total Space | 167.15 Mb Free Space | 37.14% Space Free | Partition Type: NTFS
Drive Y: | 12.91 Gb Total Space | 0.69 Gb Free Space | 5.38% Space Free | Partition Type: NTFS
 
Computer Name: JOS_PC | User Name: josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\josh\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe ()
PRC - C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe ()
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
 
 
========== Modules (No Company Name) ==========
 
MOD - c:\Users\josh\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpankwpp.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\9c83f0e7098f709abd115e29c73e601e\System.ServiceModel.Web.ni.dll ()
MOD - C:\Users\josh\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a027a5ca6358908b97b5085fb0464a36\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\9b0c1539963f393f6641949a67757b8f\System.Xml.Linq.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\70c6bf4a51d18b4a9a1805cd48d1caad\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\055a9f703a30ece9cce1f6a130a296b5\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\8843bc51abc35b8247ffb506ef61d954\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\00fc7d14bbb38db00e4103912c041adf\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\eb62bc6e97d1d2aafbf3a101d7f029e1\PresentationFramework.Aero2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\377e9afc870e7d53922fbcfd6023b2f7\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1799dc618cfa61adb75b82311884c3d\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\b8e2e79f70d09551560548cda72e2c51\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\483443985708dc5439abe7fd6350abe4\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll ()
MOD - C:\Users\josh\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe ()
SRV:64bit: - (ISCTAgent) -- c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe ()
SRV:64bit: - (Intel® -- c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (DellDigitalDelivery) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (SftService) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (SoftThinks SAS)
SRV - (Dell WMI Service) -- C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe ()
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (WPRO_41_2001) -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys ()
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgwfpa) -- C:\Windows\SysNative\drivers\avgwfpa.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (SCDEmu) -- C:\WINDOWS\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (Avgboota) -- C:\Windows\SysNative\drivers\avgboota.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bwcW8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (akw8x64) -- C:\Windows\SysNative\drivers\akw8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8800;https=127.0.0.1:8800
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
 
========== FireFox ==========
 
FF - prefs.js..browser.search.highlightCount: 4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\josh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\josh\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\josh\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\josh\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/08/19 19:36:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\josh\AppData\Roaming\Mozilla\Extensions
[2014/12/04 17:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\nbzi1wq9.default\extensions
[2014/11/23 22:33:17 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\nbzi1wq9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/12/03 18:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/12/03 18:38:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
 
Hosts file not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [Dell Unifying Software Launcher] C:\Program Files\Dell\UnifyingSoftwareLauncher\DellLaunchUnifyingApp.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\josh\AppData\Local\Apps\2.0\YYA9JO53.VRN\0A1HYQ2R.8BD\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_DC48B780CB35ABEA64741A353B4FD05E] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - Startup: C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\josh\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.233.207.8 64.233.207.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{020A6310-3C9F-4644-87D0-41B6DF235AD6}: DhcpNameServer = 64.233.207.8 64.233.207.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6B5F926-1E83-40F7-9B16-3B3EDE8CF063}: DhcpNameServer = 64.233.207.8 64.233.207.9
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/11/30 11:06:31 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/03 18:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/12/01 22:41:25 | 000,000,000 | R--D | C] -- C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/11/30 11:12:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2014/11/30 11:06:31 | 000,000,000 | ---D | C] -- C:\Autoruns
[2014/11/29 10:59:04 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/27 23:26:14 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\ElevatedDiagnostics
[2014/11/23 15:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/11/23 15:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/11/23 15:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/11/23 14:52:02 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/23 14:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014/11/23 14:19:17 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/11/23 13:24:41 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/11/23 12:32:24 | 000,615,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2014/11/23 12:32:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2014/11/23 12:32:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2014/11/23 12:29:32 | 031,893,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014/11/23 12:29:32 | 020,986,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014/11/23 12:29:32 | 018,514,616 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014/11/23 12:29:32 | 014,032,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014/11/23 12:29:32 | 011,397,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014/11/23 12:29:31 | 024,557,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014/11/23 12:29:31 | 019,966,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014/11/23 12:29:31 | 013,944,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014/11/23 12:29:31 | 011,336,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014/11/23 12:29:31 | 004,292,416 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014/11/23 12:29:31 | 004,011,208 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014/11/23 12:29:31 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6434475.dll
[2014/11/23 12:29:31 | 001,540,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6434475.dll
[2014/11/23 12:29:31 | 000,964,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014/11/23 12:29:31 | 000,935,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014/11/23 12:29:31 | 000,923,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014/11/23 12:29:31 | 000,900,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014/11/23 12:29:31 | 000,500,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014/11/23 12:29:31 | 000,418,112 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014/11/23 12:29:31 | 000,393,024 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014/11/23 12:29:31 | 000,352,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014/11/23 12:29:31 | 000,348,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014/11/23 12:29:31 | 000,303,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014/11/23 12:29:28 | 020,922,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014/11/23 12:29:28 | 017,259,664 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014/11/22 17:40:04 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
[2014/11/22 17:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SARDU
[2014/11/22 00:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/11/22 00:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/11/22 00:10:11 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/11/22 00:10:04 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/11/22 00:10:04 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/11/22 00:10:04 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/11/22 00:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/11/19 21:36:48 | 000,000,000 | -HSD | C] -- C:\Users\josh\AppData\Local\EmieBrowserModeList
[2014/11/15 23:26:36 | 000,000,000 | ---D | C] -- C:\Users\josh\AppData\Local\Macromedia
[2014/11/11 18:02:44 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/11/11 18:02:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014/11/11 18:02:37 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/11/11 18:02:37 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/11/11 18:01:57 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/11/11 18:01:52 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/11/11 18:01:51 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/11/11 18:01:49 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/11/11 18:01:49 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/11/11 18:01:49 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/11/11 18:01:48 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/11/11 18:01:47 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/11/11 18:01:47 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/11/11 18:01:46 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/11/11 18:01:46 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/11/11 18:01:45 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/11/11 18:01:44 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/11/11 18:01:43 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/11/11 18:01:43 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/11/11 18:01:42 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/11/11 18:01:41 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014/11/11 18:01:40 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014/11/11 18:01:39 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014/11/11 18:00:27 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/11/11 18:00:27 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/11/11 18:00:26 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/11/11 18:00:25 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/11/11 18:00:25 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/11/11 18:00:25 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/11/11 18:00:13 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/11/11 18:00:11 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/11/11 18:00:11 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/11/11 18:00:10 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/11/11 18:00:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014/11/11 18:00:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014/11/11 17:59:23 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/11/11 17:59:22 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/11/11 17:59:22 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/11/11 17:59:22 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/11/11 17:59:21 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/11/11 17:59:21 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/11/11 17:59:21 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014/11/11 17:59:21 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014/11/11 17:59:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/11/11 17:59:21 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014/11/11 17:59:21 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014/11/11 17:58:56 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/11/11 17:58:56 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/11/11 17:58:56 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/11/11 17:58:56 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/11/11 17:58:56 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/11/11 17:58:56 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/11/11 17:58:55 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/11/11 17:58:55 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/11/11 17:58:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/11/11 17:58:55 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/11/11 17:58:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/11/11 17:58:55 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/11/11 17:58:55 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/11/11 17:58:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/11/11 17:58:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014/11/11 17:54:22 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/11/11 17:54:11 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/11/11 17:54:09 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/11/11 17:54:09 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/11/11 17:54:09 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/11/11 17:54:09 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/11/11 17:54:08 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/11/11 17:54:08 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/11/11 17:54:08 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/11/11 17:54:07 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/11/11 17:54:07 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/11/11 17:54:06 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/11/11 17:54:06 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/11/11 17:54:06 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/11/11 17:54:05 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/11/11 17:54:05 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/11/11 17:54:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/11/11 17:54:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/11/11 17:54:02 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/11/11 17:54:02 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/11/11 17:54:02 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/11/11 17:54:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/11/11 17:54:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/11/11 17:54:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/11/11 17:54:02 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/11/11 17:54:02 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/11/11 17:54:01 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/11/11 17:54:01 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/11/11 17:54:01 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/11/11 17:54:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/11/11 17:54:01 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/11/11 17:54:01 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/11/11 17:54:01 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/11/11 17:54:01 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/11/11 17:54:01 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/11/11 17:54:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/11/11 17:54:01 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/11/11 17:54:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/11/11 17:54:00 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/11/11 17:54:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/11/11 17:54:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/11/11 17:54:00 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/11/11 17:54:00 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/11/11 17:54:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/11/11 17:54:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/11/11 17:54:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/11 17:54:00 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/11/11 17:54:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/11/11 17:54:00 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/11/11 17:54:00 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/11/11 17:54:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/11/11 17:54:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/11/11 17:54:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/11/11 17:53:59 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/11/11 17:53:59 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/11/11 17:53:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/11/11 17:53:59 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/11/11 17:53:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/11/11 17:53:59 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/11/11 17:53:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/11/11 17:53:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/11/11 17:53:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/11/11 17:53:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/11/11 17:53:44 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/11/11 17:53:44 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/11/11 17:53:44 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/11/11 17:53:43 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/11/11 17:53:43 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/11/11 17:53:43 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/11/11 17:53:43 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2014/11/11 17:53:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/11/11 17:53:42 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/11/11 17:53:41 | 000,537,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/11/11 17:53:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/11/11 17:53:41 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/11/11 17:53:41 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/11/11 17:53:40 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/11/09 18:23:28 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6434460.dll
[2014/11/09 18:23:28 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6434460.dll
[2014/11/07 10:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_1114tb
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/06 13:53:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002UA.job
[2014/12/06 13:50:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/12/06 13:01:09 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/06 07:01:00 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/05 18:53:00 | 000,000,866 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2103106186-1472817338-2463948403-1002Core.job
[2014/12/01 22:47:34 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/12/01 22:47:34 | 000,731,446 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/12/01 22:47:34 | 000,136,056 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/12/01 22:42:27 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/12/01 22:40:58 | 000,034,752 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\WPRO_41_2001.sys
[2014/12/01 22:40:25 | 889,044,956 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014/12/01 22:40:25 | 790,167,549 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/01 22:40:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/28 00:01:33 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/23 15:37:48 | 000,000,470 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014/11/23 15:12:55 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/11/23 14:31:40 | 000,061,554 | ---- | M] () -- C:\Users\josh\Documents\cc_20141123_143135.reg
[2014/11/23 14:19:19 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/11/23 13:24:41 | 000,001,286 | ---- | M] () -- C:\Users\josh\Desktop\Revo Uninstaller.lnk
[2014/11/23 12:34:14 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/22 18:41:11 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/22 17:40:04 | 000,000,981 | ---- | M] () -- C:\Users\josh\Desktop\SARDU.lnk
[2014/11/22 00:09:57 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/11/22 00:09:57 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/11/22 00:09:57 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/11/22 00:09:57 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/11/20 14:51:37 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/11/20 14:51:37 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/16 09:10:31 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014/11/15 23:40:34 | 000,001,062 | ---- | M] () -- C:\Users\josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/15 23:40:20 | 000,001,028 | ---- | M] () -- C:\Users\josh\Desktop\Dropbox.lnk
[2014/11/15 23:34:40 | 000,510,512 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/11/12 18:20:36 | 031,893,136 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014/11/12 18:20:36 | 024,557,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014/11/12 18:20:36 | 020,986,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014/11/12 18:20:36 | 020,922,512 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014/11/12 18:20:36 | 019,966,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014/11/12 18:20:36 | 018,514,616 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014/11/12 18:20:36 | 017,259,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014/11/12 18:20:36 | 016,884,632 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014/11/12 18:20:36 | 014,032,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014/11/12 18:20:36 | 013,944,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014/11/12 18:20:36 | 011,397,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014/11/12 18:20:36 | 011,336,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014/11/12 18:20:36 | 004,292,416 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014/11/12 18:20:36 | 004,011,208 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014/11/12 18:20:36 | 003,262,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2014/11/12 18:20:36 | 002,874,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014/11/12 18:20:36 | 001,876,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6434475.dll
[2014/11/12 18:20:36 | 001,540,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6434475.dll
[2014/11/12 18:20:36 | 000,989,056 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2014/11/12 18:20:36 | 000,964,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014/11/12 18:20:36 | 000,935,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014/11/12 18:20:36 | 000,923,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014/11/12 18:20:36 | 000,900,928 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014/11/12 18:20:36 | 000,871,648 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014/11/12 18:20:36 | 000,500,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014/11/12 18:20:36 | 000,418,112 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014/11/12 18:20:36 | 000,393,024 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014/11/12 18:20:36 | 000,352,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014/11/12 18:20:36 | 000,348,304 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014/11/12 18:20:36 | 000,303,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014/11/12 18:20:36 | 000,174,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014/11/12 18:20:36 | 000,156,840 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014/11/12 18:20:36 | 000,027,094 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014/11/12 15:56:45 | 006,897,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014/11/12 15:56:45 | 003,534,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014/11/12 15:56:42 | 002,559,808 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014/11/12 15:56:42 | 001,092,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2014/11/12 15:56:42 | 000,386,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014/11/12 15:56:42 | 000,067,072 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2014/11/12 15:56:42 | 000,062,608 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014/11/12 14:46:11 | 000,615,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2014/11/11 04:29:54 | 004,100,776 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[1 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/12/01 22:40:25 | 889,044,956 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014/11/23 15:37:48 | 000,000,470 | ---- | C] () -- C:\WINDOWS\SysNative\.crusader
[2014/11/23 15:12:55 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/11/23 14:31:37 | 000,061,554 | ---- | C] () -- C:\Users\josh\Documents\cc_20141123_143135.reg
[2014/11/23 14:19:19 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014/11/15 23:24:58 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/11/11 18:01:38 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/08/22 23:36:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/08/12 21:15:17 | 000,000,000 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/05/20 23:33:38 | 000,348,088 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/05/20 23:33:32 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/05/20 23:33:32 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/03/18 04:15:05 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 04:14:37 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/12/12 16:47:44 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 21:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/10 16:12:50 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2014/08/23 00:09:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 18:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 16:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/09/01 20:24:33 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\.minecraft
[2014/10/21 07:51:08 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\AVG2015
[2014/11/23 15:44:05 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\BitTorrent
[2014/12/02 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\ClassicShell
[2014/12/01 22:41:38 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\Dropbox
[2014/08/16 14:35:22 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\ImgBurn
[2014/08/11 19:19:03 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\Leadertech
[2014/08/30 12:24:38 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\Origin
[2014/08/14 20:48:01 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\PCDr
[2014/08/16 15:14:09 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\PowerISO
[2014/11/16 15:08:41 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\Spotify
[2014/08/11 19:58:12 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\TuneUp Software
[2014/09/03 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\josh\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\josh\OneDrive:ms-properties
@Alternate Data Stream - 220 bytes -> C:\Users\josh\OneDrive.old:ms-properties

< End of report >
 



#15 Kachi

Kachi
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 AM

Posted 06 December 2014 - 03:09 PM

extras

 

OTL Extras logfile created on: 12/6/2014 1:51:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\josh\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.92 Gb Total Physical Memory | 12.63 Gb Available Physical Memory | 79.31% Memory free
31.92 Gb Paging File | 25.87 Gb Available in Paging File | 81.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1847.00 Gb Total Space | 1147.34 Gb Free Space | 62.12% Space Free | Partition Type: NTFS
Drive X: | 450.00 Mb Total Space | 167.15 Mb Free Space | 37.14% Space Free | Partition Type: NTFS
Drive Y: | 12.91 Gb Total Space | 0.69 Gb Free Space | 5.38% Space Free | Partition Type: NTFS
 
Computer Name: JOS_PC | User Name: josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020A9AC2-E457-421B-B776-CA423FB9999B}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{031989E1-4680-40C2-9BC3-C2C5F5515473}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{3ACC0E9E-4019-4B21-9E72-D94BC5F4218E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{5CF52C19-FAC1-42A3-B3C6-5EB07246C3DF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{67DDCBAB-E83C-4FE1-BFEE-277B9F03849E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9FD0EC9A-AB14-4539-8EAB-60CEA972DC83}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C8773DF5-0C0E-4737-8B3C-C2AC7455A64B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EB33B1CA-1E4A-4992-9D26-7774B0C5625A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F23E0449-EF5D-4A90-8830-7338D7377B5B}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FD808752-8518-40F1-AFAC-A1DA6B72B3FB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0079AC82-B347-4254-8B7A-370FDAB0770E}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0145E7D5-BCF5-422E-B80F-725492D56BE5}" = dir=in | name=onenote |
"{03A579F6-1C76-498A-98F9-30B14EF732C2}" = dir=out | name=sonicwall mobile connect |
"{0BC5C1C8-3716-47C5-B0A3-C3C7C2BE1EC0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{0CA66A51-87CC-42CB-820B-AF7A1020F367}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{0E1E1707-93EA-4398-91B6-0F66573CE66C}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{136CB2A2-C2F0-4F35-9DCD-666D8D638F5F}" = dir=out | name=dell shop |
"{146D7E0F-499B-4F2A-A99B-73AC4A851DCE}" = dir=in | name=f5 vpn |
"{14E82747-97F6-4593-B579-69C618635AAC}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{158C7AB6-FE14-4C32-813D-9941A1C68A96}" = dir=out | name=onenote |
"{1972C5AC-1818-47AA-A9EB-DA25A01C339C}" = protocol=17 | dir=in | app=c:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe |
"{1AC517A6-1B78-46D3-BEC1-339DA830E485}" = dir=in | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{1B2E558D-A068-4A1D-9F31-A786BB918749}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1E481D46-C93A-43EE-9FE3-987EB2D59DCF}" = dir=out | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{1F5F3375-50B6-4400-86BB-E437E2E60B0E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\titanfall\titanfall.exe |
"{1FE578E2-C660-43E0-A374-EE72696D2D70}" = protocol=6 | dir=in | app=c:\users\josh\appdata\roaming\dropbox\bin\dropbox.exe |
"{2300E503-3EBE-4557-9F6A-E33BD1B2087C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2649D7A4-742C-4476-BBC2-4BD020179805}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{26EC4220-34C7-4E38-A462-56D9A38A68F2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2D30A507-9599-461E-9A84-2F4E28C0B4B4}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{30ACFAF2-CC07-497C-B73D-21E15868FBAF}" = dir=out | name=@{microsoft.bingsports_2.0.0.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{32C9FA3E-B8F4-473C-80F0-4A5FADE12A1A}" = dir=in | name=check point vpn |
"{3A0D5560-D0C2-4FD7-9D8B-F26A1782B006}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3A8BAA72-1C94-4FD2-BFCA-0CCB6B3B9B6E}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3D337234-632E-4D55-B6F0-2B079970381A}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{3DE66F9B-8011-467C-A369-E85042B2524F}" = dir=out | name=windows_ie_ac_001 |
"{4252B963-FC61-4DBB-8795-F686C64F379E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4404650F-F9FF-441E-9E4E-49937BA84E5F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{4A84DF5A-1973-4DD1-AB84-CBD971D5E465}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5635B3C6-8893-4F70-9A7E-8EB20D941691}" = dir=out | name=kindle |
"{5B8D6B67-10E9-45DA-AD2B-03D83DB18DF6}" = dir=in | name=mcafee® central for dell |
"{5D918E34-0C49-4BA4-A91C-833F8B861537}" = dir=out | name=amazon |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FDD9618-E014-4699-869B-A114FC551E5C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{60646417-C58A-4C38-980C-A318077677A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{62BB6849-717B-4498-98E8-48CF738FBAFE}" = dir=out | name=skype |
"{669E61F2-C826-4277-A8E6-D28AC67F0640}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{689417E6-18B6-46B2-9DCB-57791CBE3C6A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6B2933E2-51EC-4309-A04D-4637391A9CA6}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6C7A55C5-8176-40BD-88AE-47760B4A2917}" = dir=out | name=@{microsoft.zunevideo_2.6.408.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{764C0FB9-5FA9-43B4-A61D-14B13AEAB9C8}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{775E984C-C871-4752-8230-7723DB52A13B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{78D08E78-3BBD-4E35-B77E-0FD4F4FFAA64}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7D2C4C72-8C9F-4D44-BD52-37BA787AFCA6}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7DCB86AA-DF2B-42F2-AFDD-3A8311C705EC}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{89B6917A-3B16-41D1-9A59-A3A0353F284B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8D3A57FE-7968-44CD-B5FD-0924BF38FFC5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{8E4FDAAE-14D1-4F5A-AD32-1D1C841E8361}" = dir=out | name=@{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{920A58E0-36C4-4009-A3AD-791103E0B0F1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{97A7F229-D511-48C8-A556-3F66014A7115}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9902C320-EFB8-4F43-B010-361D7368025C}" = dir=in | name=sonicwall mobile connect |
"{99FE53C0-AED9-4C77-99A8-09F9123A8462}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E600DD1-2712-4569-8EB2-033A3BE0B30A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{A7A275CF-6C59-4650-A144-FB7621D6DC04}" = dir=out | name=@{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{AF392BF1-02E5-44A6-A00C-D7F9871F0DB0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{B07794E0-931C-417D-AB1E-0BB67E46C699}" = dir=out | name=windows_ie_ac_001 |
"{B935FAD9-9B7E-48D5-A8B8-C0E8CE960DD1}" = dir=out | name=mcafee® central for dell |
"{BEE5B0CE-4D47-4440-BD3F-167FC2B18C93}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C422CBAB-3A9A-4EC1-A4E5-34954108A5BD}" = dir=out | name=@{microsoft.zunemusic_2.6.476.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C5C2B193-8F87-4C0A-9941-154E25EE0866}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{C94452E0-41E9-4AAD-8E1D-C446534738EA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CBECEA53-9C75-4559-BA83-FEF87DCC87B2}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{CD54926A-8F3B-44D8-994D-454E279C129B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{CE2D8136-874D-449C-9768-55ED446F3276}" = dir=in | name=juniper networks junos pulse |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D77329A8-EC89-4ABE-A5B9-4585B1218B14}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD59D9C6-0CFB-45FD-9B17-E53B2EB5F096}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DD6244EA-44B0-46DF-BFFA-267720DC0014}" = dir=out | name=check point vpn |
"{E0C94EFB-9F1B-4561-9903-78122D8E6A0B}" = dir=out | name=f5 vpn |
"{E26081C3-5E5B-4830-8787-690CD7B15ADF}" = dir=out | name=juniper networks junos pulse |
"{E657A42A-9E81-4BEE-8118-0407692DB6DB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA785C94-55FF-43C3-ADE8-F93C998FF208}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\titanfall\titanfall.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDEFF188-D830-42F3-B19A-1B75B59E9174}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{F37E5063-C649-487E-987F-2A0FEA478E87}" = dir=out | name=windows_ie_ac_001 |
"{F5BB6BEE-F601-48C0-8F0B-216ED0877987}" = dir=out | name=@{microsoft.zunevideo_1.5.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8D62650-2CF6-473A-8E93-5FC0C07BA6E6}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FBC34087-C2FF-4AB9-BB93-A7DEDF2663ED}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{FBF8EB57-7482-4848-920D-70EC19B8B6DF}" = dir=in | name=dell shop |
"{FCC31928-73FA-4D92-84D1-E52EAD050E58}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{FD4250C7-55E2-4D34-93A0-D4CC6E359412}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{FEC1FA8F-F658-4715-940D-9D7881EC7A34}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"TCP Query User{2C8036CF-D2AA-47F8-9488-F94FBC50D913}C:\users\josh\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\josh\appdata\roaming\spotify\spotify.exe |
"TCP Query User{9FF643C7-31EE-4A84-8EB4-A679A040A6D1}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{370ACD56-7A41-4441-BD35-F11AC5B999D9}C:\users\josh\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\josh\appdata\roaming\spotify\spotify.exe |
"UDP Query User{FEB44711-CB9C-4788-9CEF-7785F4B29287}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417067FF}" = Java 7 Update 67 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{41357956-5B67-489C-9F7D-FABACC2CD3CB}" = AVG 2015
"{4812B582-C445-4335-A390-EC7878D27606}" = AVG 2015
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7A5424D3-5FFE-441A-BE12-2E9057387031}" = Intel® Smart Connect Technology 4.0 x64
"{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}" = Classic Shell
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 344.75
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 344.75
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 344.75
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 344.75
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"{F7A70D00-F283-45C8-B163-49EC365D7E27}" = DSC/AA Factory Installer
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"AVG" = AVG 2015
"CCleaner" = CCleaner
"HitmanPro37" = HitmanPro 3.7
"Logitech Unifying" = Logitech Unifying Software 2.10
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PC-Doctor for Windows" = My Dell
"Speccy" = Speccy
"Unifying Software Launcher" = Dell App Launcher for Unifying Software
"WinRAR archiver" = WinRAR 5.10 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00A73CE4-4595-420A-8E6E-8495EE481584}" = Dell Wireless Keyboard Software
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}" = Google Talk Plugin
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{347EE0C3-0690-48F6-A231-53853C2A80D6}" = Titanfall™
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{594E7534-5ECB-4FAC-B26F-583B0CFCBCEC}" = DELLOSD
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Plants vs. Zombies™
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80E666DA-3CC1-3476-9968-029D9F1FEB8F}" = Google Chrome
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{9395F41D-0F80-432E-9A59-B8E477E7E163}" = OpenOffice 4.1.1
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C60F3836-333A-4AE2-B526-CFDBA143A9BA}" = Google Drive
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D850CB7E-72BC-4510-BA4F-48932BFAB295}" = Dell Digital Delivery
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"ImgBurn" = ImgBurn
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Mozilla Firefox 34.0 (x86 en-US)" = Mozilla Firefox 34.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PowerISO" = PowerISO
"Revo Uninstaller" = Revo Uninstaller 1.95
"SARDU" = SARDU 2.0.6.5
"Steam" = Steam
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Dropbox" = Dropbox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/29/2014 11:55:21 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
 
Error - 11/29/2014 11:55:23 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/29/2014 11:55:24 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/30/2014 2:39:17 AM | Computer Name = jos_pc | Source = Perflib | ID = 1008
Description =
 
Error - 11/30/2014 1:06:44 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/30/2014 1:06:45 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/30/2014 1:07:25 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
 
Error - 11/30/2014 1:07:26 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/30/2014 1:07:28 PM | Computer Name = jos_pc | Source = Microsoft-Windows-LocationProvider | ID = 2007
Description = There was an error communicating to the Orion inference server
 
Error - 11/30/2014 1:11:40 PM | Computer Name = jos_pc | Source = Application Hang | ID = 1002
Description = The program DellSystemDetect.exe version 5.9.0.5 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 7a4    Start
 Time: 01d00cc0aabbeb5e    Termination Time: 0    Application Path: C:\Users\josh\AppData\Local\Apps\2.0\YYA9JO53.VRN\0A1HYQ2R.8BD\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe

Report
 Id: efedd1dd-78b3-11e4-bea1-3c77e65295c6    Faulting package full name:     Faulting package-relative
 application ID:   
 
[ System Events ]
Error - 11/30/2014 12:37:54 PM | Computer Name = jos_pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/30/2014 12:43:36 PM | Computer Name = jos_pc | Source = DCOM | ID = 10016
Description =
 
Error - 11/30/2014 1:10:51 PM | Computer Name = jos_pc | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The DHCP Client service depends on the Ancillary Function Driver for
 Winsock service which failed to start because of the following error:   %%31
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The DNS Client service depends on the NetIO Legacy TDI Support Driver
 service which failed to start because of the following error:   %%31
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the Ancillary Function
 Driver for Winsock service which failed to start because of the following error:
   %%31
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The Network Store Interface Service service depends on the NSI Proxy
 Service Driver service which failed to start because of the following error:   %%31
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The Workstation service depends on the Network Store Interface Service
 service which failed to start because of the following error:   %%1068
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The AVGIDSAgent service depends on the AVGIDSDriver service which
failed to start because of the following error:   %%31
 
Error - 11/30/2014 1:13:08 PM | Computer Name = jos_pc | Source = Service Control Manager | ID = 7001
Description = The IP Helper service depends on the Network Store Interface Service
 service which failed to start because of the following error:   %%1068
 
 
< End of report >
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users