Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

adcash popups in Chrome and Firefox


  • This topic is locked This topic is locked
36 replies to this topic

#1 Naidan

Naidan

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 16 June 2015 - 05:53 AM

Hello guys ,as all of You can see I am quite new and this is my first post here ,i have a really big problem ,I reinstalled my OS like 3 times now just to remove this annoying adware from my pc that keeps opening new tabs whenever i click somewhere on a webpage (its all adcash.com that redirects me to ramage repair ,world of tanks,some successful business man  who left his job fro 10.000$ paycheck site etc.),so I have scanned my system with windows defender and malware antymalware byte programs and they show up like nothing is wrong ,after every reinstall of windows i formatted my C: directory on which the system is located ,deleted chrome installed again ,same with Firefox,restored to default settings nothing helped those annoying popups keeps popping up ,Any sugestion is welcomed.

P.s. i should say that i also tried adwcleaner ,JRT tool,First,and Security Check with my AV and AM disabled.  



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 18 June 2015 - 08:43 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

p.s.
It miight just be that if you are using a router that it's been corrupted.

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====

Post the requested log for my review.

#3 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 19 June 2015 - 03:00 PM

Hello :)

First log txt 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by ----------(administrator) on ------------ on 19-06-2015 21:47:21
Running from C:\Users\-----------\Desktop
Loaded Profiles: ------------- (Available Profiles: -------------)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [330040 2015-05-14] ( New Softwares.net)
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2015-05-14] (New Softwares.net)
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\...\MountPoints2: F - "F:\setup_the_witcher_2_ee_3.0.1.17.exe" 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 5.104.175.153 5.104.175.150
 
FireFox:
========
FF ProfilePath: C:\Users\------------------\AppData\Roaming\Mozilla\Firefox\Profiles\u6ymgo6w.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: Ant Video Downloader - C:\Users\------------------\AppData\Roaming\Mozilla\Firefox\Profiles\u6ymgo6w.default\Extensions\anttoolbar@ant.com [2015-06-17]
FF Extension: Night Mode Page Dim - C:\Users\------------------------\AppData\Roaming\Mozilla\Firefox\Profiles\u6ymgo6w.default\Extensions\ilaita.night-mode-page-dim@jetpack.xpi [2015-06-17]
 
 
Chrome: 
=======
CHR Profile: C:\Users\------------------\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\-------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-30]
CHR Extension: (Google Docs) - C:\Users\-----------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-30]
CHR Extension: (Google Drive) - C:\Users\--------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Facebook) - C:\Users\---------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-05-30]
CHR Extension: (Google Search) - C:\Users\----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Video Downloader professional) - C:\Users\---------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-05-31]
CHR Extension: (ARC Welder) - C:\Users\-----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2015-06-14]
CHR Extension: (Google Sheets) - C:\Users\-----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-30]
CHR Extension: (The Great Suspender) - C:\Users\----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-05-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\--------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (Vid-MP3) - C:\Users\--------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\lddedhkbddaclbmkemmcbcbbkcofojei [2015-06-09]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2015-06-14]
CHR Extension: (Google Wallet) - C:\Users\---------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Hover Zoom) - C:\Users\-------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-05-30]
CHR Extension: (Deezer) - C:\Users\--------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-05-30]
CHR Extension: (Adblock Pro) - C:\Users\----------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\olacjegdapgciahekcifidnmbnmonoaf [2015-05-31]
CHR Extension: (Gmail) - C:\Users\-----------------------------\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-05-20] (Apple Inc.) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-05-16] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-05-14] (Macrovision Europe Ltd.) [File not signed]
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2015-05-14] (New Softwares.net)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-31] ()
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [571392 2013-10-29] () [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 vmms; C:\Windows\system32\vmms.exe [13368832 2013-09-14] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2015-05-15] (Microsoft Corporation)
S3 Kinonih; C:\Windows\System32\drivers\kinonih.sys [32256 2015-05-03] (Kinoni)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2015-05-15] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2015-05-14] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2015-05-15] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-09-07] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [19456 2015-05-15] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-08] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-08] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [686080 2013-10-08] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2015-05-14] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2015-05-14] (NewSoftwares.net, Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-19 21:47 - 2015-06-19 21:48 - 00017229 _____ C:\Users\------------\Desktop\FRST.txt
2015-06-19 21:43 - 2015-06-19 21:43 - 02109952 _____ (Farbar) C:\Users\------------\Desktop\FRST64.exe
2015-06-18 23:57 - 2015-06-18 23:57 - 00262144 ____N C:\Windows\Minidump\061815-33031-01.dmp
2015-06-17 21:30 - 2015-06-17 21:30 - 00347816 _____ (Microsoft Corporation) C:\Users\--------------\Desktop\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-06-17 20:29 - 2012-04-17 21:57 - 01155072 _____ (3DMGAME) C:\Users\-----------\Desktop\The Witcher 2 Enhanced Edition v3.0.20054.8512 Plus 7 Trainer.exe
2015-06-17 12:58 - 2015-06-17 13:03 - 00000000 ____D C:\Windows\system32\MRT
2015-06-17 12:58 - 2015-05-27 00:04 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-17 12:38 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-06-17 12:38 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-06-17 12:31 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-06-17 12:31 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-06-17 12:31 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-06-17 12:31 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-06-17 12:31 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-06-17 12:31 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-06-17 12:31 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-06-17 12:31 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-06-17 12:31 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2015-06-17 12:31 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-06-17 12:31 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-06-17 12:31 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-06-17 12:31 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-06-17 12:31 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2015-06-17 12:31 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-06-17 12:31 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2015-06-17 12:31 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-06-17 12:31 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-06-17 12:31 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-06-17 12:31 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-06-17 12:31 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-06-17 12:31 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-06-17 12:31 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-06-17 12:31 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-06-17 12:31 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2015-06-17 12:31 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2015-06-17 12:31 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2015-06-17 12:31 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-06-17 12:31 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-06-17 12:31 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-06-17 12:31 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-06-17 12:31 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2015-06-17 12:31 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-17 12:31 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-06-17 12:31 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-06-17 12:31 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-06-17 12:31 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-06-17 12:31 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-06-17 12:31 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-06-17 12:31 - 2013-10-03 11:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-06-17 12:31 - 2013-10-03 11:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-06-17 12:31 - 2013-10-02 13:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-17 12:31 - 2013-10-02 11:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-17 12:31 - 2013-10-01 05:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-06-17 12:31 - 2013-10-01 05:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-06-17 12:30 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-06-17 12:30 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-17 12:30 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-06-17 12:30 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-06-17 12:30 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-06-17 12:30 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-06-17 12:30 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-06-17 12:29 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-17 12:29 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-17 12:29 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-17 12:29 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-17 12:29 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-06-17 12:29 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-06-17 12:29 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-06-17 12:29 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-06-17 12:29 - 2013-10-13 04:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-06-17 12:29 - 2013-10-12 23:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-06-17 12:29 - 2013-10-12 23:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-06-17 12:29 - 2013-10-05 16:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-06-17 12:29 - 2013-10-05 10:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-06-17 12:28 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2015-06-17 12:28 - 2013-10-23 13:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-06-17 12:28 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2015-06-17 12:28 - 2013-10-22 10:18 - 00096088 _____ (Microsoft Corporation) C:\Windows\system32\embeddedapplauncher.exe
2015-06-17 12:28 - 2013-10-22 09:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-06-17 12:28 - 2013-10-22 08:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-06-17 12:28 - 2013-10-22 07:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-17 12:28 - 2013-10-22 06:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-17 12:28 - 2013-10-22 05:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-06-17 12:28 - 2013-10-22 05:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-06-17 12:28 - 2013-10-22 04:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-06-17 12:28 - 2013-10-22 03:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-06-17 12:28 - 2013-10-19 06:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-06-17 12:28 - 2013-10-19 06:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-06-17 12:28 - 2013-10-19 05:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-06-17 12:28 - 2013-10-19 05:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-06-17 12:28 - 2013-10-16 11:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-06-17 12:28 - 2013-10-16 11:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-06-17 12:28 - 2013-10-13 05:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-06-17 12:28 - 2013-10-13 04:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-06-17 12:28 - 2013-10-10 18:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-17 12:28 - 2013-10-10 18:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-06-17 12:28 - 2013-10-10 16:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-17 12:28 - 2013-10-10 16:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-06-17 12:28 - 2013-10-10 13:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-06-17 12:28 - 2013-10-08 12:28 - 00523096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-06-17 12:28 - 2013-10-08 09:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmswitch.sys
2015-06-17 12:28 - 2013-10-08 09:36 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wnv.sys
2015-06-17 12:28 - 2013-10-08 07:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-06-17 12:28 - 2013-10-08 07:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-06-17 12:28 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2015-06-17 12:28 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-06-17 12:28 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2015-06-17 12:28 - 2013-10-07 04:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-17 12:28 - 2013-10-05 17:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2015-06-17 12:28 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-06-17 12:28 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-06-17 12:28 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-06-17 12:28 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-17 12:28 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-06-17 12:28 - 2013-10-05 11:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-06-17 12:28 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-17 12:28 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2015-06-17 12:28 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-06-17 12:28 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-17 12:28 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-06-17 12:28 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-06-17 12:28 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-06-17 12:28 - 2013-10-04 10:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2015-06-17 12:28 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-06-17 12:28 - 2013-09-17 11:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-06-17 12:28 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-06-17 12:28 - 2013-09-17 08:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-06-17 12:28 - 2013-09-17 06:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2015-06-17 12:28 - 2013-09-14 16:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-06-17 12:28 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2015-06-17 12:28 - 2013-09-14 14:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-06-17 12:28 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2015-06-17 12:28 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2015-06-17 12:28 - 2013-09-14 10:56 - 13368832 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2015-06-17 12:28 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-06-17 12:28 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-06-17 12:28 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-06-17 12:28 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2015-06-17 12:27 - 2014-02-06 14:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-17 12:27 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-17 12:27 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-17 12:27 - 2014-02-06 13:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-17 12:27 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-17 12:27 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-17 12:27 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-17 12:27 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-17 12:27 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-17 12:27 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-17 12:27 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-17 12:27 - 2014-02-06 12:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-17 12:27 - 2014-02-06 12:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-17 12:27 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-17 12:27 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-17 12:27 - 2014-02-06 12:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-17 12:27 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-17 12:27 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-17 12:27 - 2014-02-06 11:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-17 12:27 - 2014-02-06 11:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-17 12:27 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-17 12:27 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-17 12:27 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-17 12:27 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-17 12:27 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-17 12:27 - 2014-02-06 11:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-17 12:27 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-17 12:27 - 2014-02-06 11:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-17 12:27 - 2014-02-06 11:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-17 12:27 - 2014-02-06 11:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-17 12:27 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-17 12:27 - 2014-02-06 11:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-17 12:27 - 2014-02-06 10:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-17 12:27 - 2014-02-06 10:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-17 12:27 - 2014-02-06 10:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-17 12:27 - 2014-02-06 10:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-17 12:27 - 2014-02-06 10:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-17 12:27 - 2013-10-22 04:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-17 12:27 - 2013-10-22 04:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-17 12:27 - 2013-10-08 08:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-06-17 12:27 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2015-06-17 12:27 - 2013-10-08 07:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-06-17 12:27 - 2013-10-07 09:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-17 12:27 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2015-06-17 12:27 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2015-06-17 12:27 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-06-17 12:27 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2015-06-17 12:27 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-06-17 12:27 - 2013-09-12 10:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-06-17 12:27 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-06-17 12:27 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-06-17 12:27 - 2013-09-12 09:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2015-06-17 12:27 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-06-17 12:27 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-06-17 12:26 - 2013-09-26 11:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2015-06-17 12:26 - 2013-09-26 09:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-06-17 12:26 - 2013-09-26 09:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2015-06-17 12:26 - 2013-09-25 12:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2015-06-17 12:26 - 2013-09-25 10:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2015-06-17 12:26 - 2013-09-25 09:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2015-06-17 12:26 - 2013-09-25 07:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2015-06-17 12:26 - 2013-09-24 08:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2015-06-17 12:26 - 2013-09-24 07:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2015-06-17 12:26 - 2013-09-24 07:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-06-17 12:26 - 2013-09-24 07:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-06-17 12:26 - 2013-09-24 07:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-06-17 12:26 - 2013-09-24 05:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2015-06-17 12:26 - 2013-09-21 14:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-06-17 12:26 - 2013-09-21 14:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-06-17 12:26 - 2013-09-21 14:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-06-17 12:26 - 2013-09-21 13:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-06-17 12:26 - 2013-09-21 13:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-06-17 12:26 - 2013-09-21 13:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-17 12:26 - 2013-09-21 12:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-17 12:26 - 2013-09-21 12:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-06-17 12:26 - 2013-09-21 12:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2015-06-17 12:26 - 2013-09-21 12:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-06-17 12:26 - 2013-09-21 12:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2015-06-17 12:26 - 2013-09-21 12:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-17 12:26 - 2013-09-21 11:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-06-17 12:26 - 2013-09-21 11:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-17 12:26 - 2013-09-21 11:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-06-17 12:26 - 2013-09-21 11:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-06-17 12:26 - 2013-09-21 11:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2015-06-17 12:26 - 2013-09-21 09:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-06-17 12:26 - 2013-09-21 09:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-06-17 12:26 - 2013-09-21 09:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-06-17 12:26 - 2013-09-21 09:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-06-17 12:26 - 2013-09-21 09:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2015-06-17 12:26 - 2013-09-21 08:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-06-17 12:26 - 2013-09-21 08:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2015-06-17 12:26 - 2013-09-21 08:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-06-17 12:26 - 2013-09-21 07:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-17 12:26 - 2013-09-21 07:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll
2015-06-17 12:26 - 2013-09-21 07:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2015-06-17 12:26 - 2013-09-21 07:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-06-17 12:26 - 2013-09-21 07:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-06-17 12:26 - 2013-09-21 07:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-17 12:26 - 2013-09-21 07:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-06-17 12:26 - 2013-09-21 07:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-17 12:26 - 2013-09-21 07:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-06-17 12:26 - 2013-09-21 07:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-06-17 12:26 - 2013-09-21 07:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-06-17 12:26 - 2013-09-21 07:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-06-17 12:26 - 2013-09-21 07:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-06-17 12:26 - 2013-09-21 07:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2015-06-17 12:26 - 2013-09-21 06:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2015-06-17 12:26 - 2013-09-21 06:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-06-17 12:26 - 2013-09-21 06:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-06-17 12:26 - 2013-09-21 06:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2015-06-17 12:26 - 2013-09-21 06:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2015-06-17 12:26 - 2013-09-21 06:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2015-06-17 12:26 - 2013-09-21 06:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-06-17 12:26 - 2013-09-19 09:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2015-06-17 12:26 - 2013-09-19 08:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-06-17 12:26 - 2013-09-19 08:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2015-06-17 12:26 - 2013-09-19 08:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2015-06-17 12:26 - 2013-09-19 08:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-06-17 12:26 - 2013-09-19 07:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2015-06-17 12:26 - 2013-09-19 07:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-06-17 12:26 - 2013-09-19 07:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-06-17 12:26 - 2013-09-19 07:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-06-17 12:26 - 2013-09-19 06:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-06-17 12:26 - 2013-09-19 06:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2015-06-17 12:26 - 2013-09-19 06:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2015-06-17 12:26 - 2013-09-19 06:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-06-17 12:26 - 2013-09-19 06:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-06-17 12:26 - 2013-09-19 06:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2015-06-17 12:26 - 2013-09-19 06:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-06-17 12:26 - 2013-09-19 05:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-06-17 12:26 - 2013-09-19 05:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2015-06-17 12:26 - 2013-09-19 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-06-17 12:26 - 2013-09-19 05:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-06-17 12:26 - 2013-09-17 11:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-06-17 12:26 - 2013-09-17 08:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-06-17 12:26 - 2013-09-17 07:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-06-17 12:26 - 2013-09-17 07:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-06-17 12:26 - 2013-09-17 07:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2015-06-17 12:26 - 2013-09-17 06:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-06-17 12:26 - 2013-09-17 06:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2015-06-17 12:26 - 2013-09-17 05:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2015-06-17 12:26 - 2013-09-14 16:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2015-06-17 12:26 - 2013-09-14 16:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2015-06-17 12:26 - 2013-09-14 13:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-06-17 12:26 - 2013-09-13 14:14 - 00872328 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-06-17 12:26 - 2013-09-13 12:52 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-06-17 12:26 - 2013-09-13 11:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll
2015-06-17 12:26 - 2013-09-13 10:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-06-17 12:26 - 2013-09-13 10:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-06-17 12:26 - 2013-09-13 09:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2015-06-17 12:26 - 2013-09-13 09:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2015-06-17 12:26 - 2013-09-12 09:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-06-17 12:26 - 2013-09-11 11:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-06-17 12:26 - 2013-09-11 11:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-06-17 12:26 - 2013-09-11 09:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-06-17 12:26 - 2013-09-11 09:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2015-06-17 12:26 - 2013-09-07 15:35 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pvhdparser.sys
2015-06-17 12:26 - 2013-09-07 14:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2015-06-17 12:26 - 2013-09-07 14:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2015-06-17 12:26 - 2013-09-07 14:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2015-06-17 12:26 - 2013-09-07 13:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2015-06-17 12:26 - 2013-09-07 13:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2015-06-17 12:26 - 2013-09-07 13:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2015-06-17 12:26 - 2013-09-07 13:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2015-06-17 12:26 - 2013-09-07 13:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2015-06-17 12:26 - 2013-09-07 13:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2015-06-17 12:26 - 2013-09-07 12:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-06-17 12:26 - 2013-09-07 12:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-06-17 12:26 - 2013-09-05 09:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-06-17 12:26 - 2013-09-05 08:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2015-06-17 12:26 - 2013-09-05 07:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2015-06-17 12:26 - 2013-09-04 09:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2015-06-17 12:26 - 2013-09-04 08:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2015-06-17 12:26 - 2013-09-04 07:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2015-06-17 12:26 - 2013-09-04 07:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll
2015-06-17 12:26 - 2013-09-04 06:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2015-06-17 12:26 - 2013-09-04 06:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-06-17 12:26 - 2013-09-04 06:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2015-06-17 12:26 - 2013-08-31 16:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2015-06-17 12:26 - 2013-08-31 14:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2015-06-17 12:26 - 2013-08-31 14:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-06-17 12:26 - 2013-08-31 12:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2015-06-17 12:26 - 2013-08-31 12:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-06-17 12:26 - 2013-08-31 11:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-06-17 12:26 - 2013-08-30 09:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2015-06-17 12:26 - 2013-08-28 09:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2015-06-17 12:26 - 2013-08-28 09:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2015-06-17 12:26 - 2013-08-28 09:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2015-06-17 12:26 - 2013-08-27 08:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-06-17 12:26 - 2013-08-27 07:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-06-17 12:25 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-06-17 12:25 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-06-17 12:25 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-06-17 12:25 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-06-17 12:25 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-06-17 12:25 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-06-17 12:25 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-06-17 12:25 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2015-06-17 12:25 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-06-17 12:25 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2015-06-17 12:25 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-06-17 12:25 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-06-17 12:25 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2015-06-17 12:25 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-06-17 12:25 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-06-17 12:25 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-06-17 12:25 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2015-06-17 12:25 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-06-17 12:25 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-06-17 12:25 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2015-06-17 12:25 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-06-17 12:25 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-06-17 12:25 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-06-17 12:25 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-06-17 12:25 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-17 12:25 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-17 12:25 - 2014-01-27 13:45 - 00386722 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-17 12:25 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-06-17 12:25 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-06-17 12:25 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-06-17 12:25 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-06-17 12:25 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-06-17 12:25 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-06-17 12:25 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-06-17 12:25 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-06-17 12:25 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-17 12:25 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-17 12:25 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-06-17 12:25 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-06-17 12:25 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-06-17 12:25 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-06-17 12:25 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-06-17 12:25 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-06-17 12:25 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-06-17 12:24 - 2014-04-19 13:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-06-17 12:24 - 2014-04-19 08:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-06-17 12:24 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-06-17 12:24 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-06-17 12:24 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-06-17 12:24 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-06-17 12:24 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-06-17 12:24 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-06-17 12:24 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-06-17 12:24 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-06-17 12:24 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-06-17 12:24 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-06-17 12:24 - 2013-12-21 04:10 - 00009701 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2015-06-17 12:24 - 2013-12-21 04:10 - 00009701 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
2015-06-17 12:23 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-17 12:23 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-06-17 12:23 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-06-17 12:23 - 2014-01-04 17:54 - 00138240 _____ C:\Windows\system32\OEMLicense.dll
2015-06-17 12:23 - 2014-01-04 17:08 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-06-17 12:23 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-06-17 12:23 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-06-17 12:23 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-06-17 12:23 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-06-17 12:23 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-17 12:23 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-06-17 12:23 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-17 12:23 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-06-17 12:23 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-06-17 12:23 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-06-17 12:23 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-06-17 12:23 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2015-06-17 12:23 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-06-17 12:23 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2015-06-17 12:23 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-06-17 12:23 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-06-17 12:23 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-06-17 12:23 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2015-06-17 12:23 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-06-17 12:23 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2015-06-17 12:23 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2015-06-17 12:23 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-06-17 12:23 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2015-06-17 12:23 - 2013-12-21 12:31 - 06171648 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2015-06-17 12:23 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2015-06-17 12:23 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-06-17 12:23 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2015-06-17 12:23 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2015-06-17 12:23 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2015-06-17 12:23 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-17 12:23 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-17 12:23 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-06-17 12:23 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2015-06-17 12:23 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2015-06-17 12:23 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-06-17 12:23 - 2013-11-08 07:23 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2015-06-17 12:23 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-06-17 12:23 - 2013-11-08 06:42 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2015-06-17 12:23 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-06-17 12:23 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-06-17 12:23 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-06-17 12:23 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-06-17 12:23 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-06-17 12:23 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-06-17 12:23 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-06-17 12:23 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-17 12:23 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-06-17 12:23 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-06-17 12:23 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-17 12:23 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-06-17 12:23 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2015-06-17 12:23 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2015-06-17 12:23 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-06-17 12:23 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-17 12:23 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-06-17 12:23 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-06-17 12:23 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2015-06-17 12:23 - 2013-10-24 12:04 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\synthfcvdev.dll
2015-06-17 12:23 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-06-17 12:23 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-06-17 12:23 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-17 12:23 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-17 12:23 - 2013-10-10 13:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-06-17 12:23 - 2013-10-10 13:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-17 12:23 - 2013-10-10 13:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-06-17 12:23 - 2013-10-10 13:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-17 12:23 - 2013-10-10 12:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-06-17 12:23 - 2013-10-10 12:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-06-17 12:23 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-06-17 12:23 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-06-17 12:23 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-06-17 12:23 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-06-17 12:21 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-17 12:21 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-06-17 12:21 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-06-17 12:20 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2015-06-17 12:20 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2015-06-17 12:20 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-06-17 12:20 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-06-17 12:19 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-06-17 12:19 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-06-17 12:19 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-06-17 12:18 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-06-17 12:18 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-17 12:18 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-17 12:18 - 2013-09-26 08:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-06-16 12:21 - 2015-06-16 12:21 - 00852662 _____ C:\Users\------------\Desktop\SecurityCheck.exe
2015-06-16 11:59 - 2015-06-19 21:47 - 00000000 ____D C:\FRST
2015-06-16 11:52 - 2015-06-16 11:52 - 02945901 _____ (Thisisu) C:\Users\----------\Desktop\JRT.exe
2015-06-16 11:52 - 2015-06-16 11:52 - 02231296 _____ C:\Users\-----------\Desktop\AdwCleaner.exe
2015-06-14 21:48 - 2015-06-14 21:48 - 00000991 _____ C:\Users\-----------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-06-14 21:36 - 2015-06-14 21:36 - 00000000 ____D C:\Users\-----------------\Documents\com.mobage.ww.a956.MARVEL_Card_Battle_Heroes_Android-1.5.10-APK4Fun.com.apk_export_STbFs
2015-06-14 21:36 - 2015-06-14 21:36 - 00000000 ____D C:\Users\----------------\Documents\com.mobage.ww.a956.MARVEL_Card_Battle_Heroes_Android-1.5.10-APK4Fun.com.apk_export_bQygg
2015-06-14 21:32 - 2015-06-14 21:33 - 08527963 _____ C:\Users\-------------------\Desktop\com.mobage.ww.a956.MARVEL_Card_Battle_Heroes_Android-1.5.10-APK4Fun.com.apk
2015-06-14 19:45 - 2014-03-31 20:02 - 00168960 _____ C:\Users\---------\Desktop\bi_bas_v1.1.25.5165_trn.exe
2015-06-14 19:34 - 2015-06-14 19:34 - 00000000 ____D C:\Users\-------------------\Documents\FLiNGTrainer
2015-06-14 19:09 - 2015-06-14 19:09 - 00000000 ____D C:\ProgramData\Steam
2015-06-14 18:58 - 2015-06-14 18:58 - 00000783 _____ C:\Users\Public\Desktop\BioShock Infinite.lnk
2015-06-14 18:58 - 2015-06-14 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
2015-06-14 17:49 - 2015-06-14 17:49 - 00000000 ____D C:\Users\--------------\AppData\Local\Setup Integrity Check
2015-06-13 22:00 - 2015-06-13 22:00 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-13 22:00 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-13 22:00 - 2015-05-19 05:14 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-13 22:00 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-12 19:22 - 2015-06-12 19:22 - 00000000 ____D C:\Users\------------------\Documents\Graphics
2015-06-11 18:29 - 2015-06-12 07:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-11 18:20 - 2015-06-18 23:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-11 18:20 - 2015-06-11 18:28 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-11 18:20 - 2015-06-11 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-11 18:20 - 2015-06-11 18:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-11 18:20 - 2015-06-11 18:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-11 18:20 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-11 18:20 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-10 23:52 - 2015-06-10 23:52 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-10 23:51 - 2015-06-10 23:59 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-10 23:40 - 2015-06-10 23:40 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NEMANJA-Windows-8.1-Pro-(64-bit).dat
2015-06-10 23:40 - 2015-06-10 23:40 - 00000000 ____D C:\RegBackup
2015-06-08 23:38 - 2015-06-08 23:38 - 00000000 ____D C:\Games
2015-06-05 09:48 - 2015-06-05 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-04 13:33 - 2015-06-06 11:48 - 00000000 ____D C:\Users\----------------\VirtualBox VMs
2015-06-04 13:31 - 2015-06-06 11:52 - 00000000 ____D C:\Users\-----------------\.VirtualBox
2015-06-04 13:31 - 2015-06-04 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-06-04 13:31 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-06-04 13:30 - 2015-06-04 13:30 - 00000000 ____D C:\Program Files\Oracle
2015-06-04 13:30 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-06-04 11:49 - 2015-06-16 12:12 - 00000000 ____D C:\AdwCleaner
2015-06-01 23:45 - 2015-06-01 23:45 - 00000299 _____ C:\Users\------------------------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2015-06-01 13:15 - 2015-06-01 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2015-06-01 13:15 - 2015-06-01 13:15 - 00000000 ____D C:\Program Files (x86)\EPUB File Reader
2015-06-01 13:13 - 2015-06-08 10:50 - 00000000 ____D C:\Users\-----------------\AppData\Roaming\CDisplayEx
2015-06-01 13:13 - 2015-06-01 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2015-06-01 13:13 - 2015-06-01 13:13 - 00000000 ____D C:\Program Files\CDisplayEx
2015-06-01 09:30 - 2015-06-01 09:36 - 00000000 ____D C:\Users\------------------\Documents\Witcher 2
2015-06-01 09:30 - 2015-06-01 09:30 - 00000000 ____D C:\Users\-----------------\AppData\Local\The Witcher 2
2015-06-01 09:29 - 2015-06-01 09:29 - 00002239 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
2015-06-01 09:29 - 2015-06-01 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-01 08:50 - 2015-06-01 08:50 - 00000000 ____D C:\Program Files (x86)\GOG.com
2015-05-31 17:57 - 2015-05-31 17:57 - 00002319 _____ C:\Users\-------------------\Desktop\Chrome App Launcher.lnk
2015-05-31 17:57 - 2015-05-31 17:57 - 00000000 ____D C:\Users\------------------------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-31 15:22 - 2015-05-31 15:33 - 00000757 _____ C:\Users\---------------\Desktop\play-MP-Nexus - Shortcut.lnk
2015-05-31 15:12 - 2015-05-31 15:12 - 00000000 ____D C:\Users\-----------------\Documents\BFBC2
2015-05-31 14:59 - 2015-05-31 15:28 - 00000000 ____D C:\BF BC2
2015-05-31 14:42 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-31 14:40 - 2015-02-04 05:56 - 31515280 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 24198856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 12894024 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-31 14:40 - 2015-02-04 05:56 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 04244680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 03987600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-31 14:40 - 2015-02-04 05:56 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-31 14:29 - 2015-05-31 15:16 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-31 14:29 - 2015-05-31 15:12 - 00000000 ____D C:\Users\---------------\AppData\Local\PunkBuster
2015-05-31 12:25 - 2015-06-14 19:09 - 00000000 ____D C:\Users\-----------------\Documents\My Games
2015-05-31 09:22 - 2015-05-31 09:22 - 00000000 ____D C:\Users\---------------------\AppData\Local\Steam
2015-05-30 12:49 - 2015-05-30 12:49 - 00000000 ____D C:\ProgramData\MonoTouch
2015-05-30 12:42 - 2015-06-11 23:18 - 00000000 ____D C:\Users\------------------------\Documents\Projects
2015-05-30 12:42 - 2015-05-30 12:42 - 00002993 _____ C:\Users\----------------------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xamarin Studio.lnk
2015-05-30 12:42 - 2015-05-30 12:42 - 00000000 ____D C:\Users\---------------------\AppData\Roaming\Subversion
2015-05-30 12:42 - 2015-05-30 12:42 - 00000000 ____D C:\Program Files (x86)\MonoDevelop
2015-05-30 12:40 - 2015-05-30 12:49 - 00000000 ____D C:\Users\---------------------\AppData\Local\XamarinInsights
2015-05-30 12:40 - 2015-05-30 12:40 - 00000000 ____D C:\Users\------------------\AppData\Roaming\stetic
2015-05-30 12:39 - 2015-05-30 12:43 - 00000000 ____D C:\Users\------------------------\AppData\Roaming\XamarinStudio-5.0
2015-05-30 12:39 - 2015-05-30 12:39 - 00000000 ____D C:\Users\------------------------\AppData\Local\XamarinStudio-5.0
2015-05-30 12:39 - 2015-05-30 12:39 - 00000000 ____D C:\ProgramData\Mono for Android
2015-05-30 12:35 - 2015-05-30 12:35 - 00000000 ____D C:\Program Files (x86)\Xamarin
2015-05-30 12:34 - 2015-05-30 12:35 - 00000000 ____D C:\ProgramData\Monodoc
2015-05-30 12:33 - 2015-05-30 12:42 - 00000000 ____D C:\Program Files (x86)\Xamarin Studio
2015-05-30 12:32 - 2015-05-30 12:32 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2015-05-30 12:31 - 2015-05-30 12:31 - 00000000 ____D C:\Users\-----------------------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xamarin
2015-05-30 12:25 - 2015-05-30 12:25 - 00000000 ____D C:\Users\----------------------\Documents\Android
2015-05-30 12:18 - 2015-05-30 12:18 - 00000000 ____D C:\Users\-----------------------\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-05-30 12:18 - 2015-05-30 12:18 - 00000000 ____D C:\Users\----------------------\AppData\Local\Android
2015-05-30 12:11 - 2015-05-30 12:11 - 00000000 ____D C:\Users\----------------------\AppData\Local\Microsoft_Corporation
2015-05-30 12:08 - 2015-05-30 12:08 - 00000000 ____D C:\Users\-----------------------\AppData\Local\NuGet
2015-05-30 11:51 - 2015-05-30 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-05-30 11:45 - 2015-05-30 11:45 - 00000000 ____D C:\Users\------------------------\AppData\Local\Xamarin
2015-05-30 10:16 - 2015-06-10 00:21 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-30 10:16 - 2015-05-30 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-30 10:14 - 2015-06-19 21:31 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 10:14 - 2015-06-19 10:19 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 10:14 - 2015-05-30 10:14 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-30 10:14 - 2015-05-30 10:14 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-29 21:27 - 2015-05-29 21:27 - 00001185 _____ C:\Users\Public\Desktop\Counter-Strike Source.lnk
2015-05-29 21:27 - 2015-05-29 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
2015-05-29 21:21 - 2015-05-29 21:21 - 00000000 ____D C:\Program Files\Strogino CS Portal
2015-05-29 20:25 - 2015-05-29 20:25 - 00000000 ____D C:\Users\----------------------------\AppData\Roaming\Tropico 5
2015-05-28 09:53 - 2015-05-30 10:08 - 00000000 ____D C:\Users\---------------------------\Documents\The Witcher 3
2015-05-28 09:41 - 2015-05-31 23:05 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-27 20:43 - 2015-05-27 20:43 - 00000000 ____D C:\ProgramData\Kinoni
2015-05-24 11:46 - 2015-05-24 11:46 - 00000000 ____D C:\Users\-----------------------\AppData\Local\ESN
2015-05-24 11:46 - 2015-05-24 11:46 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-05-24 11:45 - 2015-05-24 11:45 - 00000000 ____D C:\ProgramData\EA Core
2015-05-23 00:40 - 2015-05-23 00:40 - 00000181 _____ C:\Users\---------------------\AppData\Roaming\wss.ini
2015-05-23 00:37 - 2015-05-23 00:39 - 00000000 ____D C:\ProgramData\WebacamSurveyor
2015-05-23 00:37 - 2015-05-23 00:37 - 00000000 ____D C:\Users\------------------------------\Documents\WebacamSurveyor
2015-05-23 00:37 - 2015-05-23 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Surveyor
2015-05-23 00:37 - 2015-05-23 00:37 - 00000000 ____D C:\Program Files (x86)\Webcam Surveyor
2015-05-23 00:27 - 2015-06-11 23:21 - 00000000 ____D C:\Users\-------------------------\.android
2015-05-23 00:15 - 2015-05-23 00:28 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-05-23 00:15 - 2015-05-23 00:15 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2015-05-23 00:15 - 2015-05-23 00:15 - 00000000 ____D C:\Users\--------------------\AppData\Roaming\NCH Software
2015-05-23 00:15 - 2015-05-23 00:15 - 00000000 ____D C:\ProgramData\NCH Software
2015-05-23 00:15 - 2015-05-23 00:15 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-05-22 07:50 - 2015-05-31 15:16 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-22 07:50 - 2015-05-31 15:12 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-22 07:50 - 2015-05-31 15:12 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-22 07:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-05-22 07:50 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-05-22 07:50 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-05-22 07:50 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-05-22 07:50 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-05-22 07:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-05-22 07:50 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-05-22 07:50 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-05-22 07:50 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-05-22 07:50 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-05-22 07:49 - 2015-05-22 07:49 - 00010123 _____ C:\Windows\DirectX.log
2015-05-22 07:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-05-22 07:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-05-22 07:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-05-22 07:49 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-05-22 07:49 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-05-22 07:49 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-05-22 07:49 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-05-22 07:49 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-05-22 07:49 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-05-22 07:49 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-05-22 07:49 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-05-22 07:49 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-05-22 07:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-05-22 07:49 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-05-22 07:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-05-22 07:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-05-22 07:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-05-22 07:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-05-22 07:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-05-22 07:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-05-22 07:49 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-22 07:49 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-05-22 07:49 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-22 07:49 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-05-22 07:49 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-22 07:49 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-05-22 07:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-05-22 07:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-05-22 07:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-05-22 07:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-05-22 07:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-05-22 07:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-05-22 07:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-05-22 07:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-05-22 07:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-05-22 07:49 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-05-22 07:49 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-05-22 07:49 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-05-22 07:49 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-05-22 07:49 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-05-22 07:49 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-05-22 07:49 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-05-22 07:49 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-05-22 07:49 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-05-22 07:49 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-05-22 07:49 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-05-22 07:49 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-05-22 07:49 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-05-22 07:49 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-05-22 07:49 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-05-22 07:49 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-05-22 07:49 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-05-22 07:49 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-05-22 07:49 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-05-22 07:49 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-05-22 07:49 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-05-22 07:49 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-05-22 07:49 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-05-22 07:49 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-05-22 07:49 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-05-22 07:49 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-05-22 07:49 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-05-22 07:49 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-05-22 07:49 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-05-22 07:49 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-05-22 07:49 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-05-22 07:49 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-05-22 07:49 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-05-22 07:49 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-05-22 07:49 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-05-22 07:49 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-05-22 07:49 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-05-22 07:49 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-05-22 07:49 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-05-22 07:49 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-05-22 07:49 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-05-22 07:49 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-05-22 07:49 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-05-22 07:49 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-05-22 07:49 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-05-22 07:49 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-05-22 07:49 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-05-22 07:49 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-05-22 07:49 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-05-22 07:49 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-05-22 07:49 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-05-22 07:49 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-05-22 07:49 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-05-22 07:49 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-05-22 07:49 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-05-22 07:49 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-05-22 07:49 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-05-22 07:49 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-05-22 07:49 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-05-22 07:49 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-05-22 07:49 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-05-22 07:49 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-05-22 07:49 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-05-22 07:49 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-05-22 07:49 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-05-22 07:49 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-05-22 07:49 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-05-22 07:49 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-05-22 07:49 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-05-22 07:49 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-05-22 07:49 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-05-22 07:49 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-05-22 07:49 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-05-22 07:49 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-05-22 07:49 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-05-22 07:49 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-05-22 07:49 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-05-22 07:49 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-05-21 09:27 - 2015-05-21 09:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-21 09:27 - 2015-05-21 09:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-20 10:19 - 2015-05-20 10:19 - 00000000 ____D C:\ProgramData\xml_param
2015-05-20 10:18 - 2015-05-20 10:20 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-05-20 10:18 - 2015-05-20 10:19 - 00000000 ____D C:\Users\--------------------\Documents\Wondershare Video Converter Ultimate
2015-05-20 10:18 - 2015-05-20 10:18 - 00000000 ____D C:\Users\---------------------\AppData\Roaming\Wondershare Video Converter Ultimate
2015-05-20 10:18 - 2011-08-31 14:39 - 00892928 _____ (Free Software Foundation) C:\Windows\SysWOW64\iconv.dll
2015-05-20 10:18 - 2011-08-31 14:39 - 00675840 _____ () C:\Windows\SysWOW64\ac3filter.ax
2015-05-20 10:18 - 2011-08-31 14:39 - 00496640 _____ C:\Windows\SysWOW64\xvid.ax
2015-05-20 09:47 - 2015-05-21 10:16 - 00000000 ____D C:\Users\-------------\AppData\Roaming\Origin
2015-05-20 09:47 - 2015-05-20 09:56 - 00000000 ____D C:\Users\----------------\AppData\Local\Origin
2015-05-20 09:42 - 2015-06-05 09:49 - 00000000 ____D C:\ProgramData\Origin
2015-05-20 09:42 - 2015-05-24 11:45 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-05-20 09:42 - 2015-05-20 09:46 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-20 09:42 - 2015-05-20 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-19 21:48 - 2015-05-16 14:07 - 00000000 ____D C:\Users\----------------------------\Documents\Visual Studio 2013
2015-06-19 21:44 - 2015-05-14 16:54 - 01940234 _____ C:\Windows\WindowsUpdate.log
2015-06-19 21:41 - 2015-05-14 19:06 - 00000000 ____D C:\Users\-----------------------\AppData\Roaming\BitTorrent
2015-06-19 21:34 - 2015-05-14 19:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-19 21:32 - 2015-05-17 12:21 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-19 21:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-19 10:56 - 2015-05-14 18:09 - 00000000 ____D C:\Users\------------------------\AppData\Roaming\vlc
2015-06-19 09:32 - 2015-05-14 18:51 - 00002772 ___SH C:\Windows\SysWOW64\win_fldb_sys.dat
2015-06-19 09:25 - 2015-05-14 18:51 - 00011781 ___SH C:\Windows\SysWOW64\win_flfiles_sys.dat
2015-06-19 01:45 - 2015-05-14 16:56 - 00000000 ____D C:\Users\------------
2015-06-19 01:37 - 2015-05-14 18:57 - 00000000 ____D C:\Users\-----------------\AppData\Local\Battle.net
2015-06-18 23:59 - 2015-05-15 21:47 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-06-18 23:57 - 2015-05-15 22:04 - 00000000 ____D C:\Windows\Minidump
2015-06-18 23:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-18 23:41 - 2015-05-14 17:13 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3B8CF1B2-CA32-45A6-BC58-2390B6C830C5}
2015-06-17 18:32 - 2015-05-14 16:53 - 00914518 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-17 14:50 - 2015-05-14 17:03 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3461764327-2012865736-100928730-1001
2015-06-17 14:08 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-17 13:44 - 2015-05-14 16:45 - 00006486 _____ C:\Windows\PFRO.log
2015-06-17 13:44 - 2013-08-22 16:44 - 02391296 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\migwiz
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\MediaViewer
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\FileManager
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Camera
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-17 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-17 13:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-17 13:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Dism
2015-06-17 13:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-17 13:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2015-06-17 13:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-17 13:41 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\oobe
2015-06-17 12:43 - 2015-05-15 02:44 - 00000000 ____D C:\Windows\Panther
2015-06-17 12:39 - 2015-05-15 21:50 - 00000000 ____D C:\Users\---------------\AppData\Local\CrashDumps
2015-06-17 12:39 - 2015-05-14 19:00 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-17 11:56 - 2015-05-15 22:30 - 00000000 ____D C:\Program Files\Easeware
2015-06-17 09:54 - 2015-05-14 17:09 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-15 23:25 - 2015-05-14 19:48 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-15 23:09 - 2015-05-17 12:41 - 00000000 ____D C:\Users\---------------------\Documents\Heroes of the Storm
2015-06-15 22:56 - 2015-05-14 19:14 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-06-15 17:55 - 2015-05-14 18:05 - 00000000 ___RD C:\Users\-----------------------\Desktop\programi
2015-06-15 15:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-14 22:18 - 2015-05-14 16:57 - 00000000 ____D C:\Users\------------------------\AppData\Local\Packages
2015-06-14 13:49 - 2013-08-22 16:46 - 00017056 _____ C:\Windows\setupact.log
2015-06-14 08:41 - 2015-05-14 19:11 - 00000000 ____D C:\Users\---------------------\AppData\Local\Adobe
2015-06-14 08:30 - 2015-05-14 19:21 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-13 22:30 - 2015-05-14 17:33 - 00000000 ____D C:\Users\-------------\AppData\Local\NVIDIA Corporation
2015-06-13 22:01 - 2015-05-14 17:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-13 21:59 - 2015-05-14 17:31 - 00000000 ____D C:\Users\-------------------\AppData\Local\NVIDIA
2015-06-12 08:23 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-11 18:58 - 2015-05-15 21:45 - 00000000 ____D C:\Windows\vmguest
2015-06-11 18:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2015-06-10 10:46 - 2015-05-17 12:48 - 00000000 ____D C:\Users\---------------------\AppData\Roaming\Skype
2015-06-09 11:27 - 2015-05-14 18:51 - 00003465 ___SH C:\Windows\SysWOW64\win_stlthdb_sys.dat
2015-06-03 23:04 - 2015-05-14 17:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-03 23:04 - 2015-05-14 17:31 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04 - 2015-05-14 17:31 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-03 23:04 - 2015-05-14 17:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-03 08:01 - 2014-08-26 17:07 - 00000000 ____D C:\Users\------------------------\Desktop\Pop
2015-06-01 23:14 - 2015-05-14 18:57 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-05-31 14:42 - 2015-05-14 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-30 16:28 - 2015-05-15 20:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-30 12:34 - 2015-05-15 21:01 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-05-30 11:50 - 2015-05-15 07:17 - 00000000 ____D C:\Program Files (x86)\Java
2015-05-30 10:16 - 2015-05-14 17:57 - 00000000 ____D C:\Users\--------------------\AppData\Local\Google
2015-05-30 10:15 - 2015-05-14 17:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-30 08:48 - 2015-05-15 07:22 - 00000000 ____D C:\Users\---------------------\Documents\Snagit
2015-05-26 18:33 - 2015-05-14 18:57 - 00000000 ____D C:\Users\---------------------\AppData\Roaming\Battle.net
2015-05-24 10:03 - 2015-05-14 16:57 - 00000000 ____D C:\Users\--------------------------\AppData\Roaming\Adobe
2015-05-23 00:37 - 2015-05-14 16:57 - 00000000 ____D C:\Users\-----------------------\AppData\Local\VirtualStore
2015-05-21 10:27 - 2015-05-14 19:08 - 00000000 ____D C:\ProgramData\Adobe
2015-05-21 09:27 - 2015-05-14 19:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-05-21 08:11 - 2015-05-15 21:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-20 23:43 - 2015-05-15 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
 
==================== Files in the root of some directories =======
 
2015-05-23 00:40 - 2015-05-23 00:40 - 0000181 _____ () C:\Users\-----------------------\AppData\Roaming\wss.ini
2015-05-30 13:42 - 2015-05-30 13:44 - 0000033 _____ () C:\Users\-------------------\AppData\Local\rssbuilder.config
2015-05-30 13:43 - 2015-05-30 13:43 - 0000033 _____ () C:\Users\-------------------\AppData\Local\rssbuilder.ftpconfig
2015-05-17 15:13 - 2015-05-17 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-14 18:10 - 2015-05-15 07:11 - 0000000 _____ () C:\ProgramData\SMS_4B0B2FBL.txt
2015-05-14 18:10 - 2015-05-15 07:11 - 0000000 _____ () C:\ProgramData\SMS_4B0B2FBR.txt
2015-05-14 18:10 - 2015-05-15 07:11 - 0000000 _____ () C:\ProgramData\SMS_4B0B2FDC.txt
2015-05-14 18:10 - 2015-05-15 07:11 - 0000000 _____ () C:\ProgramData\SMS_4B0B2FTL.txt
2015-05-14 18:10 - 2015-05-15 07:11 - 0000000 _____ () C:\ProgramData\SMS_4B0B2FTR.txt
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-13 22:08
 
==================== End of log ============================
 
 
 
 
 
and Addiotion txt 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by -------------at 2015-06-19 21:49:05
Running from C:\Users\------------------\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3461764327-2012865736-100928730-500 - Administrator - Disabled)
Guest (S-1-5-21-3461764327-2012865736-100928730-501 - Limited - Disabled)
--------------------(S-1-5-21-3461764327-2012865736-100928730-1001 - Administrator - Enabled) => C:\Users\---------------------
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
"BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-3461764327-2012865736-100928730-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.30924.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Counter-Strike Source version 2230303 (HKLM\...\{28659B67-FC49-49DB-9DAC-1AD52203D75A}_is1) (Version: 2230303 - Strogino CS Portal)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Folder Lock (HKLM-x32\...\Folder Lock) (Version:  - New Softwares.net)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java SE Development Kit 7 Update 71 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
KMSpico v9.0.3.20131029 (Beta) (HKLM\...\KMSpico_is1) (Version: 9.0.3.20131029 - )
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (HKLM-x32\...\{916DF45F-3E75-47C1-8ACE-6D87B1646E4F}) (Version: 8.1.40402.2 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Mozilla Firefox 38.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 en-US)) (Version: 38.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{68723B04-57EC-11E1-A6A8-9E2D4824019B}) (Version: 11.1.0 - TechSmith Corporation)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version:  - GOG.com)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Webcam Surveyor 1.9.2 (HKLM-x32\...\Webcam Surveyor_is1) (Version:  - El Software Solutions)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Phone SDK 8.0 - ENU (HKLM-x32\...\{529db2e0-c334-4058-8ef0-9a214edbd1fa}) (Version: 11.0.50727.61 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WO Webcam Client (HKLM-x32\...\WOWebcam) (Version:  - )
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
Xamarin (HKLM-x32\...\{ABF21D8B-8388-45B4-A2F3-3FF63F50F515}) (Version: 3.11.458.0 - Xamarin)
Xamarin Studio 5.9 (HKLM-x32\...\{4E55F3D2-407F-4332-82E5-116E9FDAF9BD}) (Version: 5.9.0.431 - Xamarin)
Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
16-06-2015 11:41:17 16.06.2015
17-06-2015 21:47:22 CLEAN
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07307D7D-B4C2-46F1-950C-B3FDC80D5E54} - System32\Tasks\{A624C7CD-897F-495C-9DBE-9B57E407F3C3} => pcalua.exe -a E:\AMDCPU\PN_1_3_2_0\setup.exe -d E:\AMDCPU\PN_1_3_2_0
Task: {1075A2D1-445F-4E9B-999A-D1D26FE7A465} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {16D5EF8E-31D0-4B2F-9AD4-8A3F3F0891E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {314E13DC-EA1D-4124-8DFE-F370035AC783} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {422F8494-4662-4D15-BF95-E07A77A97155} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4826779D-362C-4170-89A7-44C66F49F819} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-30] (Google Inc.)
Task: {50B57F13-171D-4BB1-8809-E5C4F2740BCC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-10-29] ()
Task: {5E3A959B-1151-4FCF-B311-99F19E37B9AE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {62B1A59A-E899-4F43-BA8A-482E844093AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-27] (Microsoft Corporation)
Task: {8243F5AF-3138-4E21-BECA-893CACEF3F1F} - System32\Tasks\{EE90F1E0-EA6F-4505-AB16-12F0AD37D6F0} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {987ED64B-C642-4104-ADB7-2DDA002C86EE} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {99F85705-941F-448D-8FC6-BAC92DE1AA1E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-17] ()
Task: {A6C63619-FFD5-4B44-812C-98522CF77708} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B19C72F8-78E6-4894-A105-98BBA965E353} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BB9A5D14-3344-4D44-A68F-87F1574D7D9B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C1D650C6-F9D8-4886-8BC3-010F36901909} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EA1B3DCD-BFBC-4C6E-B815-94CDE2469880} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-30] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-22 07:50 - 2015-05-31 15:12 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-04-19 08:34 - 2009-04-19 08:34 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-04-19 08:34 - 2009-04-19 08:34 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-04-19 08:34 - 2009-04-19 08:34 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-04-19 08:34 - 2009-04-19 08:34 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2015-05-14 17:09 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-13 22:01 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-07-22 09:44 - 2014-07-22 09:44 - 00046592 _____ () C:\Program Files (x86)\WOWebcam\WOWebcam.dll
2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-10 00:21 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-10 00:21 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-10 00:21 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
2007-03-21 20:53 - 2007-03-21 20:53 - 00049152 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\QuickTimeGlue.dll
2007-03-21 20:52 - 2007-03-21 20:52 - 00393216 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\AdobeXMP.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\-------------------\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\Control Panel\Desktop\\Wallpaper -> D:\Nemanja folder\nemanja slike\pozadine\Falling_Desktop_1920x1200.jpg
DNS Servers: 5.104.175.153 - 5.104.175.150
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "NvCplDaemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3461764327-2012865736-100928730-1001\...\StartupApproved\Run: => "WinFLTray"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{63450FA0-C637-4DE7-B389-70B8555DADD1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E90F762-57C5-4187-9D80-366DC071B03A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CAE9C09-B4FD-4AEC-B95A-774A9B330976}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A53A4EBA-7EA5-461B-9BDF-FF13D7FDD01D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{53CD1774-3995-4CA2-9AAC-DB50313A69F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BA3675D0-5A05-42CB-B0E9-65C4A903E42A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{77FB69A4-50C4-48B7-BB7F-16783AC4E755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3C0B1500-29B4-46C8-B885-2BAFEA8655E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD1E4BBA-E65E-4F9D-AE32-9E1B679C5364}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{991B2EF7-BDCE-4570-8EC5-E72FBB0EC305}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0BBF55B8-3EB8-4F0D-ADB4-5EE90D64C33B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1A30F23B-54FB-42AE-A5A7-1C732E3C9F8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB471ED0-B8E2-465A-ACF2-27C36FF353D3}] => (Allow) C:\Users\---------------------\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2ED588CD-9987-44B7-A36E-E47EA91036DA}] => (Allow) C:\Users\----------------\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{86C87C4E-CAED-4859-9FE2-D2E7CA64624C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{BA2AB2B3-D3F2-4350-8DEE-54600394C254}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [{74FC762D-08A6-4A54-8938-308DBEA07846}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{3D869667-E00B-448E-A5C5-9BE79E14BA2B}] => (Allow) LPort=12292
FirewallRules: [{59F1E172-4D04-42C0-833E-CAEC0B8CCE1E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12C051DA-A00D-49B7-A7DD-AE9DD5199582}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{147E94BD-AC60-4044-96B7-44618F2F52AA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{66099CC7-7C0C-4876-93AC-F4D139C139C1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{4DC857B8-4E08-4F68-9685-CEE57651A768}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{22792247-8D8C-4160-8E89-464E4D76DAA1}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{476E0DEA-8E3A-464F-9F54-1794C28ECAFC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0B091289-B11E-4D41-887B-B70F321362F2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{85BF6154-D0BA-4FC7-B643-41BB880C6D8E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{47212010-79AB-4625-BF81-8DCFB58A1C7F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A5ABF799-7964-4F6A-ABDF-C3619A796316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7A3A79A7-AF47-462A-BF40-4B6BB2B1A08D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{BCFD5C79-5790-4985-A4B5-07BBF0EA085E}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{A4D1D725-1466-4421-9965-2AFCD7D94089}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{5409195F-6BD4-480C-86C2-2D7C9060DAE5}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{38AD4BDF-049E-4B11-AFFD-396B1325ADFB}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [{255F395F-1283-4992-9463-E92A5255A0A1}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{FDEE8B11-FC63-4D38-8206-FC4605B76DAF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B3478B6-F9BB-4FC7-80BF-96EC100162F3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{72E90EBE-FA56-446C-A120-4F145628836A}C:\bf bc2\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\bf bc2\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{BF77D6A0-B122-4BDC-9F83-7787FA90F788}C:\bf bc2\battlefield bad company 2\bfbc2game.exe] => (Allow) C:\bf bc2\battlefield bad company 2\bfbc2game.exe
FirewallRules: [TCP Query User{8AFE0A9B-E2B7-41A0-A6FC-B119DC180817}C:\ilfd2\left 4 dead 2 - v2.0.1.1 (patched for online gameplay) proper .full-rip. [blaze69]\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\ilfd2\left 4 dead 2 - v2.0.1.1 (patched for online gameplay) proper .full-rip. [blaze69]\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{BC60D952-F1B8-4470-B871-F509D82B8339}C:\ilfd2\left 4 dead 2 - v2.0.1.1 (patched for online gameplay) proper .full-rip. [blaze69]\left 4 dead 2\left 4 dead 2\left4dead2.exe] => (Allow) C:\ilfd2\left 4 dead 2 - v2.0.1.1 (patched for online gameplay) proper .full-rip. [blaze69]\left 4 dead 2\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{32A8F6CC-8999-4DE9-915B-830F977B3849}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{6A345844-B26B-4C34-A886-F0F2C8700328}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{D2812083-854F-4AD9-AA3B-A10F83968EAF}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FFF695A9-4E84-4318-BE73-2CD24647209F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{384DFEC3-7BE6-4DE6-86A1-D0AB5DA5F710}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{456E8144-9786-4AAA-B6E0-894C798A27B4}] => (Allow) E:\Games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{79E3DE65-772C-4506-B37B-2777370B67F0}] => (Allow) E:\Games\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Floppy disk drive
Description: Floppy disk drive
Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk drives)
Service: flpydisk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Coprocessor
Description: Coprocessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/19/2015 09:48:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
 
Error: (06/19/2015 09:48:28 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (06/19/2015 09:48:28 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (06/19/2015 10:50:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Nemanja)
Description: Activation of app 7ad532c8-e4c1-42e1-b40f-5055f01c9e56_952nprnvtrww2!App failed with error: -2147024893 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/19/2015 00:02:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: sysmain.dll, version: 6.3.9600.16410, time stamp: 0x52411d7f
Exception code: 0xc0000420
Fault offset: 0x00000000000bf26a
Faulting process id: 0x988
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3
Faulting package full name: svchost.exe_SysMain4
Faulting package-relative application ID: svchost.exe_SysMain5
 
Error: (06/17/2015 09:47:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (06/17/2015 09:28:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Nemanja)
Description: Product: Microsoft Fix it 50848 -- This Microsoft Fix it does not apply to your operating system or application version.
 
 
System errors:
=============
Error: (06/19/2015 10:56:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/19/2015 10:55:44 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (06/19/2015 10:55:12 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (06/19/2015 10:50:00 AM) (Source: DCOM) (EventID: 10001) (User: Nemanja)
Description: "C:\Users\----------------------\Desktop\NF\MensStyle.Windows\bin\Debug\AppX\MensStyle.Windows.exe" -ServerName:App.AppX67t4pg2wh84bcch9jzynv8wg31fs7dsz.mca3AppUnavailableUnavailable
 
Error: (06/19/2015 10:46:45 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (06/19/2015 10:46:15 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (06/19/2015 10:12:21 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (06/19/2015 10:11:49 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (06/19/2015 09:46:30 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (06/19/2015 09:46:00 AM) (Source: DCOM) (EventID: 10010) (User: Nemanja)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office:
=========================
Error: (06/19/2015 09:48:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
 
Error: (06/19/2015 09:48:28 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
 
Error: (06/19/2015 09:48:28 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (06/19/2015 09:48:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (06/19/2015 10:50:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Nemanja)
Description: 7ad532c8-e4c1-42e1-b40f-5055f01c9e56_952nprnvtrww2!App-2147024893
 
Error: (06/19/2015 00:02:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.3.9600.163845215dfe3sysmain.dll6.3.9600.1641052411d7fc000042000000000000bf26a98801d0aa11cc14f472C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dllc7bb48a6-1605-11e5-82d0-00242125cead
 
Error: (06/17/2015 09:47:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (06/17/2015 09:28:34 PM) (Source: MsiInstaller) (EventID: 10005) (User: Nemanja)
Description: Product: Microsoft Fix it 50848 -- This Microsoft Fix it does not apply to your operating system or application version.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-14 17:12:44.177
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:12:43.130
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTACCESS.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:12:40.239
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:10:26.700
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:10:25.013
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTACCESS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:10:24.309
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:04:58.470
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\NTGLM7X.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-14 17:04:55.626
  Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\Install\GMSIPCI.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ X4 620 Processor
Percentage of memory in use: 48%
Total physical RAM: 4095.36 MB
Available physical RAM: 2129.06 MB
Total Pagefile: 7678.36 MB
Available Pagefile: 4977.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.88 GB) (Free:47.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:111.47 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:448.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A3D1A3D1)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 89AA2A25)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of log ============================

Edited by Naidan, 19 June 2015 - 03:12 PM.


#4 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 19 June 2015 - 03:31 PM

P.S it cant be router i already reset it to factory seting delet setting on my pc and started over and nothing helped . :/



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 20 June 2015 - 07:41 AM


This is your DNS server
DNS Servers: 5.104.175.153 - 5.104.175.150

It's located in Bulgaria
http://whatismyipaddress.com/ip/5.104.175.150

Does that seem right to you?

You can always check with your Internet Provider
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [571392 2013-10-29] () [File not signed]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
C:\Program Files\KMSpico

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en


Restart Chrome.

====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F

Clean the Firefox Cache.
https://kb.wisc.edu/page.php?id=15141

===

How is the computer running now?

#6 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 20 June 2015 - 08:52 AM

Hello again i reset chrome and firefox and IE to default setting but no change ,and no i'm not in Bulgaria I'm in Serbia(right next to Bulgaria)

p.s. still get those annoying ads nothing fixed atm :/

 

and this is the fixlog.txt

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by ---------- at 2015-06-20 15:44:04 Run:4
Running from C:\Users\-------------\Desktop
Loaded Profiles: -------------(Available Profiles: ---------)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [571392 2013-10-29] () [File not signed]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
C:\Program Files\KMSpico
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
Service KMSELDI => Service not found.
GMSIPCI => Service not found.
"C:\Program Files\KMSpico" => File/Folder not found.
EmptyTemp: => 423.3 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 15:45:04 ====

Edited by Naidan, 20 June 2015 - 09:21 AM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 20 June 2015 - 12:42 PM

You did clean the Caches on both browsers?
===

Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zeok tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(Give it a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:
autoclean;
ipconfig /flushdns;b
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log in your reply.

Also, please provide an update on how the computer is behaving after running the above script.

===

#8 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 20 June 2015 - 01:48 PM

 
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by ----------on 20/06/2015 at 20:16:40.86.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\------------------\Desktop\zoek.exe    [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
20/06/2015 20:18:28 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Wondershare deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\Program Files\Easeware deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\xml_param deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Wondershare not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\Users\NemanjaN\.android deleted
C:\Users\NemanjaN\AppData\Roaming\wss.ini deleted
C:\PROGRA~3\SMS_4B0B2FBL.txt deleted
C:\PROGRA~3\SMS_4B0B2FBR.txt deleted
C:\PROGRA~3\SMS_4B0B2FDC.txt deleted
C:\PROGRA~3\SMS_4B0B2FTL.txt deleted
C:\PROGRA~3\SMS_4B0B2FTR.txt deleted
C:\PROGRA~3\win_mpwd_sys.dat deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\PROGRA~2\Bonjour\mdnsNSP.dll" deleted
"C:\PROGRA~2\Bonjour" not deleted
"C:\PROGRA~3\Package Cache" deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\NemanjaN\AppData\Roaming\Mozilla\Firefox\Profiles\yrdr1o3f.default-1434808530028
user_pref("browser.startup.homepage", "google.com");
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\NemanjaN\AppData\Roaming\Mozilla\Firefox\Profiles\yrdr1o3f.default-1434808530028
- Ant Video Downloader - %ProfilePath%\extensions\anttoolbar@ant.com
- Night Mode Page Dim - %ProfilePath%\extensions\ilaita.night-mode-page-dim@jetpack.xpi
 
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\NemanjaN\AppData\Roaming\Mozilla\Firefox\Profiles\yrdr1o3f.default-1434808530028
4174499E49FE276D9BDCE13364559080 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll - Shockwave Flash
 
 
==== Chromium Look ======================
 
Facebook - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
The Great Suspender - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg
Chrome Hotword Shared Module - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Vid-MP3 - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lddedhkbddaclbmkemmcbcbbkcofojei
App Runtime for Chrome (Beta) - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc
Hover Zoom - NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\NemanjaN\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\NemanjaN\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\NemanjaN\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\NemanjaN\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
C:\Users\NemanjaN\AppData\Local\Mozilla\Firefox\Profiles\yrdr1o3f.default-1434808530028\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\NemanjaN\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=730 folders=1054 6417881751 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\NemanjaN\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\NemanjaN\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\PROGRA~2\Bonjour"  not found
 
==== EOF on 20/06/2015 at 20:42:46.38 ======================
 
 
 
 
 
 
Seems like the problem has gone away for now ,but i will post again just to be sure to let you know of the development of the situation ,leave this thread open for the time being .
P.S. THANKS A LOT !!!!!


#9 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 21 June 2015 - 05:58 AM

Nope adcash popus still keep opening in chrome :'(


Edited by Naidan, 21 June 2015 - 06:26 AM.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 21 June 2015 - 08:03 AM

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/

When completed restart the computer normally,

How is it now?

#11 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 22 June 2015 - 04:44 AM

Yea it has stopped for now ,since I reinstaled crhome and ran your script it works fine now ,no popups at all since last night ,but I'll keep you posted if something changes today :D

EDIT: problem is still there adcash keeps opening in ff and chrome after the reinstall started this morning again.


Edited by Naidan, 22 June 2015 - 05:47 AM.


#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 22 June 2015 - 07:52 AM

Lets search in the Registry.

Please run the Farbar Recovery Scan Tool. Enter adcash in the Search Box.
Click the Search Registry button, post the content of the Search.txt file in your next reply.

#13 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 23 June 2015 - 01:12 AM

Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by NemanjaN at 2015-06-23 08:09:43
Running from C:\Users\NemanjaN\Desktop\CISTI WINDOWZ
Boot Mode: Normal
 
================== Search Registry: "adcash" ===========
 
 
====== End of Search ======
 
I dont think he found anything.


#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:03 PM

Posted 23 June 2015 - 07:58 AM

Are you still getting popups on Chrome and Firefox?

#15 Naidan

Naidan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:04:03 AM

Posted 24 June 2015 - 01:32 AM

yes ,i literally tried everything once more and nothing i have no idea where this malware can reside ,i re installed OS like 2 times and still have it  :/






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users