Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

appdatafr25.bin reinstalling itself, hijacking browser


  • This topic is locked This topic is locked
2 replies to this topic

#1 markee

markee

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 28 June 2015 - 12:24 PM

I've read other posts with the same problem as I have here and a fix seems to be a fixlist file that I have no idea how to make myself.

I'm fairly confident that this for instance is the same problem I have http://www.bleepingcomputer.com/forums/t/578338/adware-continues-to-trouble-laptop;-links-keep-popping-up-in-webpages/

 

Also this http://www.geekstogo.com/forum/topic/352652-trojan-shut-down-browser-redirecting-malwarepainful-slow/

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015
Ran by Andrew (administrator) on SMOKESCREEN on 29-06-2015 03:09:57
Running from C:\Users\Andrew\Desktop
Loaded Profiles: Andrew (Available Profiles: Andrew)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
() C:\Program Files\BLUE\Yeti_Pro_Driver\YetiProControlPanel.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-04] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-02-28] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-05] (Valve Corporation)
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7457336 2015-05-29] (GOG.com)
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\Policies\Explorer: [NoLowDiscSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2014-10-02]
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Yeti Pro Control Panel Autostart.lnk [2015-03-09]
ShortcutTarget: Yeti Pro Control Panel Autostart.lnk -> C:\Program Files\BLUE\Yeti_Pro_Driver\YetiProControlPanel.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\..\Interfaces\{21CD779A-CF99-49D5-B8DA-1E8572314AA5}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\cubqqmt9.default-1435502614314
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Extension: HTTPS-Everywhere - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\cubqqmt9.default-1435502614314\Extensions\https-everywhere@eff.org [2015-06-29]
FF Extension: Reddit Enhancement Suite - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\cubqqmt9.default-1435502614314\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-06-29]
FF Extension: uBlock - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\cubqqmt9.default-1435502614314\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-06-29]
FF Extension: NoScript - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\cubqqmt9.default-1435502614314\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-06-29]
 
Chrome: 
=======
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (BetterTTV) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-06-29]
CHR Extension: (Google Docs) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (Google Drive) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (uBlock Origin) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-06-29]
CHR Extension: (Google Search) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (Google Sheets) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2015-06-29]
CHR Extension: (HTTPS Everywhere) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-06-29]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-06-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-29]
CHR Extension: (Google Wallet) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-29]
CHR Extension: (uMatrix) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-06-29]
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1751096 2015-05-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-17] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-04] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-25] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-26] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 blueyetipro; C:\Windows\System32\DRIVERS\blueyetipro_x64.sys [254464 2014-05-16] ()
S3 blueyetiproks; C:\Windows\System32\DRIVERS\blueyetiproks_x64.sys [46080 2014-05-16] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-02-05] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-29] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-29 03:09 - 2015-06-29 03:09 - 00018982 _____ C:\Users\Andrew\Desktop\FRST.txt
2015-06-29 03:09 - 2015-06-29 03:09 - 00000000 ____D C:\FRST
2015-06-29 03:07 - 2015-06-29 03:07 - 02112512 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2015-06-29 02:59 - 2015-06-22 03:33 - 00575810 _____ C:\Users\Andrew\Desktop\landed_titles.txt
2015-06-29 00:57 - 2015-06-29 00:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 00:45 - 2015-06-29 00:45 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-29 00:45 - 2015-06-29 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-29 00:45 - 2015-06-29 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-29 00:44 - 2015-06-29 00:44 - 00243408 _____ C:\Users\Andrew\Downloads\Firefox Setup Stub 38.0.5.exe
2015-06-29 00:30 - 2015-06-29 02:35 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-29 00:30 - 2015-06-29 00:38 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 00:30 - 2015-06-29 00:30 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-29 00:30 - 2015-06-29 00:30 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-29 00:24 - 2015-06-29 00:24 - 00000000 ____D C:\Users\Andrew\AppData\Local\CrashDumps
2015-06-29 00:06 - 2015-06-29 00:14 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-29 00:05 - 2015-06-29 00:14 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-29 00:04 - 2015-06-29 00:05 - 17679608 _____ C:\Users\Andrew\Desktop\RogueKiller.exe
2015-06-28 23:42 - 2015-06-29 02:13 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-28 23:42 - 2015-06-29 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-28 23:42 - 2015-06-29 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-28 23:42 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-28 23:42 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-28 03:55 - 2015-06-28 03:55 - 00000031 _____ C:\Users\Andrew\Desktop\RETINUE.txt
2015-06-26 18:31 - 2015-06-29 02:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-26 18:31 - 2015-06-28 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-26 18:31 - 2015-06-26 18:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-26 18:30 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-26 17:46 - 2015-06-29 00:23 - 00000000 ____D C:\AdwCleaner
2015-06-26 17:45 - 2015-06-26 17:45 - 02244096 _____ C:\Users\Andrew\Desktop\adwcleaner_4.207.exe
2015-06-26 17:45 - 2015-06-26 17:45 - 00000000 _____ C:\Users\Andrew\AppData\Local\Temp.dat
2015-06-26 17:39 - 2015-06-26 17:45 - 00000000 ____D C:\Program Files (x86)\WIKI 2 Wikipedia Republished
2015-06-26 17:38 - 2015-06-26 17:39 - 00000000 ____D C:\ProgramData\17513294792598500992
2015-06-23 03:15 - 2015-05-19 13:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-23 03:15 - 2015-05-19 13:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-22 03:41 - 2015-06-22 03:41 - 00000000 ____D C:\Users\Andrew\Documents\Paradox Interactive
2015-06-21 00:27 - 2015-06-21 00:27 - 00000000 ____D C:\Users\Andrew\AppData\Local\SecondLife
2015-06-20 23:51 - 2015-06-20 23:52 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\SecondLife
2015-06-20 23:51 - 2015-06-20 23:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
2015-06-19 22:03 - 2015-06-26 19:21 - 00007605 _____ C:\Users\Andrew\AppData\Local\Resmon.ResmonCfg
2015-06-18 23:27 - 2015-06-18 23:27 - 15032030 _____ C:\Users\Andrew\Desktop\i2pinstall_0.9.20_windows.exe
2015-06-18 17:40 - 2015-06-18 17:40 - 00212346 _____ C:\Users\Andrew\Desktop\Odin_Multi_Downloader_v4.44.zip
2015-06-11 18:52 - 2015-06-17 00:58 - 00000000 ____D C:\Users\Andrew\VirtualBox VMs
2015-06-11 18:36 - 2015-06-17 01:00 - 00000000 ____D C:\Users\Andrew\.VirtualBox
2015-06-11 18:36 - 2015-06-11 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-06-11 18:36 - 2015-06-11 18:36 - 00000000 ____D C:\Program Files\Oracle
2015-06-11 18:36 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-06-11 18:36 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-06-11 15:12 - 2015-06-11 15:12 - 00000000 ____D C:\Windows\system32\RAPID
2015-06-11 15:12 - 2014-09-16 14:30 - 00268976 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2015-06-11 15:03 - 2015-06-11 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-06-11 14:52 - 2015-06-11 14:52 - 00000000 ____D C:\UserBenchmark
2015-06-11 13:52 - 2015-06-11 13:54 - 00000400 __RSH C:\ProgramData\ntuser.pol
2015-06-11 12:47 - 2015-06-11 15:11 - 00000043 _____ C:\Users\Andrew\Desktop\New Text Document.txt
2015-06-04 08:32 - 2015-06-04 08:32 - 00000000 ____D C:\Users\Andrew\AppData\Local\GWX
2015-06-02 05:38 - 2012-07-26 13:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-06-02 05:38 - 2012-07-26 13:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-06-02 05:38 - 2012-07-26 13:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-06-02 05:38 - 2012-07-26 13:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-06-02 05:38 - 2012-07-26 13:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-06-02 05:38 - 2012-07-26 12:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-06-02 05:38 - 2012-07-26 12:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-06-02 05:38 - 2012-06-03 00:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-06-02 05:32 - 2015-06-02 05:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-02 05:32 - 2015-06-02 05:32 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-02 05:31 - 2015-01-09 09:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-06-02 05:31 - 2015-01-09 09:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-06-02 05:31 - 2013-05-10 15:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-02 05:31 - 2013-05-10 15:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-02 05:31 - 2013-05-10 14:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-02 05:31 - 2013-05-10 14:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-02 05:29 - 2013-10-02 12:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-06-02 05:29 - 2013-10-02 12:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-06-02 05:29 - 2013-10-02 12:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-06-02 05:29 - 2013-10-02 11:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-06-02 05:29 - 2013-10-02 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-06-02 05:29 - 2013-10-02 11:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-06-02 05:29 - 2013-10-02 11:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-06-02 05:29 - 2013-10-02 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-06-02 05:29 - 2013-10-02 10:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-06-02 05:29 - 2013-10-02 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-06-02 05:29 - 2013-10-02 10:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-02 05:29 - 2013-10-02 10:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-06-02 05:29 - 2013-10-02 09:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-06-02 05:29 - 2013-10-02 09:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-06-02 05:29 - 2013-10-02 09:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-06-02 05:29 - 2013-10-02 08:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-06-02 05:29 - 2013-10-02 06:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-02 05:29 - 2013-10-02 06:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-02 05:29 - 2012-08-24 00:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-02 05:29 - 2012-08-24 00:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-06-02 05:29 - 2012-08-23 23:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-06-02 05:29 - 2012-08-23 21:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-06-02 05:29 - 2012-08-23 20:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-06-02 05:29 - 2012-08-23 19:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-02 05:28 - 2014-10-18 12:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-06-02 05:28 - 2014-10-18 11:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-06-02 05:27 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-06-02 05:27 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-06-02 05:26 - 2015-04-28 05:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-02 05:26 - 2015-04-28 05:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-02 05:26 - 2015-04-28 05:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-02 05:26 - 2015-04-28 05:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-02 05:26 - 2015-04-28 05:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-02 05:26 - 2015-04-28 05:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-02 05:26 - 2015-04-28 05:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-02 05:26 - 2015-04-28 05:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-02 05:26 - 2015-04-28 05:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-02 05:26 - 2015-04-28 05:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 05:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-02 05:26 - 2015-04-28 05:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-02 05:26 - 2015-04-28 05:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-02 05:26 - 2015-04-28 05:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-02 05:26 - 2015-04-28 05:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-02 05:26 - 2015-04-28 05:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-02 05:26 - 2015-04-28 05:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-02 05:26 - 2015-04-28 05:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-02 05:26 - 2015-04-28 05:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-02 05:26 - 2015-04-28 05:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-02 05:26 - 2015-04-28 05:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-02 05:26 - 2015-04-28 05:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-02 05:26 - 2015-04-28 05:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-02 05:26 - 2015-04-28 05:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-02 05:26 - 2015-04-28 05:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-02 05:26 - 2015-04-28 05:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-02 05:26 - 2015-04-28 05:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-02 05:26 - 2015-04-28 05:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-02 05:26 - 2015-04-28 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-02 05:26 - 2015-04-28 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 04:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-02 05:26 - 2015-04-28 03:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-02 05:26 - 2015-04-28 03:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-02 05:26 - 2015-04-28 03:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 03:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 03:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-02 05:26 - 2015-04-28 03:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-02 05:26 - 2015-03-23 13:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-02 05:26 - 2015-03-23 13:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-02 05:26 - 2015-03-23 13:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-02 05:26 - 2015-03-23 13:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-02 05:26 - 2015-03-23 13:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-02 05:26 - 2015-03-23 13:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-02 05:26 - 2015-03-23 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-02 05:26 - 2015-03-23 13:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-02 05:26 - 2015-03-14 13:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-02 05:26 - 2015-03-14 13:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-02 05:26 - 2015-03-14 13:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-02 05:26 - 2015-03-14 13:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-02 05:26 - 2015-03-04 14:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-02 05:26 - 2015-03-04 14:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-06-02 05:26 - 2015-03-04 14:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-02 05:26 - 2015-03-04 14:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-06-02 05:26 - 2015-03-04 14:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-06-02 05:26 - 2015-03-04 14:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-02 05:26 - 2015-03-04 14:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-02 05:26 - 2015-01-29 13:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-02 05:26 - 2015-01-29 13:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-02 05:26 - 2015-01-28 09:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-06-02 05:26 - 2015-01-09 13:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-06-02 05:26 - 2015-01-09 13:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-06-02 05:26 - 2015-01-09 13:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-06-02 05:26 - 2015-01-09 12:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-06-02 05:26 - 2014-12-12 15:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-02 05:26 - 2014-12-12 15:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-02 05:26 - 2014-11-08 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-06-02 05:26 - 2014-11-08 12:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-06-02 05:26 - 2014-10-30 12:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-06-02 05:26 - 2014-10-30 11:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-06-02 05:26 - 2014-10-14 12:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-06-02 05:26 - 2014-10-14 11:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-06-02 05:26 - 2014-09-25 12:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-06-02 05:26 - 2014-09-25 11:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-06-02 05:26 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-06-02 05:26 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-06-02 05:26 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-06-02 05:26 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-06-02 05:26 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-06-02 05:26 - 2014-07-09 12:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-06-02 05:26 - 2014-07-09 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-06-02 05:26 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-06-02 05:26 - 2014-07-09 11:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-06-02 05:26 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-06-02 05:26 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-06-02 05:26 - 2014-07-09 11:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-06-02 05:26 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-06-02 05:26 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-06-02 05:26 - 2014-02-04 12:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-06-02 05:26 - 2014-02-04 12:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-06-02 05:26 - 2014-02-04 12:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-06-02 05:26 - 2014-02-04 12:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-06-02 05:26 - 2014-02-04 12:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-06-02 05:26 - 2014-01-28 12:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-06-02 05:26 - 2013-12-04 12:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-06-02 05:26 - 2013-12-04 12:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-06-02 05:26 - 2013-12-04 12:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-06-02 05:26 - 2013-12-04 12:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-06-02 05:26 - 2013-12-04 12:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-06-02 05:26 - 2013-12-04 12:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-06-02 05:26 - 2013-12-04 12:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-06-02 05:26 - 2013-12-04 12:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-06-02 05:26 - 2013-12-04 12:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-06-02 05:26 - 2013-12-04 12:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-06-02 05:26 - 2013-12-04 12:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-06-02 05:26 - 2013-12-04 12:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-06-02 05:26 - 2013-12-04 12:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-06-02 05:26 - 2013-12-04 12:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-06-02 05:26 - 2013-12-04 11:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-06-02 05:26 - 2013-12-04 11:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-06-02 05:26 - 2013-12-04 11:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-06-02 05:26 - 2013-12-04 11:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-06-02 05:26 - 2013-10-30 12:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-06-02 05:26 - 2013-10-30 12:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-06-02 05:26 - 2013-10-04 12:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-06-02 05:26 - 2013-10-04 12:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-06-02 05:26 - 2013-10-04 11:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-06-02 05:26 - 2013-10-04 11:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-06-02 05:26 - 2013-08-28 11:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-06-02 05:26 - 2013-08-05 12:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-06-02 05:26 - 2013-07-04 22:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-06-02 05:26 - 2013-07-04 22:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-06-02 05:26 - 2013-07-04 21:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-06-02 05:26 - 2013-07-04 21:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-06-02 05:26 - 2013-05-10 15:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-06-02 05:26 - 2013-05-10 13:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-06-02 05:26 - 2013-03-19 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-06-02 05:26 - 2012-12-07 23:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-06-02 05:26 - 2012-12-07 23:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-06-02 05:26 - 2012-12-07 22:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-06-02 05:26 - 2012-12-07 22:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-06-02 05:26 - 2012-12-07 21:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-06-02 05:26 - 2012-12-07 21:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-06-02 05:26 - 2012-12-07 21:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-06-02 05:26 - 2012-12-07 20:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-06-02 05:26 - 2012-10-10 04:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-06-02 05:26 - 2012-10-10 04:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-06-02 05:26 - 2012-10-10 03:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-06-02 05:26 - 2012-10-10 03:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-06-02 05:26 - 2012-10-04 03:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-06-02 05:26 - 2012-10-04 03:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-06-02 05:26 - 2012-10-04 03:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-06-02 05:26 - 2012-10-04 02:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-06-02 05:26 - 2012-10-04 02:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-06-02 05:26 - 2012-10-04 02:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-06-02 05:26 - 2012-08-22 07:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-06-02 05:26 - 2012-07-07 06:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-06-02 05:26 - 2012-01-04 20:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-06-02 05:26 - 2012-01-04 18:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-06-02 05:26 - 2011-12-30 16:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-06-02 05:26 - 2011-12-30 15:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-06-02 05:26 - 2011-06-16 15:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-06-02 05:26 - 2011-06-16 14:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-06-02 05:26 - 2011-05-04 15:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-02 05:26 - 2011-05-04 15:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-02 05:26 - 2011-05-04 15:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-02 05:26 - 2011-05-04 15:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-02 05:26 - 2011-05-04 15:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-02 05:26 - 2011-05-04 15:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-06-02 05:26 - 2011-05-04 15:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-02 05:26 - 2011-05-04 15:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-02 05:26 - 2011-05-04 15:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-06-02 05:26 - 2011-05-04 14:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-02 05:26 - 2011-05-04 14:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-02 05:26 - 2011-05-04 14:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-02 05:26 - 2011-05-04 14:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-02 05:26 - 2011-05-04 14:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-06-02 05:26 - 2011-05-04 14:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-06-02 05:26 - 2011-05-04 14:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-02 05:26 - 2011-05-04 14:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-02 05:26 - 2011-05-04 14:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-06-02 05:26 - 2011-03-11 16:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-06-02 05:26 - 2011-03-11 16:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-06-02 05:26 - 2011-03-11 16:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-06-02 05:26 - 2011-03-11 16:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-06-02 05:26 - 2011-03-11 16:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-06-02 05:26 - 2011-03-11 16:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-06-02 05:26 - 2011-03-11 16:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-06-02 05:26 - 2011-03-11 15:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-06-02 05:26 - 2011-03-11 15:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-06-02 05:26 - 2011-03-11 14:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-06-02 05:25 - 2015-04-11 13:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-02 05:25 - 2014-11-26 13:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-06-02 05:25 - 2014-11-26 13:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-06-02 05:25 - 2014-11-11 11:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-06-02 05:25 - 2014-10-03 12:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-06-02 05:25 - 2014-10-03 12:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-06-02 05:25 - 2014-10-03 12:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-06-02 05:25 - 2014-10-03 12:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-06-02 05:25 - 2014-10-03 12:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-06-02 05:25 - 2014-10-03 11:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-06-02 05:25 - 2014-10-03 11:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-06-02 05:25 - 2014-10-03 11:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-06-02 05:25 - 2014-10-03 11:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-06-02 05:25 - 2014-10-03 11:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-06-02 05:25 - 2014-01-24 12:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-06-02 05:25 - 2013-01-24 16:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-06-02 05:25 - 2012-08-23 04:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-06-02 05:25 - 2012-07-05 06:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-06-02 05:25 - 2011-02-18 20:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-06-02 05:25 - 2011-02-18 15:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-06-02 05:18 - 2015-06-02 05:18 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-02 05:18 - 2015-06-02 05:18 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-02 05:02 - 2015-05-01 23:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-02 05:02 - 2015-05-01 23:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-02 05:02 - 2015-04-13 13:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-02 05:02 - 2015-04-08 13:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-02 05:02 - 2015-04-08 13:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-06-02 05:02 - 2015-04-08 13:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-06-02 05:02 - 2015-02-18 17:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-06-02 05:02 - 2015-02-18 17:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-02 05:01 - 2015-04-22 12:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-02 05:01 - 2015-04-22 11:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-02 05:01 - 2015-04-22 03:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-02 05:01 - 2015-04-22 03:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-02 05:01 - 2015-04-22 03:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-02 05:01 - 2015-04-22 02:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-02 05:01 - 2015-04-22 02:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-02 05:01 - 2015-04-22 02:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-02 05:01 - 2015-04-22 02:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-02 05:01 - 2015-04-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-02 05:01 - 2015-04-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-02 05:01 - 2015-04-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-02 05:01 - 2015-04-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-02 05:01 - 2015-04-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-02 05:01 - 2015-04-22 02:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-02 05:01 - 2015-04-22 02:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-02 05:01 - 2015-04-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-02 05:01 - 2015-04-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-02 05:01 - 2015-04-22 02:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-02 05:01 - 2015-04-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-02 05:01 - 2015-04-22 02:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-02 05:01 - 2015-04-22 02:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-02 05:01 - 2015-04-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-02 05:01 - 2015-04-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-02 05:01 - 2015-04-22 02:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-02 05:01 - 2015-04-22 02:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-02 05:01 - 2015-04-22 02:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-02 05:01 - 2015-04-22 02:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-02 05:01 - 2015-04-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-02 05:01 - 2015-04-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-02 05:01 - 2015-04-22 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-02 05:01 - 2015-04-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-02 05:01 - 2015-04-22 02:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-02 05:01 - 2015-04-22 02:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-02 05:01 - 2015-04-22 02:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-02 05:01 - 2015-04-22 02:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-02 05:01 - 2015-04-22 01:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-02 05:01 - 2015-04-22 01:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-02 05:01 - 2015-04-22 01:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-02 05:01 - 2015-04-22 01:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-02 05:01 - 2015-04-22 01:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-02 05:01 - 2015-04-22 01:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-02 05:01 - 2015-04-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-02 05:01 - 2015-04-22 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-02 05:01 - 2015-04-22 01:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-02 05:01 - 2015-04-22 01:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-02 05:01 - 2015-04-22 01:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-02 05:01 - 2015-04-22 01:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-02 05:01 - 2015-04-22 01:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-02 05:01 - 2015-04-22 01:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-02 05:01 - 2015-04-22 01:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-02 05:01 - 2015-04-22 01:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-02 05:01 - 2015-04-22 01:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-02 05:01 - 2015-04-22 01:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-02 05:01 - 2015-04-22 01:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-02 05:01 - 2015-04-22 01:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-02 05:01 - 2015-04-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-02 05:01 - 2015-04-22 01:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-02 05:01 - 2015-04-22 00:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-02 05:01 - 2015-04-22 00:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-02 05:00 - 2015-05-05 11:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-02 05:00 - 2015-05-05 11:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-02 05:00 - 2015-04-20 13:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-02 05:00 - 2015-04-20 13:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-02 05:00 - 2015-04-20 12:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-02 05:00 - 2015-04-20 12:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-02 05:00 - 2015-04-18 13:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-02 05:00 - 2015-04-18 12:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-01 21:21 - 2015-05-28 13:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 21:20 - 2015-05-28 17:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 21:20 - 2015-05-28 17:04 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 21:20 - 2015-05-28 17:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 17:53 - 2015-05-28 17:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 17:53 - 2015-05-28 17:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-29 02:48 - 2015-01-15 06:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-29 02:25 - 2014-10-02 18:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-29 00:57 - 2014-10-21 15:01 - 00000000 ____D C:\Users\Andrew\AppData\Local\Google
2015-06-29 00:57 - 2014-10-21 15:01 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-29 00:40 - 2009-07-14 14:45 - 00014304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 00:40 - 2009-07-14 14:45 - 00014304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 00:38 - 2009-07-14 15:13 - 00848236 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-29 00:36 - 2014-09-26 00:12 - 01992451 _____ C:\Windows\WindowsUpdate.log
2015-06-29 00:33 - 2015-05-10 03:57 - 00013754 _____ C:\Windows\setupact.log
2015-06-29 00:33 - 2014-10-02 18:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 00:33 - 2009-07-14 15:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 00:32 - 2015-05-21 04:54 - 00015986 _____ C:\Windows\PFRO.log
2015-06-29 00:21 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\PLA
2015-06-28 23:47 - 2009-07-14 15:32 - 00000000 ____D C:\Windows\Performance
2015-06-27 00:56 - 2014-10-02 18:29 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\vlc
2015-06-26 23:49 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-24 18:30 - 2015-05-20 06:08 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt
2015-06-24 18:30 - 2014-10-10 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-06-24 07:48 - 2015-01-15 06:57 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 07:48 - 2014-10-02 17:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 07:48 - 2014-10-02 17:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 06:46 - 2014-10-05 15:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-23 03:15 - 2015-05-27 14:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-23 03:15 - 2014-10-02 18:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-19 15:48 - 2014-10-02 18:14 - 00000000 ____D C:\Users\Andrew\AppData\Local\Adobe
2015-06-18 17:40 - 2014-12-25 09:35 - 00000000 ____D C:\Users\Andrew\Desktop\Odin
2015-06-18 01:55 - 2014-10-23 16:56 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-18 01:55 - 2014-09-26 00:12 - 00000000 ____D C:\Users\Andrew
2015-06-18 01:47 - 2014-10-23 16:56 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-18 01:33 - 2014-12-17 00:01 - 01065984 _____ C:\Users\Andrew\AppData\Local\file__0.localstorage
2015-06-17 00:09 - 2014-10-02 20:53 - 00000000 ____D C:\Users\Andrew\Desktop\Misc
2015-06-15 17:43 - 2014-12-04 06:46 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\uTorrent
2015-06-11 15:12 - 2014-09-26 00:33 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-11 15:03 - 2014-09-26 00:33 - 00003282 _____ C:\Windows\System32\Tasks\SamsungMagician
2015-06-11 13:52 - 2009-07-14 13:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-11 13:52 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-06-06 15:08 - 2015-05-20 06:13 - 00000000 ____D C:\Users\Andrew\Documents\The Witcher 3
2015-06-06 09:05 - 2009-07-14 15:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-04 13:58 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 07:04 - 2014-11-06 18:41 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-04 07:04 - 2014-11-06 18:41 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-04 07:04 - 2014-11-06 18:41 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-04 07:04 - 2014-11-06 18:41 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-04 06:06 - 2015-05-20 06:13 - 00000000 ____D C:\Users\Andrew\AppData\Local\GalaxyCommunicationService
2015-06-03 05:34 - 2015-03-21 15:02 - 00000000 ____D C:\Users\Andrew\AppData\Roaming\Audacity
2015-06-03 04:08 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-02 05:38 - 2009-07-14 13:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-02 05:33 - 2014-09-26 00:32 - 00072224 _____ C:\Users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-02 05:33 - 2009-07-14 14:45 - 04882864 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-02 05:32 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\tracing
2015-06-02 05:32 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-02 05:32 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-02 05:32 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-02 05:32 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-02 05:10 - 2014-10-02 18:48 - 00000000 ____D C:\Windows\system32\MRT
2015-06-02 05:10 - 2009-07-14 17:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-02 05:07 - 2014-10-02 18:48 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-01 21:22 - 2014-10-02 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-31 22:51 - 2014-10-02 20:55 - 00000000 ____D C:\Users\Andrew\Desktop\Wallpaper
 
==================== Files in the root of some directories =======
 
2014-12-17 00:01 - 2015-06-18 01:33 - 1065984 _____ () C:\Users\Andrew\AppData\Local\file__0.localstorage
2015-06-19 22:03 - 2015-06-26 19:21 - 0007605 _____ () C:\Users\Andrew\AppData\Local\Resmon.ResmonCfg
2015-06-26 17:45 - 2015-06-26 17:45 - 0000000 _____ () C:\Users\Andrew\AppData\Local\Temp.dat
 
Some files in TEMP:
====================
C:\Users\Andrew\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Andrew\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Andrew\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Andrew\AppData\Local\Temp\nvStInst.exe
C:\Users\Andrew\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrew\AppData\Local\Temp\Samsung_Magician_Setup_v45.exe
C:\Users\Andrew\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
ATTENTION: ==> Could not access BCD. Check to make sure user is administrator or see Addition.txt for additional information.
 
 
LastRegBack: 2015-06-26 19:52
 
==================== End of log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Andrew at 2015-06-29 03:10:11
Running from C:\Users\Andrew\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2435173290-512978119-1825070625-500 - Administrator - Disabled)
Andrew (S-1-5-21-2435173290-512978119-1825070625-1001 - Administrator - Enabled) => C:\Users\Andrew
Guest (S-1-5-21-2435173290-512978119-1825070625-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2435173290-512978119-1825070625-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
ASUS Xonar Essence STX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
CC Magic (HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\CC Magic) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5361 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
EVGA OC Scanner X 3.6.1.2 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version:  - EVGA)
EVGA PrecisionX 16 (HKLM-x32\...\{AB003477-F0A0-43CB-AD66-35B24F9EB4C5}) (Version: 5.2.6 - EVGA Corporation)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{86177DAE-38B1-49DD-912E-35CB703AB779}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
realMyst (HKLM-x32\...\GOGPACKREALMYST_is1) (Version: 2.0.0.6 - GOG.com)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
s3pe - Sims3 Package Editor (HKU\S-1-5-21-2435173290-512978119-1825070625-1001\...\s3pe) (Version: 13-1112-2033 - Peter L Jones)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
SecondLifeViewer (HKLM-x32\...\SecondLifeViewer) (Version: 3.7.30.302599 - Linden Research, Inc.)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Sims™ 3 (HKLM-x32\...\Steam App 47890) (Version:  - The Sims Studio)
The Sims™ 3 Create a World Tool - Beta (HKLM-x32\...\{65761BAE-11E8-48FE-B30F-1F01011AB906}) (Version: 1.19.6 - Electronic Arts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yeti Pro Driver v2.23.0 (HKLM-x32\...\Yeti Pro Driver v2.23.0) (Version: 2.23.0 - BLUE)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2435173290-512978119-1825070625-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2435173290-512978119-1825070625-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2435173290-512978119-1825070625-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2435173290-512978119-1825070625-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
11-06-2015 10:44:44 Scheduled Checkpoint
11-06-2015 15:01:46 RAPID
11-06-2015 15:12:06 RAPID
11-06-2015 18:36:01 Installed Oracle VM VirtualBox 4.3.28
12-06-2015 11:49:04 Windows Update
19-06-2015 15:19:52 Scheduled Checkpoint
26-06-2015 17:40:38 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2CC56EFF-DFA4-4DA1-9749-29902C9E7970} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {40F604C8-1EC9-4E16-B181-59F9B79E72BC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {57874492-AD5C-43E6-A696-A1FCFE2628AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {6188DF9A-6FFE-4F57-94B4-93C3635DB47B} - System32\Tasks\AdobeAAMUpdater-1.0-Smokescreen-Andrew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {935CBB96-6E1F-494D-BB99-962F37437EA8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {9E736791-2BB4-429D-A298-D64F77D2B25D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {BF39D505-BA51-41AF-980C-61C7A69BB031} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C06896EF-C3A7-4397-8D23-261D633C6D9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {C13803D4-C681-4C74-9EBC-AAEA0409CC85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {C7B7FBF6-C523-40BF-8143-71CF006CE4A9} - System32\Tasks\{A1B44E1B-C5AF-4EFB-B29D-8A183749D5D9} => pcalua.exe -a C:\Users\Andrew\Desktop\Photoshop_Plugins_x64_8.55.0109.1800.exe -d C:\Users\Andrew\Desktop
Task: {D987E20E-3760-4C45-9200-53D15F904C19} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-03] (Microsoft Corporation)
Task: {FC8647FD-C98E-461D-9C46-FDD27E5FFB77} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2014-09-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-10-25 09:36 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-10-02 18:43 - 2015-05-28 14:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-18 12:18 - 2015-01-28 01:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-05 10:24 - 2015-02-05 10:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-10-02 18:23 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-10-02 18:23 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2015-03-09 02:00 - 2014-05-16 17:35 - 00409600 _____ () C:\Program Files\BLUE\Yeti_Pro_Driver\YetiProControlPanel.exe
2015-04-14 17:52 - 2015-06-04 07:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-02 18:23 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\VmixP8.dll
2014-10-02 18:16 - 2015-04-17 03:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 12:08 - 2015-04-23 12:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 12:08 - 2015-04-23 12:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 12:08 - 2015-04-23 12:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-02 18:16 - 2015-06-05 04:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-10-02 18:16 - 2014-12-02 07:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-02 18:16 - 2014-12-02 07:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-02 18:16 - 2014-12-02 07:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-02 18:16 - 2014-12-02 07:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-02 18:16 - 2014-12-02 07:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-02 18:16 - 2015-06-05 04:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-09 02:00 - 2014-05-16 17:35 - 00192512 _____ () C:\Program Files\BLUE\Yeti_Pro_Driver\blueyetiproapi.dll
2015-02-05 19:20 - 2015-02-05 19:20 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00566272 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00415744 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 01784320 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00412672 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00094208 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00515584 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-05-20 02:56 - 2015-05-16 18:00 - 00139776 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 01202176 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 02577408 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00477184 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00649728 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00340480 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00332288 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00172032 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 41299456 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-05-20 02:56 - 2015-05-16 18:01 - 00107520 _____ () C:\Program Files (x86)\GalaxyClient\ZLIB1.dll
2014-10-02 18:16 - 2015-05-12 05:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-09-26 00:33 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-05-20 02:56 - 2015-05-16 18:00 - 00888832 _____ () C:\Program Files (x86)\GalaxyClient\ffmpegsumo.dll
2015-06-29 00:57 - 2015-06-20 15:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-29 00:57 - 2015-06-20 15:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-29 00:57 - 2015-06-20 15:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2435173290-512978119-1825070625-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{216D80BD-E21D-49C2-8DEF-CD4BADEEC4BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5D16FB5F-4396-4865-A156-E1542701ED64}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0FFACB36-A948-4B90-A7D8-40EE27FEA473}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{59F85AF3-A817-45BA-9249-7B2DCC024082}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{68CB4564-D974-473C-B541-FACB9F5CCBAE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{46FCA1EE-7E03-452E-8886-D7A862E9704E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9FD27831-15CD-41B7-AD71-C6425E6A9C46}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{B53541B6-7D8A-4918-873C-054BBE7C743B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{5D94F7B4-E9D0-49D2-BC01-C66DD2E9654C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4CA0D3F0-8EBB-41E0-9F58-09E36AF8D31C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{36CD2875-0124-4ECC-8E1A-60EB2634FA58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DDC03A52-D7C8-4E07-B8F4-CA4FDDD3FDA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C4190CF3-FB58-4D95-B4E7-E60829F77ECF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{58CD1DF6-5E92-4061-BB9C-39380F6A5FA9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CBCA8139-9576-49AE-B37B-9AA6D28B3313}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3C26F579-62DA-493F-AC7B-4D719857E0B0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7B8291DA-05F0-4AC2-90D5-8C252F97DCF2}] => (Allow) C:\Users\Andrew\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2B6CB6F3-7B10-498F-98C9-353055F79918}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{17D199A4-620C-4DF5-AC09-17D0992B9014}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{B5BF2A65-8777-4946-91E0-53598163578D}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{1DD22BD5-B096-4039-AE7F-E3413BE512E8}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\DragonAgeToolset.exe
FirewallRules: [{3A862E06-A510-43EA-863B-F14BB9F80EF5}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\RPU.exe
FirewallRules: [{A50FF6E1-8835-488D-87BD-B6DD674C7E03}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\RPU.exe
FirewallRules: [{0E7B7AD6-BAF7-4B39-A3EC-A7C2F96BD2D4}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{62C705AA-B44E-4C49-A824-CBF0DEAC515E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\lightmapper\eclipseRay.exe
FirewallRules: [{BC90B4BF-3A54-4DB9-99E0-5447C88E82F7}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\GffEditor.exe
FirewallRules: [{3F4047E4-3A67-432D-A1B2-4DBEFB0494F9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\GffEditor.exe
FirewallRules: [{BB353D36-85F8-4787-B8DC-04EBCD2C85C9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\ErfEditor.exe
FirewallRules: [{4C5AD836-7D56-4EBA-B8BD-737308A7CFD5}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\tools\ErfEditor.exe
FirewallRules: [TCP Query User{DE17608A-F744-4D24-ABFE-F53A335C6E61}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [UDP Query User{BBFE0439-1045-4462-B1BC-31A6ED2FAC2F}C:\windows\syswow64\regsvr32.exe] => (Allow) C:\windows\syswow64\regsvr32.exe
FirewallRules: [{A78FA8F0-DB22-4F9D-8515-694C82684416}] => (Allow) D:\SteamLibrary\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{6174003D-4D35-4F61-B215-66D3DF92CABB}] => (Allow) D:\SteamLibrary\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{5B7F5A4C-BE1C-44B7-94A2-DEBC896F509E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{492900BE-4DB3-4CF8-80A8-B37CB443CCFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3E88AD6A-D90D-4241-8CFB-D57B1D5B7DE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{808901E8-6234-4167-A848-944807C2E26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5DCF0408-160D-471E-929A-E6F48605E271}] => (Allow) C:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47AD25FC-77A7-44AA-AB77-CC41988AE749}] => (Allow) C:\Users\Andrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4DBA1814-6667-4348-9120-156CEFA2AD17}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{53A7D5A5-9170-47CB-AB6E-03632AF388F3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{023CC238-E1E8-4550-8AD8-B4B3AB73E603}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{A139FC35-E845-4688-850B-2AB680BAC3E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{C800B114-26C1-4F28-8D6C-37499263107C}] => (Allow) D:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{37EDAD98-A852-4F4F-BDEF-1D6F183ECBEF}] => (Allow) D:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [TCP Query User{8175B2A7-F6C9-41B4-A39C-CBB2F85DA06F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D08F5223-F7EA-42F5-B5BC-6599C31D777B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{D96F7C2B-BD9F-46C8-90AD-3ED862F7590F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{64F83684-0C92-48CA-BC88-7612F05830D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [TCP Query User{C6408D17-1266-40E9-91D7-A16FAABF7FAB}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{26A5779C-74F9-44F1-878B-9E2A6EB6B585}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{6ECE6AA8-4EED-45F7-8BA8-BC9447DA3618}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A7CB0B3B-9ABD-4C82-B185-D163E4C1460E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7DE45642-1A8B-4BA3-9C6F-E6769CD781E9}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{853ADE21-C806-4325-AEB0-F30942B61B4B}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{7A629CB1-DE95-4CE9-B7B1-0BE446A84178}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{AD5B1E27-6F1A-4B61-BDEA-D720C2315561}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [TCP Query User{57B7172E-7462-405E-A1EF-C1882E4627AA}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [UDP Query User{D8CD5655-320B-402C-9D4E-DE1A190722B8}C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\jp2launcher.exe
FirewallRules: [{AA486BA4-C697-47F5-A677-E55007585FE9}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{9A79FAF1-7708-4254-8AA3-CD12B26F6B2A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7B2A32DC-51D5-43F2-B784-AA2D7BF5AF21}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E9840075-0802-477E-A52B-CC32A798C6FF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{B1EA0159-D5FC-46B1-A983-E8B401714583}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{D3359EC5-1E99-466A-95DC-3ED9319032B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{76B0B67B-751A-48CC-BA93-14CD0A861037}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{ED9ACAC9-2759-49CC-974D-DC56C2DA261C}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{C84D98DA-9CE3-404C-9008-BDF5C99BEFAD}D:\secondlifeviewer\slvoice.exe] => (Block) D:\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{60A91AA6-91B0-4581-8518-D88F94DFA8B6}D:\secondlifeviewer\slvoice.exe] => (Block) D:\secondlifeviewer\slvoice.exe
FirewallRules: [{D0055263-F7AB-45C8-A92A-820A08196796}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{B902EB3A-FFB0-496A-A5F6-BE3930C65738}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{479A04B1-1F11-4F6F-B038-C8097DA5B10A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{188156E9-8671-4508-AD4B-B68EC8E5BA0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{9659F556-653C-4296-88BD-459DBCD70637}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{C1954306-B2A1-40F1-9BC3-51CDDD1FC11C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{4FB0A667-EFE8-4288-B28E-817C9A7194A6}] => (Allow) D:\SteamLibrary\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{1C4F494E-A84C-49CD-A962-D0F691E6E08D}] => (Allow) D:\SteamLibrary\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{B9091804-92EF-47DA-9619-A16ADC0F5945}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3278A10-7131-4EE8-A76E-352643BEDE3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60F60FAA-9C6D-483F-A81E-996AC270FCDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/29/2015 00:24:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: adwcleaner_4.207.exe, version: 4.2.0.7, time stamp: 0x5586fc79
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x74a64f5d
Faulting process id: 0x191c
Faulting application start time: 0xadwcleaner_4.207.exe0
Faulting application path: adwcleaner_4.207.exe1
Faulting module path: adwcleaner_4.207.exe2
Report Id: adwcleaner_4.207.exe3
 
Error: (06/29/2015 00:24:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17514, time stamp: 0x4ce7a144
Faulting module name: RTSUltraMonHook.dll_unloaded, version: 0.0.0.0, time stamp: 0x50d64abb
Exception code: 0xc0000005
Fault offset: 0x00000000645a7f84
Faulting process id: 0x910
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (06/28/2015 05:18:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Faulting module name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Exception code: 0xc0000005
Fault offset: 0x0010afcb
Faulting process id: 0x2858
Faulting application start time: 0xCK2game.exe0
Faulting application path: CK2game.exe1
Faulting module path: CK2game.exe2
Report Id: CK2game.exe3
 
Error: (06/28/2015 04:08:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xa0019631
Faulting process id: 0x2268
Faulting application start time: 0xCK2game.exe0
Faulting application path: CK2game.exe1
Faulting module path: CK2game.exe2
Report Id: CK2game.exe3
 
Error: (06/28/2015 00:38:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Faulting module name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Exception code: 0xc0000005
Fault offset: 0x0010afcb
Faulting process id: 0x10ac
Faulting application start time: 0xCK2game.exe0
Faulting application path: CK2game.exe1
Faulting module path: CK2game.exe2
Report Id: CK2game.exe3
 
Error: (06/27/2015 09:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x635c7377
Faulting process id: 0x19d8
Faulting application start time: 0xCK2game.exe0
Faulting application path: CK2game.exe1
Faulting module path: CK2game.exe2
Report Id: CK2game.exe3
 
Error: (06/27/2015 08:08:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SndVol.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: be8
 
Start Time: 01d0b0bf5a7afc76
 
Termination Time: 3
 
Application Path: C:\Windows\system32\SndVol.exe
 
Report Id: 69f6fb00-1cb4-11e5-819d-e0b9a52e14b6
 
Error: (06/26/2015 09:35:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Faulting module name: CK2game.exe, version: 1.0.0.0, time stamp: 0x55793582
Exception code: 0xc0000005
Fault offset: 0x0010afcb
Faulting process id: 0x2068
Faulting application start time: 0xCK2game.exe0
Faulting application path: CK2game.exe1
Faulting module path: CK2game.exe2
Report Id: CK2game.exe3
 
Error: (06/26/2015 06:12:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: adwcleaner_4.207.exe, version: 4.2.0.7, time stamp: 0x5586fc79
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x74b14f5d
Faulting process id: 0x4cc
Faulting application start time: 0xadwcleaner_4.207.exe0
Faulting application path: adwcleaner_4.207.exe1
Faulting module path: adwcleaner_4.207.exe2
Report Id: adwcleaner_4.207.exe3
 
Error: (06/26/2015 05:49:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: adwcleaner_4.207.exe, version: 4.2.0.7, time stamp: 0x5586fc79
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x75384f5d
Faulting process id: 0x1838
Faulting application start time: 0xadwcleaner_4.207.exe0
Faulting application path: adwcleaner_4.207.exe1
Faulting module path: adwcleaner_4.207.exe2
Report Id: adwcleaner_4.207.exe3
 
 
System errors:
=============
Error: (06/29/2015 00:33:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (06/29/2015 00:26:11 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Software Protection service, but this action failed with the following error: 
%%1056
 
Error: (06/29/2015 00:24:41 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (06/29/2015 00:24:41 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: 
%%1056
 
Error: (06/29/2015 00:24:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (06/29/2015 00:24:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server (BWDATOOLSET) service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/29/2015 00:24:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/29/2015 00:24:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/29/2015 00:24:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/29/2015 00:24:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (06/29/2015 00:24:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: adwcleaner_4.207.exe4.2.0.75586fc79unknown0.0.0.000000000c000041d74a64f5d191c01d0b1add7b3aa78C:\Users\Andrew\Desktop\adwcleaner_4.207.exeunknown57f376b3-1da1-11e5-b8e0-e0b9a52e14b6
 
Error: (06/29/2015 00:24:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce7a144RTSUltraMonHook.dll_unloaded0.0.0.050d64abbc000000500000000645a7f8491001d0b1adcbc26e8aC:\Windows\Explorer.EXERTSUltraMonHook.dll57f3150a-1da1-11e5-b8e0-e0b9a52e14b6
 
Error: (06/28/2015 05:18:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CK2game.exe1.0.0.055793582CK2game.exe1.0.0.055793582c00000050010afcb285801d0b1044ee92ccdC:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exeC:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe4fff268f-1d01-11e5-819d-e0b9a52e14b6
 
Error: (06/28/2015 04:08:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CK2game.exe1.0.0.055793582unknown0.0.0.000000000c0000005a0019631226801d0b0e70315cbd0C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exeunknown8505f01e-1cf7-11e5-819d-e0b9a52e14b6
 
Error: (06/28/2015 00:38:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CK2game.exe1.0.0.055793582CK2game.exe1.0.0.055793582c00000050010afcb10ac01d0b0d05615c587C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exeC:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe3d818707-1cda-11e5-819d-e0b9a52e14b6
 
Error: (06/27/2015 09:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CK2game.exe1.0.0.055793582unknown0.0.0.000000000c0000005635c737719d801d0b0c1257c2e63C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exeunknown8da1d5a9-1cc3-11e5-819d-e0b9a52e14b6
 
Error: (06/27/2015 08:08:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SndVol.exe6.1.7601.17514be801d0b0bf5a7afc763C:\Windows\system32\SndVol.exe69f6fb00-1cb4-11e5-819d-e0b9a52e14b6
 
Error: (06/26/2015 09:35:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CK2game.exe1.0.0.055793582CK2game.exe1.0.0.055793582c00000050010afcb206801d0affd08c7ead5C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exeC:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe62ea6073-1bf7-11e5-b2ea-e0b9a52e14b6
 
Error: (06/26/2015 06:12:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: adwcleaner_4.207.exe4.2.0.75586fc79unknown0.0.0.000000000c000041d74b14f5d4cc01d0afe7bd9340b3C:\Users\Andrew\Desktop\adwcleaner_4.207.exeunknown185b2914-1bdb-11e5-b93b-e0b9a52e14b6
 
Error: (06/26/2015 05:49:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: adwcleaner_4.207.exe4.2.0.75586fc79unknown0.0.0.000000000c000041d75384f5d183801d0afe4226a5508C:\Users\Andrew\Desktop\adwcleaner_4.207.exeunknownd8764d3c-1bd7-11e5-a578-e0b9a52e14b6
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU X 990 @ 3.47GHz
Percentage of memory in use: 44%
Total physical RAM: 12279.11 MB
Available physical RAM: 6865.79 MB
Total Pagefile: 24556.43 MB
Available Pagefile: 18265.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:429.15 GB) (Free:165.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:142.93 GB) (Free:40.93 GB) NTFS
Drive e: (UUI) (Removable) (Total:28.83 GB) (Free:27.93 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 0001A101)
Partition 1: (Active) - (Size=953 MB) - (Type=83)
Partition 2: (Not Active) - (Size=236.6 GB) - (Type=05)
Partition 3: (Not Active) - (Size=142.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 2D5D67BE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=429.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 28.9 GB) (Disk ID: 37CA8B7C)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)
 
==================== End of log ============================

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 03 July 2015 - 12:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/581212 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 08 July 2015 - 12:25 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users