Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows cannot boot correctly, BSOD Error STOP: C0000135 The program can't start


  • This topic is locked This topic is locked
61 replies to this topic

#1 ptarafdar

ptarafdar

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 13 August 2015 - 06:43 PM

I attempted to start my computer this morning and I could not get past the windows logo. The monitor would go black and then I would be on a windows error screen asking me to do startup repair. When attempting this, I would be prompted to do a system restore which would give me the error "The instruction at 0xfba9584d referenced memory at 0x00000008. The memory could not be read." After being stuck in this loop of windows crashing for a while, I disabled windows restarting on crash and received the BSOD with the error message mentioned in the title. This is a similar problem to this post: "http://www.bleepingcomputer.com/forums/t/444580/stop-c0000135-the-program-cant-start-because-hs-is-missing-try-resintalling-the-program/." I scanned my disk with FRST from a flash drive and received this log. No addition.txt was created though. I have seen the missing file errors but want to know exactly what scripts to enter into the FRST tool to fix this issue. Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
Ran by SYSTEM on MININT-RIPUNJA (13-08-2015 18:09:42)
Running from e:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
 
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe /RUNONCE
HKU\owner\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\owner\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\owner\...\Run: [Spotify Web Helper] => C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-08-01] (Spotify Ltd)
HKU\owner\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\owner\...\Run: [Spotify] => C:\Users\owner\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-08-01] (Spotify Ltd)
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S2 ptservice; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [17816 2015-01-29] (OpenVPN Technologies, Inc)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2015-05-06] ()
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-05-06] ()
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-08] (Windows ® Win 7 DDK provider)
S3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
S3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
S3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 207BEEDFC2E357A4A27E99DEA0FBEDF3
C:\Windows\System32\DRIVERS\atikmpag.sys 50228D17A34A1E5CF93084A6AE70870B
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys C3D487827E48CC5EC17994FEC5BDFF87
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys 68726474C69B738EAC3A62E06B33ADDC
C:\Windows\system32\drivers\aswHwid.sys B5B4C90E9F52DA8586F1E5461AD90A5D
C:\Windows\system32\drivers\aswMonFlt.sys 300CB8E510855189CAD0B72FFB5590CB
C:\Windows\system32\drivers\aswRdr2.sys 6D37D8DB30D086739507C5F6E542656A
C:\Windows\System32\Drivers\aswRvrt.sys 07E32DFCA422A2920482D762D01957EC
C:\Windows\system32\drivers\aswSnx.sys 3B4AC2DBFC86F7247C1FF1FAF2860530
C:\Windows\system32\drivers\aswSP.sys A04F190FCD762E7BCC9BFC70563C52DB
C:\Windows\system32\drivers\aswStm.sys 6E53278ECCFFBC2ACC2A5006745ED4BB
C:\Windows\System32\Drivers\aswVmm.sys 91782404718C6352C26B3242BAC3F0F1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 0ACC06FCF46F64ED4F11E57EE461C1F4
C:\Windows\System32\drivers\AtihdW76.sys F270AFC3848C54C67E3BFB892CE9B9C6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C0A6C3D6E02B61B5D100FE17306C276F
C:\Windows\System32\Drivers\ksecpkg.sys 7A7328E427694CC7244235C3BC299F80
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys 1877EB1495CFBDAB27D6A32F6DDF3818
C:\Windows\System32\DRIVERS\mrxsmb10.sys 21AF322605D8C7F2A627C22634D1C9C9
C:\Windows\System32\DRIVERS\mrxsmb20.sys 45A03A0B6461EFBEE77E0A6AC2816EDA
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ptun0901.sys D8EB393983B644879DE0546122CC16DF
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\system32\drivers\rzpmgrk.sys 0C90E6CEA576095888E779E5BD9DD060
C:\Windows\system32\drivers\rzpnk.sys 288471F132C7249F598032D03575F083
C:\Windows\System32\drivers\RzSurroundVAD.sys 6F59DE8AD8A6946D9133550BA481E6AD
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfswin7.sys B2F21560016B3C200FC34F2BD13DE469
C:\Windows\System32\DRIVERS\Sftplaywin7.sys AD9449F3BF407DBD1742A465F2163847
C:\Windows\System32\DRIVERS\Sftredirwin7.sys 78A1496BA75C7D5700CECB77DDD291BB
C:\Windows\System32\DRIVERS\Sftvolwin7.sys DA674FD0164D64BD4980A619410D57E3
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-13 18:09 - 2015-08-13 18:09 - 00000000 ____D C:\FRST
2015-08-13 08:31 - 2015-08-13 08:31 - 00000000 __SHD C:\found.004
2015-08-11 04:21 - 2015-08-11 04:21 - 00010696 ____N C:\bootsqm.dat
2015-08-11 04:20 - 2015-08-11 04:20 - 00000000 __SHD C:\found.003
2015-08-09 04:15 - 2015-08-09 04:15 - 00005341 _____ C:\Users\owner\Downloads\PrimaryLock.zip
2015-08-07 20:59 - 2015-08-12 17:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-07 18:16 - 2015-05-09 23:27 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\System32\aswBoot.exe
2015-08-07 18:05 - 2015-08-07 18:05 - 00000000 __SHD C:\found.002
2015-08-07 04:19 - 2015-08-07 04:19 - 22833582 _____ C:\Users\owner\Downloads\Nightshade Armor - Natural BBP.7z
2015-08-07 04:18 - 2015-08-07 04:18 - 00892970 _____ C:\Users\owner\Downloads\Roughspun Tunic - Cleavage BBP.7z
2015-08-07 04:18 - 2015-08-07 04:18 - 00690228 _____ C:\Users\owner\Downloads\Skimpy Vampire Royal Armor - Cleavage BBP.7z
2015-08-07 04:17 - 2015-08-07 04:17 - 01825236 _____ C:\Users\owner\Downloads\Ancient Nord Armor SuperCleavage - Cleavage BBP.7z
2015-08-07 04:15 - 2015-08-07 04:15 - 09494845 _____ C:\Users\owner\Downloads\Fitness Outfit - Bombshell BBP.7z
2015-08-07 03:43 - 2015-08-07 05:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 22:32 - 2015-08-06 22:32 - 00144482 _____ C:\Users\owner\Downloads\Alternate Meadery Location-58357--.zip
2015-08-06 19:49 - 2015-08-06 19:49 - 00000222 _____ C:\Users\owner\Desktop\Fingerbones.url
2015-08-06 08:22 - 2015-08-06 08:24 - 101876490 _____ C:\Users\owner\Downloads\UNP main-45453-v2.7z
2015-08-06 08:12 - 2015-08-06 08:13 - 37487215 _____ C:\Users\owner\Downloads\standard.7z
2015-08-06 00:13 - 2015-08-06 00:13 - 01977867 _____ C:\Users\owner\Downloads\Switching hair bug fix by Dubhorizon-64473-1-0b.rar
2015-08-05 03:33 - 2015-08-05 03:33 - 00902027 _____ C:\Users\owner\Downloads\ICBINE 3-63839-3-0(1).rar
2015-08-04 04:03 - 2015-08-04 04:03 - 00348275 _____ C:\Users\owner\Downloads\hdtHighHeel_beta0_5-36213-beta0-5.7z
2015-08-04 04:01 - 2015-08-04 04:02 - 28943331 _____ C:\Users\owner\Downloads\NewlynaArmorMain-57369-0-8.7z
2015-08-03 20:07 - 2015-08-03 20:07 - 02361555 _____ C:\Users\owner\Downloads\enbseries_skyrim_v0279.zip
2015-08-03 15:48 - 2015-08-03 15:48 - 00110688 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2015-08-03 15:47 - 2015-08-03 15:47 - 00000000 ____D C:\Program Files\Java
2015-08-03 15:47 - 2015-08-03 15:47 - 00000000 _____ C:\Windows\System32\RENE03B.tmp
2015-08-03 13:49 - 2015-08-03 13:49 - 00014171 _____ C:\Users\owner\Downloads\ENBoost 5_0-38649-5-0.zip
2015-08-02 17:13 - 2015-08-02 19:54 - 743956849 _____ C:\Users\owner\Downloads\LegacyPack3 (2 of 4)-52248-V14Final.7z
2015-08-02 17:13 - 2015-08-02 19:52 - 743934935 _____ C:\Users\owner\Downloads\LegacyPack3 (1 of 4)-52248-V14Final.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 07445656 _____ C:\Users\owner\Downloads\Legacy BCS Compatibility patch collection V14-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00297776 _____ C:\Users\owner\Downloads\Immersive Weapons and Armor addons (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00160136 _____ C:\Users\owner\Downloads\Solitude Compatibility Patches (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00009760 _____ C:\Users\owner\Downloads\SkyRe Compatibility patch (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00005939 _____ C:\Users\owner\Downloads\Weapons and Armor Fixes Remade Patch (V14)-52248-2.7z
2015-08-02 15:55 - 2015-08-02 15:58 - 201963789 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 2 of 3-52248-V14Final.7z
2015-08-02 15:55 - 2015-08-02 15:56 - 58794654 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 1 of 4-52248-V14Final.7z
2015-08-02 00:26 - 2015-08-02 00:27 - 68157278 _____ C:\Users\owner\Downloads\CB++Tera_Collection-v-1.298.7z
2015-08-01 22:03 - 2015-08-01 22:03 - 00000000 ____D C:\Users\owner\AppData\Local\AMD
2015-08-01 22:03 - 2015-08-01 22:03 - 00000000 ____D C:\ProgramData\ATI
2015-08-01 22:02 - 2015-08-01 22:02 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201508020202552352.log
2015-08-01 04:46 - 2015-08-01 04:55 - 133901841 _____ C:\Users\owner\Downloads\EotW Mage Robes of Skyrim-50445-1-0.rar
2015-07-31 05:15 - 2015-07-31 05:15 - 21789814 _____ C:\Users\owner\Downloads\Skyforge Hotfix-24909-1-9.zip
2015-07-28 04:11 - 2015-07-28 04:11 - 00000000 _____ C:\Windows\System32\REN7B49.tmp
2015-07-28 00:07 - 2015-07-25 10:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-07-28 00:07 - 2015-07-25 10:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-07-28 00:07 - 2015-07-25 10:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-07-28 00:07 - 2015-07-25 09:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-07-27 21:55 - 2015-08-08 00:56 - 00000000 ____D C:\Users\owner\AppData\Local\Warframe
2015-07-27 20:43 - 2015-07-27 20:43 - 00000222 _____ C:\Users\owner\Desktop\Warframe.url
2015-07-27 16:10 - 2015-07-27 16:10 - 00003048 _____ C:\Windows\System32\Tasks\ScanToPCActivationApp.exe_{1570B940-9D24-44E3-A4F6-7671FC8FB875}
2015-07-27 16:08 - 2015-07-27 16:08 - 00003614 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 6830
2015-07-27 16:08 - 2015-07-27 16:08 - 00002200 _____ C:\Users\Public\Desktop\HP Officejet Pro 6830.lnk
2015-07-27 16:08 - 2015-07-27 16:08 - 00001152 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 6830.lnk
2015-07-27 16:08 - 2014-07-18 15:48 - 00763968 ____N (Hewlett-Packard Development Company, LP) C:\Windows\System32\HPDiscoPM7212.dll
2015-07-27 16:07 - 2015-07-27 16:09 - 00000000 ____D C:\Users\owner\AppData\Local\HP
2015-07-27 16:07 - 2015-07-27 16:07 - 00000057 _____ C:\ProgramData\Ament.ini
2015-07-27 16:04 - 2015-07-27 16:06 - 179306328 _____ C:\Users\owner\Downloads\OJ6830_73.exe
2015-07-27 16:04 - 2015-07-27 16:04 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-07-27 16:03 - 2015-07-27 16:09 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-07-27 16:02 - 2015-07-27 16:02 - 03748672 _____ (Oleg N. Scherbakov) C:\Users\owner\Downloads\HPSupportSolutionsFramework-12.0.26.exe
2015-07-27 11:32 - 2015-07-27 11:32 - 00000000 _____ C:\Windows\System32\REN90B2.tmp
2015-07-24 14:56 - 2015-07-24 14:56 - 00000000 _____ C:\Windows\System32\REN533E.tmp
2015-07-24 11:55 - 2015-06-26 15:27 - 00129472 _____ (Razer, Inc.) C:\Windows\System32\Drivers\rzpnk.sys
2015-07-24 11:52 - 2015-07-24 11:54 - 00001941 _____ C:\Users\owner\Desktop\Razer Synapse.lnk
2015-07-24 11:46 - 2015-07-24 11:46 - 22589448 _____ (Razer Inc.) C:\Users\owner\Downloads\1435565211rzrmodRazer_Synapse_Framework_V1.18.21.26599.exe
2015-07-24 05:43 - 2015-07-24 05:43 - 00001020 _____ C:\Users\owner\Desktop\SKSE.lnk
2015-07-24 04:48 - 2015-07-24 04:48 - 00000000 __SHD C:\found.001
2015-07-23 19:41 - 2015-07-23 19:41 - 00000000 _____ C:\Windows\System32\REN1871.tmp
2015-07-23 18:50 - 2015-07-23 18:50 - 00000144 _____ C:\Windows\System32\java-test.log
2015-07-22 22:42 - 2015-07-22 22:42 - 12339827 _____ C:\Users\owner\Downloads\forgeessentials-1.7.10-1.4.0-server.jar
2015-07-22 21:45 - 2015-07-22 21:46 - 216991474 _____ C:\Users\owner\Downloads\FTBInfinityServer(1).zip
2015-07-22 21:26 - 2015-07-22 21:26 - 00576163 _____ C:\Users\owner\Downloads\Ars Magica 2 Mod Installer 1.7.10.zip
2015-07-22 21:25 - 2015-07-22 21:25 - 02379383 _____ C:\Users\owner\Downloads\EquivalentExchange3-1.7.10-0.3.507.jar
2015-07-22 13:15 - 2015-07-22 13:15 - 37348448 _____ (Oracle Corporation) C:\Users\owner\Downloads\jre-8u51-windows-i586.exe
2015-07-22 00:23 - 2015-07-22 00:23 - 00000000 _____ C:\Windows\System32\REND1CF.tmp
2015-07-20 18:32 - 2015-07-20 18:32 - 00000000 _____ C:\Windows\System32\RENE136.tmp
2015-07-20 09:58 - 2015-07-20 09:58 - 28114017 _____ C:\Users\owner\Downloads\ReShade 0.19.0 Public Beta with Framework.7z
2015-07-20 07:43 - 2015-07-20 07:44 - 71024493 _____ C:\Users\owner\Downloads\Main-52906-V1.7z
2015-07-19 22:14 - 2015-07-19 22:14 - 00000000 _____ C:\Windows\System32\REN75DE.tmp
2015-07-19 11:17 - 2015-07-19 11:17 - 00887896 _____ (Microsoft Corporation) C:\Users\owner\Downloads\dotNetFx40_Client_setup.exe
2015-07-18 00:58 - 2015-07-18 00:58 - 05171262 _____ C:\Users\owner\Downloads\MCKING-NightMotherReplacer-56366-1-0.zip
2015-07-17 20:40 - 2015-07-17 20:40 - 00000000 _____ C:\Windows\System32\REN8110.tmp
2015-07-17 20:35 - 2015-07-17 20:35 - 24778718 _____ C:\Users\owner\Downloads\BetterDarkBrotherhood-25941-1-9.zip
2015-07-16 18:23 - 2015-07-16 18:23 - 00000000 _____ C:\Windows\System32\REN45A4.tmp
2015-07-15 22:34 - 2015-07-15 22:34 - 00000000 _____ C:\Windows\System32\RENDB6F.tmp
2015-07-15 22:05 - 2015-07-15 22:07 - 101896047 _____ C:\Users\owner\Downloads\Replacer-42398-v3.7z
2015-07-15 18:12 - 2015-07-15 18:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2015-07-15 18:09 - 2015-07-15 18:09 - 00297672 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdacpksd.sys
2015-07-15 18:06 - 2015-07-15 18:06 - 21622272 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2015-07-15 18:01 - 2015-07-15 18:01 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2015-07-15 18:01 - 2015-07-15 18:01 - 00235008 _____ C:\Windows\System32\clinfo.exe
2015-07-15 18:00 - 2015-07-15 18:00 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-15 17:59 - 2015-07-15 17:59 - 00065024 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2015-07-15 17:59 - 2015-07-15 17:59 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-15 17:58 - 2015-07-15 17:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl12cl64.dll
2015-07-15 17:57 - 2015-07-15 17:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdmantle64.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\mantle64.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-15 17:30 - 2015-07-15 17:30 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-15 17:28 - 2015-07-15 17:28 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2015-07-15 17:26 - 2015-07-15 17:26 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\mantleaxl64.dll
2015-07-15 17:26 - 2015-07-15 17:26 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-15 17:25 - 2015-07-15 17:25 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdmmcl6.dll
2015-07-15 17:25 - 2015-07-15 17:25 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-15 17:23 - 2015-07-15 17:23 - 03437632 _____ C:\Windows\System32\atiumd6a.cap
2015-07-15 17:22 - 2015-07-15 17:22 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00660912 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-15 17:21 - 2015-07-15 17:21 - 00660912 _____ C:\Windows\System32\atiapfxx.blb
2015-07-15 17:21 - 2015-07-15 17:21 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2015-07-15 17:21 - 2015-07-15 17:21 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-15 17:20 - 2015-07-15 17:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-15 17:18 - 2015-07-15 17:18 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-15 17:17 - 2015-07-15 17:17 - 00672768 _____ (AMD) C:\Windows\System32\atieclxx.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atidemgy.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00246784 _____ (AMD) C:\Windows\System32\atiesrxx.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00204800 _____ C:\Windows\System32\amdgfxinfo64.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00190976 _____ (AMD) C:\Windows\System32\atitmm64.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00160256 _____ C:\Windows\System32\atieah64.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00029696 _____ (AMD) C:\Windows\System32\atimuixx.dll
2015-07-15 17:14 - 2015-07-15 17:14 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2015-07-15 17:13 - 2015-07-15 17:13 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00865792 _____ (AMD) C:\Windows\System32\coinst_15.20.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00102912 _____ C:\Windows\System32\hsa-thunk64.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-15 02:20 - 2015-07-15 02:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\System32\DelayAPO.dll
2015-07-15 02:20 - 2015-07-15 02:20 - 00096256 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys
2015-07-14 19:22 - 2015-07-14 19:22 - 01004863 _____ C:\Users\owner\Downloads\Zoners High Performance ENB 2_34 SweetFX Version-26744-2-34.zip
2015-07-14 19:20 - 2015-07-14 19:20 - 02361935 _____ C:\Users\owner\Downloads\enbseries_skyrim_v0277.zip
2015-07-14 13:36 - 2015-06-09 10:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-07-14 13:35 - 2015-07-09 09:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-07-14 13:35 - 2015-07-09 09:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-07-14 13:35 - 2015-07-09 09:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-07-14 13:35 - 2015-07-09 09:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 13:35 - 2015-07-09 09:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 13:35 - 2015-07-09 09:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 13:35 - 2015-07-09 09:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 13:35 - 2015-07-09 09:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 13:35 - 2015-07-04 10:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-14 13:35 - 2015-07-04 09:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 13:35 - 2015-07-02 13:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 13:35 - 2015-07-02 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 13:35 - 2015-07-02 12:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 13:35 - 2015-07-02 12:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-07-14 13:35 - 2015-07-02 12:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 13:35 - 2015-07-02 12:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-07-14 13:35 - 2015-07-02 12:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-07-14 13:35 - 2015-07-02 12:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 13:35 - 2015-07-02 12:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-07-14 13:35 - 2015-07-02 11:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 13:35 - 2015-07-02 11:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-07-14 13:35 - 2015-07-02 10:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-07-14 13:35 - 2015-07-01 12:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-07-14 13:35 - 2015-07-01 12:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-07-14 13:35 - 2015-07-01 12:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-07-14 13:35 - 2015-07-01 12:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-07-14 13:35 - 2015-07-01 12:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2015-07-14 13:35 - 2015-07-01 12:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-07-14 13:35 - 2015-07-01 12:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-07-14 13:35 - 2015-07-01 12:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-07-14 13:35 - 2015-07-01 12:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-07-14 13:35 - 2015-07-01 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-07-14 13:35 - 2015-07-01 12:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 13:35 - 2015-07-01 12:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 13:35 - 2015-07-01 12:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 13:35 - 2015-07-01 12:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 13:35 - 2015-07-01 12:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 13:35 - 2015-07-01 12:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 13:35 - 2015-07-01 12:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 13:35 - 2015-07-01 12:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 13:35 - 2015-07-01 11:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-07-14 13:35 - 2015-07-01 11:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-07-14 13:35 - 2015-07-01 11:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-07-14 13:35 - 2015-06-26 18:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-07-14 13:35 - 2015-06-26 18:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-07-14 13:35 - 2015-06-26 17:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 13:35 - 2015-06-26 17:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 13:35 - 2015-06-25 10:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-07-14 13:35 - 2015-06-25 09:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 13:35 - 2015-06-25 00:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-07-14 13:35 - 2015-06-20 12:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-07-14 13:35 - 2015-06-20 11:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-07-14 13:35 - 2015-06-20 11:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-07-14 13:35 - 2015-06-20 11:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-07-14 13:35 - 2015-06-20 11:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-07-14 13:35 - 2015-06-20 11:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-07-14 13:35 - 2015-06-20 11:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-07-14 13:35 - 2015-06-20 11:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-07-14 13:35 - 2015-06-20 11:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-07-14 13:35 - 2015-06-20 11:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-07-14 13:35 - 2015-06-20 11:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-07-14 13:35 - 2015-06-20 11:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-07-14 13:35 - 2015-06-20 11:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-07-14 13:35 - 2015-06-20 11:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-07-14 13:35 - 2015-06-20 11:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-07-14 13:35 - 2015-06-20 11:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-07-14 13:35 - 2015-06-20 11:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-07-14 13:35 - 2015-06-20 10:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-07-14 13:35 - 2015-06-20 10:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-07-14 13:35 - 2015-06-20 10:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-07-14 13:35 - 2015-06-20 10:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-07-14 13:35 - 2015-06-20 10:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-07-14 13:35 - 2015-06-20 10:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-07-14 13:35 - 2015-06-19 10:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 13:35 - 2015-06-19 10:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 13:35 - 2015-06-19 10:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 13:35 - 2015-06-19 10:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 13:35 - 2015-06-19 10:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 13:35 - 2015-06-19 10:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 13:35 - 2015-06-19 10:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 13:35 - 2015-06-19 10:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 13:35 - 2015-06-19 10:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 13:35 - 2015-06-19 10:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 13:35 - 2015-06-19 09:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 13:35 - 2015-06-19 09:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 13:35 - 2015-06-19 09:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 13:35 - 2015-06-19 09:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 13:35 - 2015-06-19 09:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 13:35 - 2015-06-19 09:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 13:35 - 2015-06-19 09:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 13:35 - 2015-06-19 09:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 13:35 - 2015-06-19 09:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 13:35 - 2015-06-17 09:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-14 13:35 - 2015-06-17 09:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 13:35 - 2015-06-11 09:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-14 13:35 - 2015-06-11 09:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-14 13:35 - 2015-06-11 09:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-14 13:35 - 2015-06-11 09:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-07-14 13:35 - 2015-06-11 09:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2015-07-14 13:35 - 2015-06-11 09:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2015-07-14 13:35 - 2015-06-11 05:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2015-07-14 13:35 - 2015-06-09 10:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-07-14 13:35 - 2015-06-01 16:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\System32\cewmdm.dll
2015-07-14 13:35 - 2015-06-01 15:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 13:35 - 2015-04-27 11:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-07-14 13:35 - 2015-04-27 11:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-07-14 13:35 - 2015-04-27 11:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-07-14 13:35 - 2015-04-27 11:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2015-07-14 13:35 - 2015-04-27 11:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 13:35 - 2015-04-27 11:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 13:35 - 2015-04-27 11:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 13:35 - 2015-04-27 11:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 13:34 - 2015-06-15 13:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2015-07-14 13:34 - 2015-06-15 13:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-14 13:34 - 2015-06-15 13:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-14 13:34 - 2015-06-15 13:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2015-07-14 13:34 - 2015-06-15 13:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2015-07-14 13:34 - 2015-06-15 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-14 13:34 - 2015-06-15 13:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 13:34 - 2015-06-15 13:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 13:34 - 2015-06-15 13:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 13:34 - 2015-06-15 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 13:34 - 2015-06-15 13:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2015-07-14 13:34 - 2015-06-15 13:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-13 04:40 - 2015-04-25 12:51 - 200399584 _____ C:\Windows\MEMORY.DMP
2015-08-12 17:47 - 2015-04-14 13:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 17:47 - 2015-04-07 16:18 - 01203215 _____ C:\Windows\WindowsUpdate.log
2015-08-12 17:47 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-12 17:47 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 17:45 - 2015-06-28 05:07 - 00000000 ____D C:\Users\owner\AppData\Roaming\Spotify
2015-08-12 17:45 - 2015-04-09 04:38 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2015-08-12 17:41 - 2015-06-28 05:07 - 00000000 ____D C:\Users\owner\AppData\Local\Spotify
2015-08-12 17:39 - 2015-04-09 10:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-12 17:37 - 2015-04-09 10:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 17:28 - 2015-04-09 04:05 - 00072249 _____ C:\Windows\setupact.log
2015-08-12 17:28 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 15:12 - 2015-04-08 03:34 - 00000000 ____D C:\Windows\System32\MRT
2015-08-12 15:08 - 2015-04-08 03:34 - 132483416 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-12 15:06 - 2015-04-09 04:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-12 14:35 - 2015-04-20 13:06 - 00000000 ____D C:\Program Files (x86)\Mod Organizer
2015-08-12 06:47 - 2015-04-14 13:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 06:47 - 2015-04-14 13:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 06:47 - 2015-04-14 13:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 14:44 - 2015-04-09 10:12 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-10 07:07 - 2015-07-03 14:29 - 00000000 ____D C:\Users\owner\Desktop\Skyrim Mods
2015-08-09 13:09 - 2015-04-16 14:29 - 00000000 ____D C:\Users\owner\AppData\Local\osu!
2015-08-09 05:45 - 2009-07-13 21:13 - 00782228 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-09 04:16 - 2012-01-08 08:08 - 00024576 _____ (© 2011, AKDADEVIL (dispatched@gmx.net)) C:\Users\owner\Desktop\PrimaryLock.exe
2015-08-07 20:53 - 2015-04-09 04:05 - 00134908 _____ C:\Windows\PFRO.log
2015-08-07 18:17 - 2015-04-08 03:28 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-07 05:44 - 2015-04-08 03:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-02 18:39 - 2015-07-08 06:42 - 00007605 _____ C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2015-08-01 22:02 - 2015-04-12 19:11 - 00000000 ____D C:\Program Files\AMD
2015-08-01 22:01 - 2015-04-12 19:15 - 00000000 ____D C:\ProgramData\AMD
2015-08-01 21:59 - 2015-04-12 19:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-01 21:53 - 2015-04-12 19:07 - 00000000 ____D C:\AMD
2015-08-01 19:46 - 2015-05-20 18:01 - 00000000 ____D C:\Users\owner\Documents\The Witcher 3
2015-08-01 10:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2015-07-28 01:01 - 2015-04-08 04:18 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-28 00:39 - 2015-07-10 05:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 00:22 - 2015-04-07 17:06 - 00000000 ____D C:\Windows\Panther
2015-07-27 21:55 - 2015-04-09 06:07 - 00158138 _____ C:\Windows\DirectX.log
2015-07-27 20:28 - 2015-06-02 16:43 - 00000000 ____D C:\Users\owner\Desktop\Witcher 3 Mods
2015-07-27 16:08 - 2015-04-09 09:19 - 00000000 ____D C:\Program Files\HP
2015-07-27 16:08 - 2015-04-09 09:19 - 00000000 ____D C:\Program Files (x86)\HP
2015-07-27 16:08 - 2015-04-09 09:18 - 00000000 ____D C:\ProgramData\HP
2015-07-27 00:21 - 2009-07-13 21:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-25 01:33 - 2015-04-08 03:07 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-24 14:33 - 2009-07-13 20:45 - 00342400 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-24 13:29 - 2015-07-03 03:07 - 00000000 ____D C:\Program Files (x86)\LOOT
2015-07-24 13:28 - 2015-04-25 18:23 - 00000000 ____D C:\Users\owner\AppData\Local\LOOT
2015-07-24 13:26 - 2015-04-08 00:38 - 00076216 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-24 11:57 - 2015-06-25 03:12 - 00000000 ____D C:\Users\owner\AppData\Local\ftblauncher
2015-07-24 11:56 - 2015-06-25 03:12 - 00000000 ____D C:\ftb
2015-07-24 11:55 - 2015-04-26 12:37 - 00000000 ____D C:\ProgramData\Razer
2015-07-24 11:54 - 2015-04-26 12:37 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-24 11:47 - 2015-04-26 12:39 - 00000000 ____D C:\Users\owner\AppData\Local\Razer
2015-07-24 06:28 - 2015-06-25 04:10 - 00000000 ____D C:\Users\owner\Desktop\Servers
2015-07-23 18:49 - 2015-06-28 01:14 - 00000000 ____D C:\Users\owner\Desktop\Minecraft Mods
2015-07-22 18:08 - 2015-06-25 03:12 - 04731400 _____ () C:\Users\owner\Desktop\Technic Launcher.exe
2015-07-22 18:08 - 2015-06-25 03:12 - 00000000 ____D C:\Users\owner\AppData\Roaming\.technic
2015-07-22 13:29 - 2015-07-02 11:22 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-22 13:29 - 2015-04-08 03:20 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 13:28 - 2015-07-02 11:23 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-22 13:15 - 2015-07-05 10:42 - 43221600 _____ (Oracle Corporation) C:\Users\owner\Desktop\Java 64bit.exe
2015-07-16 10:11 - 2015-06-02 20:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 18:11 - 2011-04-20 01:09 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-15 18:11 - 2011-04-20 01:07 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2015-07-15 18:11 - 2011-04-20 00:49 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2015-07-15 18:11 - 2011-04-20 00:38 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-15 18:11 - 2011-04-20 00:30 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-15 18:11 - 2011-04-20 00:21 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2015-07-15 18:11 - 2011-04-20 00:21 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-15 14:34 - 2015-04-09 10:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 14:34 - 2015-04-09 10:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 01:42 - 2015-04-08 03:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 00:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-07-14 23:25 - 2015-04-08 04:18 - 00000000 ____D C:\Windows\System32\appraiser
2015-07-14 23:25 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
 
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\owner\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\owner\AppData\Local\Temp\APNSetup.exe
C:\Users\owner\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\owner\AppData\Local\Temp\ChangeIcon.exe
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\owner\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\owner\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\owner\AppData\Local\Temp\raptrpatch.exe
C:\Users\owner\AppData\Local\Temp\raptr_stub.exe
C:\Users\owner\AppData\Local\Temp\shutdown1432037330.exe
C:\Users\owner\AppData\Local\Temp\tmpC12C.exe
C:\Users\owner\AppData\Local\Temp\tmpCF11.exe
C:\Users\owner\AppData\Local\Temp\xmlUpdater.exe
C:\Users\owner\AppData\Local\Temp\__pythonRunner.dll
 
==================== Known DLLs (Whitelisted) =========================
 
C:\Windows\System32\kernel32.dll IS MISSING <==== ATTENTION
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION
C:\Windows\System32\SHELL32.dll IS MISSING <==== ATTENTION
C:\Windows\SysWOW64\SHELL32.dll IS MISSING <==== ATTENTION
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION
 
==================== Restore Points =========================
 
Restore point made on: 2015-08-07 18:12:34
Restore point made on: 2015-08-07 18:16:17
Restore point made on: 2015-08-11 04:31:20
Restore point made on: 2015-08-12 15:06:48
 
==================== Memory info =========================== 
 
Percentage of memory in use: 15%
Total physical RAM: 4078.12 MB
Available physical RAM: 3434.86 MB
Total Virtual: 4076.32 MB
Available Virtual: 3429.12 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:458.77 GB) NTFS
Drive e: (P-TARAFDAR) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7154C22A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
 
LastRegBack: 2015-08-13 09:24
 
==================== End of log ============================


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 12:14 PM

Greetings ptarafdar and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run the following for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-08-03 15:47 - 2015-08-03 15:47 - 00000000 _____ C:\Windows\System32\RENE03B.tmp
2015-07-28 04:11 - 2015-07-28 04:11 - 00000000 _____ C:\Windows\System32\REN7B49.tmp
2015-07-27 11:32 - 2015-07-27 11:32 - 00000000 _____ C:\Windows\System32\REN90B2.tmp
2015-07-24 14:56 - 2015-07-24 14:56 - 00000000 _____ C:\Windows\System32\REN533E.tmp
2015-07-23 19:41 - 2015-07-23 19:41 - 00000000 _____ C:\Windows\System32\REN1871.tmp
2015-07-22 00:23 - 2015-07-22 00:23 - 00000000 _____ C:\Windows\System32\REND1CF.tmp
2015-07-20 18:32 - 2015-07-20 18:32 - 00000000 _____ C:\Windows\System32\RENE136.tmp
2015-07-19 22:14 - 2015-07-19 22:14 - 00000000 _____ C:\Windows\System32\REN75DE.tmp
2015-07-17 20:40 - 2015-07-17 20:40 - 00000000 _____ C:\Windows\System32\REN8110.tmp
2015-07-16 18:23 - 2015-07-16 18:23 - 00000000 _____ C:\Windows\System32\REN45A4.tmp
2015-07-15 22:34 - 2015-07-15 22:34 - 00000000 _____ C:\Windows\System32\RENDB6F.tmp
C:\Users\owner\AppData\Local\Temp\shutdown1432037330.exe
C:\Users\owner\AppData\Local\Temp\tmpC12C.exe
C:\Users\owner\AppData\Local\Temp\tmpCF11.exe
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up), select Repair Your Computer, then select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt). Copy and paste that information in your reply.
  • Type the following in the Search Field
winsrv.dll;LPK.dll;kernel32.dll;SHELL32.dll
  • Click Search File(s) button
  • A Search.txt document will be saved to your USB device
  • Copy and paste the contents of that document your reply
  • Please attempt to boot your computer into Normal Mode or, if not, Safe Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Search.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 12:41 PM

Hello, Gary. Thanks for the quick reply. If you would prefer to call me by my first name, then call me Pritish. I have applied the fix using FRST and ran the search. I tried to launch the computer in safe mode, yet the same problem still persists with no visible change. Here are the resulting logs.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 13:26:57) Run:1
Running from e:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-08-03 15:47 - 2015-08-03 15:47 - 00000000 _____ C:\Windows\System32\RENE03B.tmp
2015-07-28 04:11 - 2015-07-28 04:11 - 00000000 _____ C:\Windows\System32\REN7B49.tmp
2015-07-27 11:32 - 2015-07-27 11:32 - 00000000 _____ C:\Windows\System32\REN90B2.tmp
2015-07-24 14:56 - 2015-07-24 14:56 - 00000000 _____ C:\Windows\System32\REN533E.tmp
2015-07-23 19:41 - 2015-07-23 19:41 - 00000000 _____ C:\Windows\System32\REN1871.tmp
2015-07-22 00:23 - 2015-07-22 00:23 - 00000000 _____ C:\Windows\System32\REND1CF.tmp
2015-07-20 18:32 - 2015-07-20 18:32 - 00000000 _____ C:\Windows\System32\RENE136.tmp
2015-07-19 22:14 - 2015-07-19 22:14 - 00000000 _____ C:\Windows\System32\REN75DE.tmp
2015-07-17 20:40 - 2015-07-17 20:40 - 00000000 _____ C:\Windows\System32\REN8110.tmp
2015-07-16 18:23 - 2015-07-16 18:23 - 00000000 _____ C:\Windows\System32\REN45A4.tmp
2015-07-15 22:34 - 2015-07-15 22:34 - 00000000 _____ C:\Windows\System32\RENDB6F.tmp
C:\Users\owner\AppData\Local\Temp\shutdown1432037330.exe
C:\Users\owner\AppData\Local\Temp\tmpC12C.exe
C:\Users\owner\AppData\Local\Temp\tmpCF11.exe
*****************

AxtuDrv => service removed successfully
xhunter1 => service removed successfully
C:\Windows\System32\RENE03B.tmp => moved successfully.
C:\Windows\System32\REN7B49.tmp => moved successfully.
C:\Windows\System32\REN90B2.tmp => moved successfully.
C:\Windows\System32\REN533E.tmp => moved successfully.
C:\Windows\System32\REN1871.tmp => moved successfully.
C:\Windows\System32\REND1CF.tmp => moved successfully.
C:\Windows\System32\RENE136.tmp => moved successfully.
C:\Windows\System32\REN75DE.tmp => moved successfully.
C:\Windows\System32\REN8110.tmp => moved successfully.
C:\Windows\System32\REN45A4.tmp => moved successfully.
C:\Windows\System32\RENDB6F.tmp => moved successfully.
C:\Users\owner\AppData\Local\Temp\shutdown1432037330.exe => moved successfully.
C:\Users\owner\AppData\Local\Temp\tmpC12C.exe => moved successfully.
C:\Users\owner\AppData\Local\Temp\tmpCF11.exe => moved successfully.

==== End of Fixlog 13:26:57 ====

 

Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 13:30:01)
Running from e:\
Boot Mode: Recovery

================== Search Files: "winsrv.dll;LPK.dll;kernel32.dll;SHELL32.dll" =============

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.23121_none_d51f6f927624eb30\shell32.dll
[2015-08-12 04:05][2015-07-10 09:35] 12878848 ____A (Microsoft Corporation) D68D0443043765F73842FD7E0A4565D3

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22969_none_d4fc582a763df543\shell32.dll
[2015-04-08 00:40][2015-02-12 21:01] 12878336 ____A (Microsoft Corporation) DEC1A1361B15C498701AD4DAFF0C5516

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22403_none_d5372c787612c3d0\shell32.dll
[2015-04-08 00:36][2013-07-25 17:56] 12874752 ____A (Microsoft Corporation) E571A5A3E55D497EA2C3BFD4A15DD8DA

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22269_none_d4fc4ae0763e0932\shell32.dll
[2015-04-08 00:42][2013-02-26 20:27] 12875776 ____A (Microsoft Corporation) 8BDBD0E038E53B13EB1CC39D712BEAA8

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.21890_none_d4d2faae765e4e3f\shell32.dll
[2015-04-08 00:41][2012-01-04 00:48] 12873728 ____A (Microsoft Corporation) 7F25B8EBDE5D470B79D9EFB144FB1A9A

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_d4a7cc975cf8ad94\shell32.dll
[2015-08-12 04:05][2015-07-10 09:34] 12875776 ____A (Microsoft Corporation) 4478348E3942AD9EED9AB263AFE7CD83

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18762_none_d46bb7735d26a6f1\shell32.dll
[2015-04-08 00:40][2015-02-12 21:26] 12875264 ____A (Microsoft Corporation) 340EECB781E6C06A6171B3068DA208AD

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18222_none_d496eda55d06456a\shell32.dll
[2015-04-08 00:36][2013-07-25 17:55] 12872704 ____A (Microsoft Corporation) E02781D4871844DCD30DF1D69A650F78

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18103_none_d4ad8be15cf529b8\shell32.dll
[2015-04-08 00:42][2013-02-26 20:55] 12872704 ____A (Microsoft Corporation) 565D78187494FB5F08B5A52DEB2AEA7A

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.17755_none_d4799f055d1bbd64\shell32.dll
[2015-04-08 00:41][2012-01-04 00:59] 12872704 ____A (Microsoft Corporation) 358FC25391C6733EAF49DB480AFDFD8C

C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.17514_none_d4a3da9f5cfc39fb\shell32.dll
[2010-11-20 19:24][2010-11-20 19:24] 12872192 ____A (Microsoft Corporation) 16AB4BD2ACC52109F43739BF0E89E18F

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_fcae5b7bba7820c3\kernel32.dll
[2015-08-12 04:06][2015-07-15 09:48] 1114112 ____A (Microsoft Corporation) 50159C0AEE9029D43B7E27022B6C0B37

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_fcb92b67ba7004d2\kernel32.dll
[2015-08-12 04:06][2015-07-14 18:58] 1114112 ____A (Microsoft Corporation) CA1A5EE549FE248BC127C1A5CAB72B70

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_fc7f18bdba9c2e04\kernel32.dll
[2015-06-09 10:45][2015-05-25 10:05] 1114112 ____A (Microsoft Corporation) 5EA4D6D52DB2679B8F9DE67A7F8BC41A

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_fca68a87ba7d8b92\kernel32.dll
[2015-06-09 10:45][2015-05-08 21:39] 1114112 ____A (Microsoft Corporation) FE8AA1F56E845C0A36C12D2F83243C4C

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23040_none_fc9d87edba85a783\kernel32.dll
[2015-05-18 12:14][2015-04-27 10:54] 1114112 ____A (Microsoft Corporation) B4E11856DF2535DF158D32DA7B780FDF

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_fccac831ba636a6d\kernel32.dll
[2015-04-14 12:06][2015-03-16 20:44] 1114112 ____A (Microsoft Corporation) 9FBA00AA15C45A2F1D26776193E543C1

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll
[2015-04-10 01:35][2014-04-11 18:05] 1114112 ____A (Microsoft Corporation) C8C41EBEE097FEB29FB816854D3AD1E7

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_fcc41b99ba67c103\kernel32.dll
[2015-04-08 00:35][2014-03-04 02:38] 1114112 ____A (Microsoft Corporation) 866696FBE24914047462E34812169954

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll
[2015-04-08 09:20][2015-04-08 09:20] 1114112 ____A (Microsoft Corporation) EE751CBD5D0C332FDF3DF7187B612416

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_fcbf165bba6c4802\kernel32.dll
[2015-04-08 00:40][2013-08-01 21:55] 1114112 ____A (Microsoft Corporation) 61579F821AB5FF7FA2966D64D1070BA8

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[2015-04-08 00:37][2012-11-29 20:57] 1114112 ____A (Microsoft Corporation) 9CC2571E3646B9A24296AD7ADCC71682

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
[2015-04-08 00:40][2012-10-04 08:36] 1114112 ____A (Microsoft Corporation) 5FA395364EE727E4BEE6B1406C207F98

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1114112 ____A (Microsoft Corporation) 305681B4B695D4A888B941965FFC2C17

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 0837632 ____A (Microsoft Corporation) CC5CBC069944E7EA70D8674478A70A37

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll
[2015-08-12 04:06][2015-07-15 09:53] 1114112 ____A (Microsoft Corporation) A38E10B4143A19F32D64517B6A1FCB98

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_fc2cb59ca154e5c1\kernel32.dll
[2015-08-12 04:06][2015-07-14 18:54] 1114112 ____A (Microsoft Corporation) C3856345C4FB053140237236D1146242

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_fc0775c2a16ff068\kernel32.dll
[2015-06-09 10:45][2015-05-25 09:59] 1114112 ____A (Microsoft Corporation) F81920ADB15012CF4E9FF8238C85686A

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_fc1b1506a16185d8\kernel32.dll
[2015-06-09 10:45][2015-05-08 19:12] 1114112 ____A (Microsoft Corporation) 84433E17027542D333861AB5615DCA2D

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18839_none_fc27e586a1579c95\kernel32.dll
[2015-05-18 12:14][2015-04-27 11:03] 1114112 ____A (Microsoft Corporation) 1569F20BB9DB9FDC87A6D3C8A3726ABF

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_fbe603cea1892dbd\kernel32.dll
[2015-04-14 12:06][2015-03-16 20:56] 1114112 ____A (Microsoft Corporation) 99DE8BADC0E85C9AB4A8301A3723FFEA

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll
[2015-04-08 00:35][2014-03-04 01:16] 1114112 ____A (Microsoft Corporation) 76161B9D78A275F8F28DD67436013110

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_fc32aa0ea14f91ba\kernel32.dll
[2015-04-08 00:40][2013-08-01 17:50] 1114112 ____A (Microsoft Corporation) 365A5034093AD9E04F433046C4CDF6AB

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[2015-04-08 09:20][2015-04-08 09:20] 1114112 ____A (Microsoft Corporation) AC0B6F41882FC6ED186962D770EBF1D2

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
[2015-04-08 00:40][2012-10-04 08:47] 1114112 ____A (Microsoft Corporation) D4F3176082566CEFA633B4945802D4C4

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1114112 ____A (Microsoft Corporation) 9B98D47916EAD4F69EF51B56B0C2323C

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 0837632 ____A (Microsoft Corporation) 166116134C58DC36400DE59ACD64FB39

C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
[2010-11-20 19:24][2010-11-20 19:24] 0837632 ____A (Microsoft Corporation) E80758CF485DB142FCA1EE03A34EAD05

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_12bbbfa4beb85d57\lpk.dll
[2015-08-12 04:05][2015-07-30 09:53] 0025600 ____A (Microsoft Corporation) FFE0FA7543E1B9B37352710BC8B9121C

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23126_none_12ce5e9ebeaad970\lpk.dll
[2015-07-20 11:21][2015-07-14 18:58] 0025600 ____A (Microsoft Corporation) 20503EB76CAE40D601ABD38FC1B2CDCF

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23117_none_12da2ed4bea1d6d6\lpk.dll
[2015-07-14 13:34][2015-07-03 09:46] 0025600 ____A (Microsoft Corporation) E6BD42B2ACD11455768A4DDA38CED674

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22974_none_12967466bed5020e\lpk.dll
[2015-04-08 00:42][2015-02-19 21:14] 0025600 ____A (Microsoft Corporation) 7B1CABC4896210612AE600238E59CF15

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll
[2015-08-12 04:05][2015-07-30 09:55] 0025600 ____A (Microsoft Corporation) 9E2F12744DD9810961031C56FBB691F4

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18923_none_1241e8d3a58fba5f\lpk.dll
[2015-07-20 11:21][2015-07-14 18:54] 0025600 ____A (Microsoft Corporation) D80ECB18D64AE3C2A9D8220ABEBCE40A

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18914_none_124db909a586b7c5\lpk.dll
[2015-07-14 13:34][2015-07-03 09:55] 0025600 ____A (Microsoft Corporation) 4644A3B2AFDDAEA57C3EC30F8D079E54

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18768_none_121ba6c9a5abae88\lpk.dll
[2015-04-08 00:42][2015-02-19 20:12] 0025600 ____A (Microsoft Corporation) 01D9C9A70323BC7E5835B92442DD7EC2

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
[2009-07-13 15:25][2009-07-13 17:11] 0025600 ____A (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23136_none_151a628acc210bc5\winsrv.dll
[2015-08-12 04:06][2015-07-15 10:09] 0215552 ____A (Microsoft Corporation) 9EF75B9438147AAD6A6899F76FB8B4E3

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23126_none_15253276cc18efd4\winsrv.dll
[2015-08-12 04:06][2015-07-14 19:20] 0215552 ____A (Microsoft Corporation) 3E19966F2F720A4DF6C1F2F0D483DC81

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23072_none_14eb1fcccc451906\winsrv.dll
[2015-06-09 10:45][2015-05-25 10:22] 0215552 ____A (Microsoft Corporation) 7B3C10D38F84D2D534E1565A8B17018C

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23049_none_15129196cc267694\winsrv.dll
[2015-06-09 10:45][2015-05-08 22:06] 0215552 ____A (Microsoft Corporation) BAF5556F265959AA29F6D06A7C1C816D

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23040_none_15098efccc2e9285\winsrv.dll
[2015-05-18 12:14][2015-04-27 11:17] 0215552 ____A (Microsoft Corporation) 4A7726EC105064BB6614A402F25D3913

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.23002_none_1536cf40cc0c556f\winsrv.dll
[2015-04-14 12:06][2015-03-16 21:12] 0215552 ____A (Microsoft Corporation) C05095F6593579EA61C5E99FD264D602

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22653_none_1501e21acc33cfc4\winsrv.dll
[2015-04-10 01:35][2014-04-11 18:32] 0215552 ____A (Microsoft Corporation) BDADDE9AD8DD2BF67426C23A8874D776

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22616_none_153022a8cc10ac05\winsrv.dll
[2015-04-08 00:35][2014-03-04 03:08] 0215552 ____A (Microsoft Corporation) 9A1BEE89214174AC2862344670C42B5A

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22436_none_151a7f04cc20e999\winsrv.dll
[2015-04-08 09:20][2015-04-08 09:20] 0215040 ____A (Microsoft Corporation) 516D82106CAFAE156C61C5AB627A6409

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22411_none_152b1d6acc153304\winsrv.dll
[2015-04-08 00:40][2013-08-01 22:23] 0215040 ____A (Microsoft Corporation) 99AACC82C6B8A8E976CA59CFD3C322EF

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2015-04-08 00:37][2012-11-29 21:55] 0215040 ____A (Microsoft Corporation) C2B1F6196C7FE1EA1BF827312B095D06

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2015-04-08 00:40][2012-10-04 09:43] 0215040 ____A (Microsoft Corporation) CC44EBC3E04E76AABE19EB4A16663E4A

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2015-04-08 09:18][2015-04-08 09:18] 0215040 ____A (Microsoft Corporation) 111AFE35DD2D423EE8E176CA7B2BBDC7

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2015-04-08 09:18][2015-04-08 09:18] 0214528 ____A (Microsoft Corporation) 5AA1C7B5F471C4657BE38447BC397665

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18933_none_148decbfb305ecb4\winsrv.dll
[2015-08-12 04:06][2015-07-15 10:11] 0215040 ____A (Microsoft Corporation) E80CA72FA43BF258E72C408CEF9839BE

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18923_none_1498bcabb2fdd0c3\winsrv.dll
[2015-08-12 04:06][2015-07-14 19:20] 0215040 ____A (Microsoft Corporation) C5A10C9C75F8A51AD20ED0E2EC4C82A4

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18869_none_14737cd1b318db6a\winsrv.dll
[2015-06-09 10:45][2015-05-25 10:19] 0215040 ____A (Microsoft Corporation) 2313AF8D5A9CEB4A55400A01DD311A95

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18847_none_14871c15b30a70da\winsrv.dll
[2015-06-09 10:45][2015-05-08 19:27] 0215040 ____A (Microsoft Corporation) A171AC55EE4B4EE35C18EF0977017A72

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18839_none_1493ec95b3008797\winsrv.dll
[2015-05-18 12:14][2015-04-27 11:23] 0215040 ____A (Microsoft Corporation) D17DD01601460F5899E5C154B3FD0BFA

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18798_none_14520addb33218bf\winsrv.dll
[2015-04-14 12:06][2015-03-16 21:16] 0215040 ____A (Microsoft Corporation) EA32F4EA3AE06EDD122FBCD5A489E457

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18229_none_149eb11db2f87cbc\winsrv.dll
[2015-04-08 00:35][2013-08-01 18:14] 0215040 ____A (Microsoft Corporation) 88EDD0B34EED542745931E581AD21A32

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2015-04-08 09:20][2015-04-08 09:20] 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2015-04-08 00:37][2012-11-29 21:45] 0215040 ____A (Microsoft Corporation) 9E479C2B605C25DA4971ABA36250FAEF

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2015-04-08 00:40][2012-10-04 09:45] 0215040 ____A (Microsoft Corporation) 72CC564BBC70DE268784BCE91EB8A28F

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll
[2015-04-08 09:18][2015-04-08 09:18] 0215040 ____A (Microsoft Corporation) F46BBAAC1C4980F4D0DD463F190A42D3

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2015-04-08 09:18][2015-04-08 09:18] 0214528 ____A (Microsoft Corporation) 9F761CE1C6C013120B2F0DB27D48C06F

C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2010-11-20 19:24][2010-11-20 19:24] 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.23121_none_cacac54041c42935\shell32.dll
[2015-08-12 04:05][2015-07-10 10:04] 14183424 ____A (Microsoft Corporation) 4D756D5E5A58148313957F24F03DE132

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22969_none_caa7add841dd3348\shell32.dll
[2015-04-08 00:40][2015-02-12 21:13] 14182912 ____A (Microsoft Corporation) 18FE97E14B8199C8430D22DBBC75E156

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22403_none_cae2822641b201d5\shell32.dll
[2015-04-08 00:36][2013-07-25 18:24] 14176256 ____A (Microsoft Corporation) 65F24C34040D1D73E819E8F83EC385F9

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.22269_none_caa7a08e41dd4737\shell32.dll
[2015-04-08 00:42][2013-02-26 21:23] 14176768 ____A (Microsoft Corporation) A95798CD164D7B49B2B45F24E2C034CF

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.21890_none_ca7e505c41fd8c44\shell32.dll
[2015-04-08 00:41][2012-01-04 01:52] 14173184 ____A (Microsoft Corporation) C4BC46BC14AC1F285D199BEEBE366F2E

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_ca5322452897eb99\shell32.dll
[2015-08-12 04:05][2015-07-10 09:51] 14177280 ____A (Microsoft Corporation) 733BC760342A816D3B5A8CE2C7EF1D92

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18762_none_ca170d2128c5e4f6\shell32.dll
[2015-04-08 00:40][2015-02-12 21:22] 14177280 ____A (Microsoft Corporation) 01F9FEB7F0C84EA1AC6A9B4D7C6B0435

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18222_none_ca42435328a5836f\shell32.dll
[2015-04-08 00:36][2013-07-25 18:24] 14172672 ____A (Microsoft Corporation) AD662B34B161198B9D66A564EDDA7D43

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18103_none_ca58e18f289467bd\shell32.dll
[2015-04-08 00:42][2013-02-26 21:52] 14172672 ____A (Microsoft Corporation) 1BFC94665BCA35F9001ADC7BFB167C63

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.17755_none_ca24f4b328bafb69\shell32.dll
[2015-04-08 00:41][2012-01-04 02:44] 14172672 ____A (Microsoft Corporation) 0E35B943F6583380981C69CCB97A56D2

C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.17514_none_ca4f304d289b7800\shell32.dll
[2010-11-20 19:23][2010-11-20 19:23] 14174208 ____A (Microsoft Corporation) 26E716ED95DC48CF6E5AC046089366AF

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_f259b12986175ec8\kernel32.dll
[2015-08-12 04:06][2015-07-15 10:09] 1164288 ____A (Microsoft Corporation) A3A71E4BEE2BA121C969B39AD1EB30FC

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_f2648115860f42d7\kernel32.dll
[2015-08-12 04:06][2015-07-14 19:20] 1164288 ____A (Microsoft Corporation) 093861BB2A36B95CE824683714737CAD

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_f22a6e6b863b6c09\kernel32.dll
[2015-06-09 10:45][2015-05-25 10:22] 1163776 ____A (Microsoft Corporation) 3A2E4CB43CC4AE0195F686146ADCAD3D

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23049_none_f251e035861cc997\kernel32.dll
[2015-06-09 10:45][2015-05-08 22:05] 1163776 ____A (Microsoft Corporation) B4E1D3B522A9FD13581A1880A13E68E7

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23040_none_f248dd9b8624e588\kernel32.dll
[2015-05-18 12:14][2015-04-27 11:17] 1163776 ____A (Microsoft Corporation) 2A782D0DD0C53C8B0A0A2318EBBCEC5D

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_f2761ddf8602a872\kernel32.dll
[2015-04-14 12:06][2015-03-16 21:11] 1164800 ____A (Microsoft Corporation) 36F241A637A424A75C98926189115502

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll
[2015-04-10 01:35][2014-04-11 18:32] 1164800 ____A (Microsoft Corporation) 77BBBF70BCE286CD19E1E68F248363FA

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_f26f71478606ff08\kernel32.dll
[2015-04-08 00:35][2014-03-04 03:08] 1164800 ____A (Microsoft Corporation) 52E77DC8E31C89FBB1E968699C8121C5

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll
[2015-04-08 09:20][2015-04-08 09:20] 1162240 ____A (Microsoft Corporation) 786D234A90FCAC72633AE6FC52653A49

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_f26a6c09860b8607\kernel32.dll
[2015-04-08 00:40][2013-08-01 22:22] 1162240 ____A (Microsoft Corporation) C525D51A79B01342344F02E38866CF60

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[2015-04-08 00:37][2012-11-29 21:52] 1163264 ____A (Microsoft Corporation) B3BEA6420D482356E53B7C728E05C637

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
[2015-04-08 00:40][2012-10-04 09:37] 1162240 ____A (Microsoft Corporation) F3C594D0DA3ACFA6C7B781A490AB4282

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1163264 ____A (Microsoft Corporation) 624B34180C79D67C470C155DB81FFB8E

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1163264 ____A (Microsoft Corporation) 6743E8705A96FCBF71279B5AE2CCFDBC

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll
[2015-08-12 04:06][2015-07-15 10:10] 1163264 ____A (Microsoft Corporation) 72585BDAF2EC5237EBD71D540657D6A2

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_f1d80b4a6cf423c6\kernel32.dll
[2015-08-12 04:06][2015-07-14 19:19] 1163264 ____A (Microsoft Corporation) 9D0A88DF1CCB89596DDB876093CD16A4

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_f1b2cb706d0f2e6d\kernel32.dll
[2015-06-09 10:45][2015-05-25 10:19] 1162752 ____A (Microsoft Corporation) 6FDF03A3B110C5264F52F979335AE301

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18847_none_f1c66ab46d00c3dd\kernel32.dll
[2015-06-09 10:45][2015-05-08 19:26] 1162752 ____A (Microsoft Corporation) 6AA0DD89D7A90033FC3111CC83187C1D

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18839_none_f1d33b346cf6da9a\kernel32.dll
[2015-05-18 12:14][2015-04-27 11:23] 1162752 ____A (Microsoft Corporation) 1C9F2F4A2C603739BD8CC8C64310AFD7

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_f191597c6d286bc2\kernel32.dll
[2015-04-14 12:06][2015-03-16 21:16] 1163264 ____A (Microsoft Corporation) E75074EFBE3C24FBC95C7C1985E08FDE

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll
[2015-04-08 00:35][2014-03-04 01:44] 1163264 ____A (Microsoft Corporation) D2A513EE880D71BDE7F0257F38B9D019

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_f1ddffbc6ceecfbf\kernel32.dll
[2015-04-08 00:40][2013-08-01 18:13] 1161216 ____A (Microsoft Corporation) D8973E71F1B35CD3F3DEA7C12D49D0F0

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[2015-04-08 09:20][2015-04-08 09:20] 1161216 ____A (Microsoft Corporation) 65C113214F7B05820F6D8A65B1485196

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
[2015-04-08 00:40][2012-10-04 09:41] 1161216 ____A (Microsoft Corporation) 1DC3504CA4C57900F1557E9A3F01D272

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1162240 ____A (Microsoft Corporation) EAF41CFBA5281834CBC383C710AC7965

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll
[2015-04-08 09:18][2015-04-08 09:18] 1162752 ____A (Microsoft Corporation) 0E1B2E16235AA7F89F064EE75DFC905E

C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[2010-11-20 19:24][2010-11-20 19:24] 1161216 ____A (Microsoft Corporation) 7A6326D96D53048FDEC542DF23D875A0

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_086715528a579b5c\lpk.dll
[2015-08-12 04:05][2015-07-30 10:22] 0041984 ____A (Microsoft Corporation) 6399191EEE641F711E094B95B91DBA4B

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23126_none_0879b44c8a4a1775\lpk.dll
[2015-07-20 11:21][2015-07-14 19:20] 0041984 ____A (Microsoft Corporation) 7F55FE319EF06C1986B994A3E86C52B4

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23117_none_088584828a4114db\lpk.dll
[2015-07-14 13:34][2015-07-03 10:13] 0041984 ____A (Microsoft Corporation) 2F518A6C7BE454C9A60880281F9BEAAA

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22974_none_0841ca148a744013\lpk.dll
[2015-04-08 00:42][2015-02-19 21:25] 0041984 ____A (Microsoft Corporation) DEEE064A330560593BBED835F591F0A5

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll
[2015-08-12 04:05][2015-07-30 10:06] 0041984 ____A (Microsoft Corporation) 0365E7AED8A38CB5FFF1DFB4458C0593

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18923_none_07ed3e81712ef864\lpk.dll
[2015-07-20 11:21][2015-07-14 19:19] 0041984 ____A (Microsoft Corporation) D57C03D365BC71C7A30504644515F3F8

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18914_none_07f90eb77125f5ca\lpk.dll
[2015-07-14 13:34][2015-07-03 10:05] 0041984 ____A (Microsoft Corporation) 373CB9C184589E3BE07412DFD5DF3D4F

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18768_none_07c6fc77714aec8d\lpk.dll
[2015-04-08 00:42][2015-02-19 20:41] 0041984 ____A (Microsoft Corporation) F351B0E520502552734BE70AA5940784

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[2009-07-13 15:38][2009-07-13 17:41] 0041984 ____A (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\SysWOW64\kernel32.dll
[2015-06-09 10:45][2015-05-25 09:59] 1114112 ____A (Microsoft Corporation) F81920ADB15012CF4E9FF8238C85686A

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-winsrv_31bf3856ad364e35_10.0.10240.16384_none_be7f08513702804f\winsrv.dll
[2015-07-10 02:30][2015-07-10 02:30] 0179712 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-shell32_31bf3856ad364e35_10.0.10240.16384_none_74299c8caca93863\shell32.dll
[2015-07-10 02:30][2015-07-10 02:30] 22333488 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.10240.16384_none_9bbe56eff0f8d352\kernel32.dll
[2015-07-10 02:30][2015-07-10 02:30] 0702512 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_10.0.10240.16384_none_b1d38a26f533a7f0\lpk.dll
[2015-07-10 02:30][2015-07-10 02:30] 0003072 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\kernel32.dll
[2015-07-10 02:30][2015-07-10 02:30] 0702512 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\lpk.dll
[2015-07-10 02:30][2015-07-10 02:30] 0003072 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\shell32.dll
[2015-07-10 02:30][2015-07-10 02:30] 22333488 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\winsrv.dll
[2015-07-10 02:30][2015-07-10 02:30] 0179712 ___AL () D41D8CD98F00B204E9800998ECF8427E

X:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2010-11-20 01:50][2010-11-20 05:27] 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689

X:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.17514_none_ca4f304d289b7800\shell32.dll
[2010-11-20 02:34][2010-11-20 05:27] 14174208 ____A (Microsoft Corporation) 26E716ED95DC48CF6E5AC046089366AF

X:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[2010-11-20 01:33][2010-11-20 05:26] 1161216 ____A (Microsoft Corporation) 7A6326D96D53048FDEC542DF23D875A0

X:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[2010-11-20 01:50][2009-07-13 17:41] 0041984 ____A (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

X:\Windows\System32\kernel32.dll
[2010-11-20 01:33][2010-11-20 05:26] 1161216 ____A (Microsoft Corporation) 7A6326D96D53048FDEC542DF23D875A0

X:\Windows\System32\lpk.dll
[2010-11-20 01:50][2009-07-13 17:41] 0041984 ____A (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

X:\Windows\System32\shell32.dll
[2010-11-20 02:34][2010-11-20 05:27] 14174208 ____A (Microsoft Corporation) 26E716ED95DC48CF6E5AC046089366AF

X:\Windows\System32\winsrv.dll
[2010-11-20 01:50][2010-11-20 05:27] 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689

====== End of Search ======



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 01:10 PM

Greetings Pritish and thank you for your quick reply as well.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_ca5322452897eb99\shell32.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_d4a7cc975cf8ad94\shell32.dll C:\Windows\SysWOW64\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll C:\Windows\SysWOW64\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18933_none_148decbfb305ecb4\winsrv.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll C:\Windows\SysWOW64\
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up), select Repair Your Computer, then select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt). Copy and paste that information in your reply.
  • Please attempt to boot your computer into Normal Mode or, if not, Safe Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Does your computer boot?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 01:19 PM

So I applied the fixes once again, yet the computer still just seems to crash and restart with the same blue screen error (in safe mode as well). Here is the fixlog.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 14:14:05) Run:2
Running from e:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_ca5322452897eb99\shell32.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_d4a7cc975cf8ad94\shell32.dll C:\Windows\SysWOW64\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll C:\Windows\SysWOW64\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18933_none_148decbfb305ecb4\winsrv.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll C:\Windows\System32\
cmd: copy /y C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll C:\Windows\SysWOW64\
*****************


=========  copy /y C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_ca5322452897eb99\shell32.dll C:\Windows\System32\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7601.18918_none_d4a7cc975cf8ad94\shell32.dll C:\Windows\SysWOW64\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll C:\Windows\System32\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll C:\Windows\SysWOW64\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18933_none_148decbfb305ecb4\winsrv.dll C:\Windows\System32\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll C:\Windows\System32\ =========

        1 file(s) copied.

========= End of CMD: =========


=========  copy /y C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll C:\Windows\SysWOW64\ =========

        1 file(s) copied.

========= End of CMD: =========


==== End of Fixlog 14:14:06 ====



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 01:41 PM

Please post a new FRST.txt.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 01:47 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
Ran by SYSTEM on MININT-3I8I392 (14-08-2015 14:46:12)
Running from e:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe /RUNONCE
HKU\owner\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\owner\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\owner\...\Run: [Spotify Web Helper] => C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-08-01] (Spotify Ltd)
HKU\owner\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\owner\...\Run: [Spotify] => C:\Users\owner\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-08-01] (Spotify Ltd)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S2 ptservice; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [17816 2015-01-29] (OpenVPN Technologies, Inc)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2015-05-06] ()
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-05-06] ()
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-08] (Windows ® Win 7 DDK provider)
S3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
S3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
S3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 207BEEDFC2E357A4A27E99DEA0FBEDF3
C:\Windows\System32\DRIVERS\atikmpag.sys 50228D17A34A1E5CF93084A6AE70870B
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys C3D487827E48CC5EC17994FEC5BDFF87
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys 68726474C69B738EAC3A62E06B33ADDC
C:\Windows\system32\drivers\aswHwid.sys B5B4C90E9F52DA8586F1E5461AD90A5D
C:\Windows\system32\drivers\aswMonFlt.sys 300CB8E510855189CAD0B72FFB5590CB
C:\Windows\system32\drivers\aswRdr2.sys 6D37D8DB30D086739507C5F6E542656A
C:\Windows\System32\Drivers\aswRvrt.sys 07E32DFCA422A2920482D762D01957EC
C:\Windows\system32\drivers\aswSnx.sys 3B4AC2DBFC86F7247C1FF1FAF2860530
C:\Windows\system32\drivers\aswSP.sys A04F190FCD762E7BCC9BFC70563C52DB
C:\Windows\system32\drivers\aswStm.sys 6E53278ECCFFBC2ACC2A5006745ED4BB
C:\Windows\System32\Drivers\aswVmm.sys 91782404718C6352C26B3242BAC3F0F1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 0ACC06FCF46F64ED4F11E57EE461C1F4
C:\Windows\System32\drivers\AtihdW76.sys F270AFC3848C54C67E3BFB892CE9B9C6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C0A6C3D6E02B61B5D100FE17306C276F
C:\Windows\System32\Drivers\ksecpkg.sys 7A7328E427694CC7244235C3BC299F80
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys 1877EB1495CFBDAB27D6A32F6DDF3818
C:\Windows\System32\DRIVERS\mrxsmb10.sys 21AF322605D8C7F2A627C22634D1C9C9
C:\Windows\System32\DRIVERS\mrxsmb20.sys 45A03A0B6461EFBEE77E0A6AC2816EDA
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ptun0901.sys D8EB393983B644879DE0546122CC16DF
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\system32\drivers\rzpmgrk.sys 0C90E6CEA576095888E779E5BD9DD060
C:\Windows\system32\drivers\rzpnk.sys 288471F132C7249F598032D03575F083
C:\Windows\System32\drivers\RzSurroundVAD.sys 6F59DE8AD8A6946D9133550BA481E6AD
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfswin7.sys B2F21560016B3C200FC34F2BD13DE469
C:\Windows\System32\DRIVERS\Sftplaywin7.sys AD9449F3BF407DBD1742A465F2163847
C:\Windows\System32\DRIVERS\Sftredirwin7.sys 78A1496BA75C7D5700CECB77DDD291BB
C:\Windows\System32\DRIVERS\Sftvolwin7.sys DA674FD0164D64BD4980A619410D57E3
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-14 14:14 - 2015-07-30 10:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-08-14 14:14 - 2015-07-30 09:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-14 14:14 - 2015-07-15 10:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2015-08-14 14:14 - 2015-07-15 10:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2015-08-14 14:14 - 2015-07-10 09:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-08-14 14:14 - 2015-07-10 09:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-13 18:09 - 2015-08-14 14:46 - 00000000 ____D C:\FRST
2015-08-13 08:31 - 2015-08-13 08:31 - 00000000 __SHD C:\found.004
2015-08-11 04:21 - 2015-08-11 04:21 - 00010696 ____N C:\bootsqm.dat
2015-08-11 04:20 - 2015-08-11 04:20 - 00000000 __SHD C:\found.003
2015-08-09 04:15 - 2015-08-09 04:15 - 00005341 _____ C:\Users\owner\Downloads\PrimaryLock.zip
2015-08-07 20:59 - 2015-08-12 17:41 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-07 18:16 - 2015-05-09 23:27 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\System32\aswBoot.exe
2015-08-07 18:05 - 2015-08-07 18:05 - 00000000 __SHD C:\found.002
2015-08-07 04:19 - 2015-08-07 04:19 - 22833582 _____ C:\Users\owner\Downloads\Nightshade Armor - Natural BBP.7z
2015-08-07 04:18 - 2015-08-07 04:18 - 00892970 _____ C:\Users\owner\Downloads\Roughspun Tunic - Cleavage BBP.7z
2015-08-07 04:18 - 2015-08-07 04:18 - 00690228 _____ C:\Users\owner\Downloads\Skimpy Vampire Royal Armor - Cleavage BBP.7z
2015-08-07 04:17 - 2015-08-07 04:17 - 01825236 _____ C:\Users\owner\Downloads\Ancient Nord Armor SuperCleavage - Cleavage BBP.7z
2015-08-07 04:15 - 2015-08-07 04:15 - 09494845 _____ C:\Users\owner\Downloads\Fitness Outfit - Bombshell BBP.7z
2015-08-07 03:43 - 2015-08-07 05:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 22:32 - 2015-08-06 22:32 - 00144482 _____ C:\Users\owner\Downloads\Alternate Meadery Location-58357--.zip
2015-08-06 19:49 - 2015-08-06 19:49 - 00000222 _____ C:\Users\owner\Desktop\Fingerbones.url
2015-08-06 08:22 - 2015-08-06 08:24 - 101876490 _____ C:\Users\owner\Downloads\UNP main-45453-v2.7z
2015-08-06 08:12 - 2015-08-06 08:13 - 37487215 _____ C:\Users\owner\Downloads\standard.7z
2015-08-06 00:13 - 2015-08-06 00:13 - 01977867 _____ C:\Users\owner\Downloads\Switching hair bug fix by Dubhorizon-64473-1-0b.rar
2015-08-05 03:33 - 2015-08-05 03:33 - 00902027 _____ C:\Users\owner\Downloads\ICBINE 3-63839-3-0(1).rar
2015-08-04 04:03 - 2015-08-04 04:03 - 00348275 _____ C:\Users\owner\Downloads\hdtHighHeel_beta0_5-36213-beta0-5.7z
2015-08-04 04:01 - 2015-08-04 04:02 - 28943331 _____ C:\Users\owner\Downloads\NewlynaArmorMain-57369-0-8.7z
2015-08-03 20:07 - 2015-08-03 20:07 - 02361555 _____ C:\Users\owner\Downloads\enbseries_skyrim_v0279.zip
2015-08-03 15:48 - 2015-08-03 15:48 - 00110688 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2015-08-03 15:47 - 2015-08-03 15:47 - 00000000 ____D C:\Program Files\Java
2015-08-03 13:49 - 2015-08-03 13:49 - 00014171 _____ C:\Users\owner\Downloads\ENBoost 5_0-38649-5-0.zip
2015-08-02 17:13 - 2015-08-02 19:54 - 743956849 _____ C:\Users\owner\Downloads\LegacyPack3 (2 of 4)-52248-V14Final.7z
2015-08-02 17:13 - 2015-08-02 19:52 - 743934935 _____ C:\Users\owner\Downloads\LegacyPack3 (1 of 4)-52248-V14Final.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 07445656 _____ C:\Users\owner\Downloads\Legacy BCS Compatibility patch collection V14-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00297776 _____ C:\Users\owner\Downloads\Immersive Weapons and Armor addons (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00160136 _____ C:\Users\owner\Downloads\Solitude Compatibility Patches (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00009760 _____ C:\Users\owner\Downloads\SkyRe Compatibility patch (V14)-52248-1.7z
2015-08-02 15:56 - 2015-08-02 15:56 - 00005939 _____ C:\Users\owner\Downloads\Weapons and Armor Fixes Remade Patch (V14)-52248-2.7z
2015-08-02 15:55 - 2015-08-02 15:58 - 201963789 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 2 of 3-52248-V14Final.7z
2015-08-02 15:55 - 2015-08-02 15:56 - 58794654 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 1 of 4-52248-V14Final.7z
2015-08-02 00:26 - 2015-08-02 00:27 - 68157278 _____ C:\Users\owner\Downloads\CB++Tera_Collection-v-1.298.7z
2015-08-01 22:03 - 2015-08-01 22:03 - 00000000 ____D C:\Users\owner\AppData\Local\AMD
2015-08-01 22:03 - 2015-08-01 22:03 - 00000000 ____D C:\ProgramData\ATI
2015-08-01 22:02 - 2015-08-01 22:02 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201508020202552352.log
2015-08-01 04:46 - 2015-08-01 04:55 - 133901841 _____ C:\Users\owner\Downloads\EotW Mage Robes of Skyrim-50445-1-0.rar
2015-07-31 05:15 - 2015-07-31 05:15 - 21789814 _____ C:\Users\owner\Downloads\Skyforge Hotfix-24909-1-9.zip
2015-07-28 00:07 - 2015-07-25 10:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-07-28 00:07 - 2015-07-25 10:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-07-28 00:07 - 2015-07-25 10:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-07-28 00:07 - 2015-07-25 10:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-07-28 00:07 - 2015-07-25 09:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-07-27 21:55 - 2015-08-08 00:56 - 00000000 ____D C:\Users\owner\AppData\Local\Warframe
2015-07-27 20:43 - 2015-07-27 20:43 - 00000222 _____ C:\Users\owner\Desktop\Warframe.url
2015-07-27 16:10 - 2015-07-27 16:10 - 00003048 _____ C:\Windows\System32\Tasks\ScanToPCActivationApp.exe_{1570B940-9D24-44E3-A4F6-7671FC8FB875}
2015-07-27 16:08 - 2015-07-27 16:08 - 00003614 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 6830
2015-07-27 16:08 - 2015-07-27 16:08 - 00002200 _____ C:\Users\Public\Desktop\HP Officejet Pro 6830.lnk
2015-07-27 16:08 - 2015-07-27 16:08 - 00001152 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 6830.lnk
2015-07-27 16:08 - 2014-07-18 15:48 - 00763968 ____N (Hewlett-Packard Development Company, LP) C:\Windows\System32\HPDiscoPM7212.dll
2015-07-27 16:07 - 2015-07-27 16:09 - 00000000 ____D C:\Users\owner\AppData\Local\HP
2015-07-27 16:07 - 2015-07-27 16:07 - 00000057 _____ C:\ProgramData\Ament.ini
2015-07-27 16:04 - 2015-07-27 16:06 - 179306328 _____ C:\Users\owner\Downloads\OJ6830_73.exe
2015-07-27 16:04 - 2015-07-27 16:04 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-07-27 16:03 - 2015-07-27 16:09 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-07-27 16:02 - 2015-07-27 16:02 - 03748672 _____ (Oleg N. Scherbakov) C:\Users\owner\Downloads\HPSupportSolutionsFramework-12.0.26.exe
2015-07-24 11:55 - 2015-06-26 15:27 - 00129472 _____ (Razer, Inc.) C:\Windows\System32\Drivers\rzpnk.sys
2015-07-24 11:52 - 2015-07-24 11:54 - 00001941 _____ C:\Users\owner\Desktop\Razer Synapse.lnk
2015-07-24 11:46 - 2015-07-24 11:46 - 22589448 _____ (Razer Inc.) C:\Users\owner\Downloads\1435565211rzrmodRazer_Synapse_Framework_V1.18.21.26599.exe
2015-07-24 05:43 - 2015-07-24 05:43 - 00001020 _____ C:\Users\owner\Desktop\SKSE.lnk
2015-07-24 04:48 - 2015-07-24 04:48 - 00000000 __SHD C:\found.001
2015-07-23 18:50 - 2015-07-23 18:50 - 00000144 _____ C:\Windows\System32\java-test.log
2015-07-22 22:42 - 2015-07-22 22:42 - 12339827 _____ C:\Users\owner\Downloads\forgeessentials-1.7.10-1.4.0-server.jar
2015-07-22 21:45 - 2015-07-22 21:46 - 216991474 _____ C:\Users\owner\Downloads\FTBInfinityServer(1).zip
2015-07-22 21:26 - 2015-07-22 21:26 - 00576163 _____ C:\Users\owner\Downloads\Ars Magica 2 Mod Installer 1.7.10.zip
2015-07-22 21:25 - 2015-07-22 21:25 - 02379383 _____ C:\Users\owner\Downloads\EquivalentExchange3-1.7.10-0.3.507.jar
2015-07-22 13:15 - 2015-07-22 13:15 - 37348448 _____ (Oracle Corporation) C:\Users\owner\Downloads\jre-8u51-windows-i586.exe
2015-07-20 09:58 - 2015-07-20 09:58 - 28114017 _____ C:\Users\owner\Downloads\ReShade 0.19.0 Public Beta with Framework.7z
2015-07-20 07:43 - 2015-07-20 07:44 - 71024493 _____ C:\Users\owner\Downloads\Main-52906-V1.7z
2015-07-19 11:17 - 2015-07-19 11:17 - 00887896 _____ (Microsoft Corporation) C:\Users\owner\Downloads\dotNetFx40_Client_setup.exe
2015-07-18 00:58 - 2015-07-18 00:58 - 05171262 _____ C:\Users\owner\Downloads\MCKING-NightMotherReplacer-56366-1-0.zip
2015-07-17 20:35 - 2015-07-17 20:35 - 24778718 _____ C:\Users\owner\Downloads\BetterDarkBrotherhood-25941-1-9.zip
2015-07-15 22:05 - 2015-07-15 22:07 - 101896047 _____ C:\Users\owner\Downloads\Replacer-42398-v3.7z
2015-07-15 18:12 - 2015-07-15 18:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-15 18:12 - 2015-07-15 18:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-15 18:11 - 2015-07-15 18:11 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2015-07-15 18:09 - 2015-07-15 18:09 - 00297672 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdacpksd.sys
2015-07-15 18:06 - 2015-07-15 18:06 - 21622272 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2015-07-15 18:01 - 2015-07-15 18:01 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2015-07-15 18:01 - 2015-07-15 18:01 - 00235008 _____ C:\Windows\System32\clinfo.exe
2015-07-15 18:00 - 2015-07-15 18:00 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-15 17:59 - 2015-07-15 17:59 - 00065024 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2015-07-15 17:59 - 2015-07-15 17:59 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-15 17:58 - 2015-07-15 17:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl12cl64.dll
2015-07-15 17:57 - 2015-07-15 17:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdmantle64.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\mantle64.dll
2015-07-15 17:35 - 2015-07-15 17:35 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-15 17:30 - 2015-07-15 17:30 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-15 17:28 - 2015-07-15 17:28 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2015-07-15 17:26 - 2015-07-15 17:26 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\mantleaxl64.dll
2015-07-15 17:26 - 2015-07-15 17:26 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-15 17:25 - 2015-07-15 17:25 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdmmcl6.dll
2015-07-15 17:25 - 2015-07-15 17:25 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-15 17:23 - 2015-07-15 17:23 - 03437632 _____ C:\Windows\System32\atiumd6a.cap
2015-07-15 17:22 - 2015-07-15 17:22 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00660912 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-15 17:21 - 2015-07-15 17:21 - 00660912 _____ C:\Windows\System32\atiapfxx.blb
2015-07-15 17:21 - 2015-07-15 17:21 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2015-07-15 17:21 - 2015-07-15 17:21 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-15 17:21 - 2015-07-15 17:21 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-15 17:20 - 2015-07-15 17:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-15 17:18 - 2015-07-15 17:18 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-15 17:17 - 2015-07-15 17:17 - 00672768 _____ (AMD) C:\Windows\System32\atieclxx.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atidemgy.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00246784 _____ (AMD) C:\Windows\System32\atiesrxx.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00204800 _____ C:\Windows\System32\amdgfxinfo64.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00190976 _____ (AMD) C:\Windows\System32\atitmm64.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-15 17:17 - 2015-07-15 17:17 - 00160256 _____ C:\Windows\System32\atieah64.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-15 17:17 - 2015-07-15 17:17 - 00029696 _____ (AMD) C:\Windows\System32\atimuixx.dll
2015-07-15 17:14 - 2015-07-15 17:14 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2015-07-15 17:13 - 2015-07-15 17:13 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-15 17:13 - 2015-07-15 17:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00865792 _____ (AMD) C:\Windows\System32\coinst_15.20.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00102912 _____ C:\Windows\System32\hsa-thunk64.dll
2015-07-15 17:12 - 2015-07-15 17:12 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-15 02:20 - 2015-07-15 02:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\System32\DelayAPO.dll
2015-07-15 02:20 - 2015-07-15 02:20 - 00096256 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\AtihdW76.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-13 04:40 - 2015-04-25 12:51 - 200399584 _____ C:\Windows\MEMORY.DMP
2015-08-12 17:47 - 2015-04-14 13:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 17:47 - 2015-04-07 16:18 - 01203215 _____ C:\Windows\WindowsUpdate.log
2015-08-12 17:47 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-12 17:47 - 2009-07-13 20:45 - 00021888 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 17:45 - 2015-06-28 05:07 - 00000000 ____D C:\Users\owner\AppData\Roaming\Spotify
2015-08-12 17:45 - 2015-04-09 04:38 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2015-08-12 17:41 - 2015-06-28 05:07 - 00000000 ____D C:\Users\owner\AppData\Local\Spotify
2015-08-12 17:39 - 2015-04-09 10:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-12 17:37 - 2015-04-09 10:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 17:28 - 2015-04-09 04:05 - 00072249 _____ C:\Windows\setupact.log
2015-08-12 17:28 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 15:12 - 2015-04-08 03:34 - 00000000 ____D C:\Windows\System32\MRT
2015-08-12 15:08 - 2015-04-08 03:34 - 132483416 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-12 15:06 - 2015-04-09 04:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-12 14:35 - 2015-04-20 13:06 - 00000000 ____D C:\Program Files (x86)\Mod Organizer
2015-08-12 06:47 - 2015-04-14 13:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 06:47 - 2015-04-14 13:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 06:47 - 2015-04-14 13:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 14:44 - 2015-04-09 10:12 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-10 07:07 - 2015-07-03 14:29 - 00000000 ____D C:\Users\owner\Desktop\Skyrim Mods
2015-08-09 13:09 - 2015-04-16 14:29 - 00000000 ____D C:\Users\owner\AppData\Local\osu!
2015-08-09 05:45 - 2009-07-13 21:13 - 00782228 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-09 04:16 - 2012-01-08 08:08 - 00024576 _____ (© 2011, AKDADEVIL (dispatched@gmx.net)) C:\Users\owner\Desktop\PrimaryLock.exe
2015-08-07 20:53 - 2015-04-09 04:05 - 00134908 _____ C:\Windows\PFRO.log
2015-08-07 18:17 - 2015-04-08 03:28 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-07 05:44 - 2015-04-08 03:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-02 18:39 - 2015-07-08 06:42 - 00007605 _____ C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2015-08-01 22:02 - 2015-04-12 19:11 - 00000000 ____D C:\Program Files\AMD
2015-08-01 22:01 - 2015-04-12 19:15 - 00000000 ____D C:\ProgramData\AMD
2015-08-01 21:59 - 2015-04-12 19:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-01 21:53 - 2015-04-12 19:07 - 00000000 ____D C:\AMD
2015-08-01 19:46 - 2015-05-20 18:01 - 00000000 ____D C:\Users\owner\Documents\The Witcher 3
2015-08-01 10:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2015-07-28 01:01 - 2015-04-08 04:18 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-28 00:39 - 2015-07-10 05:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 00:22 - 2015-04-07 17:06 - 00000000 ____D C:\Windows\Panther
2015-07-27 21:55 - 2015-04-09 06:07 - 00158138 _____ C:\Windows\DirectX.log
2015-07-27 20:28 - 2015-06-02 16:43 - 00000000 ____D C:\Users\owner\Desktop\Witcher 3 Mods
2015-07-27 16:08 - 2015-04-09 09:19 - 00000000 ____D C:\Program Files\HP
2015-07-27 16:08 - 2015-04-09 09:19 - 00000000 ____D C:\Program Files (x86)\HP
2015-07-27 16:08 - 2015-04-09 09:18 - 00000000 ____D C:\ProgramData\HP
2015-07-27 00:21 - 2009-07-13 21:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-25 01:33 - 2015-04-08 03:07 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-24 14:33 - 2009-07-13 20:45 - 00342400 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-24 13:29 - 2015-07-03 03:07 - 00000000 ____D C:\Program Files (x86)\LOOT
2015-07-24 13:28 - 2015-04-25 18:23 - 00000000 ____D C:\Users\owner\AppData\Local\LOOT
2015-07-24 13:26 - 2015-04-08 00:38 - 00076216 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-24 11:57 - 2015-06-25 03:12 - 00000000 ____D C:\Users\owner\AppData\Local\ftblauncher
2015-07-24 11:56 - 2015-06-25 03:12 - 00000000 ____D C:\ftb
2015-07-24 11:55 - 2015-04-26 12:37 - 00000000 ____D C:\ProgramData\Razer
2015-07-24 11:54 - 2015-04-26 12:37 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-24 11:47 - 2015-04-26 12:39 - 00000000 ____D C:\Users\owner\AppData\Local\Razer
2015-07-24 06:28 - 2015-06-25 04:10 - 00000000 ____D C:\Users\owner\Desktop\Servers
2015-07-23 18:49 - 2015-06-28 01:14 - 00000000 ____D C:\Users\owner\Desktop\Minecraft Mods
2015-07-22 18:08 - 2015-06-25 03:12 - 04731400 _____ () C:\Users\owner\Desktop\Technic Launcher.exe
2015-07-22 18:08 - 2015-06-25 03:12 - 00000000 ____D C:\Users\owner\AppData\Roaming\.technic
2015-07-22 13:29 - 2015-07-02 11:22 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-22 13:29 - 2015-04-08 03:20 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 13:28 - 2015-07-02 11:23 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-22 13:15 - 2015-07-05 10:42 - 43221600 _____ (Oracle Corporation) C:\Users\owner\Desktop\Java 64bit.exe
2015-07-16 10:11 - 2015-06-02 20:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 18:11 - 2011-04-20 01:09 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-15 18:11 - 2011-04-20 01:07 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2015-07-15 18:11 - 2011-04-20 00:49 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2015-07-15 18:11 - 2011-04-20 00:38 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-15 18:11 - 2011-04-20 00:30 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-15 18:11 - 2011-04-20 00:21 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2015-07-15 18:11 - 2011-04-20 00:21 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-15 14:34 - 2015-04-09 10:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 14:34 - 2015-04-09 10:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 09:53 - 2015-06-09 10:45 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-15 01:42 - 2015-04-08 03:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 00:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache

Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\owner\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\owner\AppData\Local\Temp\APNSetup.exe
C:\Users\owner\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\owner\AppData\Local\Temp\ChangeIcon.exe
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\owner\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\owner\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\owner\AppData\Local\Temp\raptrpatch.exe
C:\Users\owner\AppData\Local\Temp\raptr_stub.exe
C:\Users\owner\AppData\Local\Temp\xmlUpdater.exe
C:\Users\owner\AppData\Local\Temp\__pythonRunner.dll

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2015-08-07 18:12:34
Restore point made on: 2015-08-07 18:16:17
Restore point made on: 2015-08-11 04:31:20
Restore point made on: 2015-08-12 15:06:48

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4078.12 MB
Available physical RAM: 3427.72 MB
Total Virtual: 4076.32 MB
Available Virtual: 3421.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:458.74 GB) NTFS
Drive e: (P-TARAFDAR) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7154C22A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.


LastRegBack: 2015-08-13 09:24

==================== End of log ============================



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 01:57 PM

Thank you, please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
C:\Users\owner\AppData\Local\Temp\xmlUpdater.exe
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up), select Repair Your Computer, then select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt). Copy and paste that information in your reply.
  • Type the following in the Search Field
rstrui.exe
  • Click Search File(s) button
  • A Search.txt document will be saved to your USB device
  • Copy and paste the contents of that document your reply
  • Please attempt to boot your computer into Normal Mode or, if not, Safe Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Search.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 02:06 PM

Alright, here are the logs.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 14:59:51) Run:3
Running from e:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
C:\Users\owner\AppData\Local\Temp\xmlUpdater.exe
*****************

C:\Users\owner\AppData\Local\Temp\xmlUpdater.exe => moved successfully.

==== End of Fixlog 14:59:51 ====

 

Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 15:00:15)
Running from e:\
Boot Mode: Recovery

================== Search Files: "rstrui.exe" =============

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.23136_none_a57b9bcfe30ad443\rstrui.exe
[2015-08-12 04:06][2015-07-15 10:08] 0296960 ____A (Microsoft Corporation) 34E763E921E80B5A15139CAFFE2AD888

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.23126_none_a5866bbbe302b852\rstrui.exe
[2015-08-12 04:06][2015-07-14 19:19] 0296960 ____A (Microsoft Corporation) 96393C444D8F417D08DB5E61B6B1FBCA

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.23072_none_a54c5911e32ee184\rstrui.exe
[2015-06-09 10:45][2015-05-25 10:21] 0296960 ____A (Microsoft Corporation) 4D79A4159DF2E3CDAFA244CB2B54FD88

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.23040_none_a56ac841e3185b03\rstrui.exe
[2015-05-18 12:14][2015-04-27 11:17] 0296960 ____A (Microsoft Corporation) 2010C40459BA805C83C891C0FE064AF6

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.23002_none_a5980885e2f61ded\rstrui.exe
[2015-04-14 12:06][2015-03-16 21:11] 0296960 ____A (Microsoft Corporation) 7C48F591043A7705436E36BCA46D7BDD

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.22948_none_a572f26fe310f279\rstrui.exe
[2015-04-10 01:38][2015-02-02 19:50] 0296960 ____A (Microsoft Corporation) DA427AEC447DB0D3A1B4FA4610C17091

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.22943_none_a56df0fde31573c6\rstrui.exe
[2015-04-10 01:36][2015-01-26 19:56] 0296960 ____A (Microsoft Corporation) CD6EC790A672C29BF2A0F8FF5EC50B15

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.22923_none_a58390d5e3053be4\rstrui.exe
[2015-04-10 01:33][2012-05-05 00:17] 0296960 ____A (Microsoft Corporation) 648606E9DCA89E352494C965AF685F4A

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.22921_none_a5819041e3070936\rstrui.exe
[2015-04-10 01:33][2012-05-05 00:17] 0296960 ____A (Microsoft Corporation) 648606E9DCA89E352494C965AF685F4A

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.21988_none_a547c987e331489c\rstrui.exe
[2015-04-08 00:43][2012-05-05 00:17] 0296960 ____A (Microsoft Corporation) 648606E9DCA89E352494C965AF685F4A

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18933_none_a4ef2604c9efb532\rstrui.exe
[2015-08-12 04:06][2015-07-15 10:10] 0296960 ____A (Microsoft Corporation) 99D1FAA337A4EF3C33E256C79DC708F8

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18923_none_a4f9f5f0c9e79941\rstrui.exe
[2015-08-12 04:06][2015-07-14 19:19] 0296960 ____A (Microsoft Corporation) 5556F16400CE22D5E4A8741113BED6A0

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18869_none_a4d4b616ca02a3e8\rstrui.exe
[2015-06-09 10:45][2015-05-25 10:18] 0296960 ____A (Microsoft Corporation) 16154A6682B1552DEAB953BFA4B8E955

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18839_none_a4f525dac9ea5015\rstrui.exe
[2015-05-18 12:14][2015-04-27 11:22] 0296960 ____A (Microsoft Corporation) 52935C072F8D5A92508AA3A3CC9133C7

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18798_none_a4b34422ca1be13d\rstrui.exe
[2015-04-14 12:06][2015-03-16 21:16] 0296960 ____A (Microsoft Corporation) 5E9E31A2F213E757184EB2CA4B562E6C

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18741_none_a4e251b8c9f9a427\rstrui.exe
[2015-04-10 01:38][2015-02-02 19:30] 0296960 ____A (Microsoft Corporation) 93C7D1C3941086162B433107D9E8BCE3

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18738_none_a4f423aac9eb3997\rstrui.exe
[2015-04-10 01:36][2015-01-28 19:18] 0296960 ____A (Microsoft Corporation) 0D22B58AB9B1292CF022122C569354E6

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18717_none_a508c338c9dbe85e\rstrui.exe
[2015-04-10 01:33][2015-01-13 22:04] 0296960 ____A (Microsoft Corporation) F7A3018D8F1825427BC11E912D5287CD

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18715_none_a506c2a4c9ddb5b0\rstrui.exe
[2015-04-10 01:33][2015-01-11 19:10] 0296960 ____A (Microsoft Corporation) 9FB09EA9634A1493D3362A57F2EFBE99

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.17836_none_a4f23bc4c9ecea6f\rstrui.exe
[2010-11-20 19:25][2010-11-20 19:25] 0296960 ____A (Microsoft Corporation) 3DB5A1EACE7F3049ECC49FA64461E254

C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.17514_none_a505d556c9de886a\rstrui.exe
[2010-11-20 19:25][2010-11-20 19:25] 0296960 ____A (Microsoft Corporation) 3DB5A1EACE7F3049ECC49FA64461E254

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_10.0.10240.16384_none_4ee041964dec48cd\rstrui.exe
[2015-07-10 03:32][2015-07-10 03:32] 0269824 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\rstrui.exe
[2015-07-10 03:32][2015-07-10 03:32] 0269824 ___AL () D41D8CD98F00B204E9800998ECF8427E

X:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.17514_none_a505d556c9de886a\rstrui.exe
[2010-11-20 08:15][2010-11-20 08:15] 0296960 ____A (Microsoft Corporation) 3DB5A1EACE7F3049ECC49FA64461E254

X:\Windows\System32\rstrui.exe
[2010-11-20 08:15][2010-11-20 08:15] 0296960 ____A (Microsoft Corporation) 3DB5A1EACE7F3049ECC49FA64461E254

====== End of Search ======



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 02:13 PM

Thank you once again.

Now this.

===================================================

Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18933_none_a4ef2604c9efb532\rstrui.exe C:\Windows\System32\
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up), select Repair Your Computer, then select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt). Copy and paste that information in your reply.
  • Please attempt to boot your computer into Normal Mode or, if not, Safe Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Can you boot?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 02:18 PM

Once again, no visible change in the booting process. The computer still does not boot. Here is the fixlog.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by SYSTEM (2015-08-14 15:14:50) Run:4
Running from e:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
cmd: copy /y C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18933_none_a4ef2604c9efb532\rstrui.exe C:\Windows\System32\
*****************


=========  copy /y C:\Windows\winsxs\amd64_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.1.7601.18933_none_a4ef2604c9efb532\rstrui.exe C:\Windows\System32\ =========

        1 file(s) copied.

========= End of CMD: =========


==== End of Fixlog 15:14:50 ====



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 02:26 PM

OK, please do these things.

===================================================

Running chkdsk /r from Recovery Environment in Windows 7

--------------------
  • Boot your computer into the Recovery Environment (tap F8)
  • Select Command Prompt
  • Type c: and Enter
  • Type chkdsk /r and Enter
  • If you receive a message about unmounting the volume check Yes
  • If the program doesn't start automatically repeat the chkdsk /r command
  • Once the process is finished please write down any information provided on the screen
  • Attempt to reboot your computer into Normal Mode.
  • If you receive a Blue Screen of Death (BSOD) please provide that information in your post.
Note: This process may take awhile to complete. You may also notice the progress bar jumping back and forth. This is normal. Please be patient.

===================================================

Running sfc /scannow in Windows 7/Vista Recovery Environment

-----------------
  • Restart the computer
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears
  • Use the arrow keys to select the Repair your computer menu item
  • Select English as the keyboard language settings, and then click Next
  • For Windows 8 hit the Windows Key + I at the same time, click the Power button, then hold down the Shift Key while clicking Restart
  • Once you are in the System Recovery Options menu you will get the following options

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • Type the following (there is a space before each "/") after the Command Prompt and hit Enter (if you receive an error replace C:\ with D:\)

SFC /SCANNOW /OFFBOOTDIR=C:\ /OFFWINDIR=C:\WINDOWS

  • Attempt to boot your computer
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • chkdsk information
  • sfc information
  • Does your computer boot?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 02:50 PM

I ran both commands. The Chkdsk finished processing with the message "Windows has checked the file system and found no problems." The system file checker command resulted in the message, "Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.log." However, the computer does seem to boot properly now. Does that mean all of the problems are solved, or do you want me to paste that CBS.log into a post?



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:35 PM

Posted 14 August 2015 - 02:57 PM

Greetings Pritish,
 

Does that mean all of the problems are solved,

No, not yet and we don't need to review the CBS log quite yet.

Please run SFC another 2 times as follows then rerun FRST in Normal Boot and make sure to check Addition.txt.

===================================================

Run sfc /scannow from Elevated Command

--------------------
  • Click Start and Type cmd
  • Right click on cmd.exe above and select Run as Administrator
  • If you are prompted for an administrator password or for a confirmation, type the password, or click Allow
  • Windows 8: Press the Windows key + X at the same time, then click Command Prompt (Admin)
  • Type the following at the Command Prompt and press Enter

sfc /scannow

  • If Windows did not find any integrity violations please stop and let me know
  • If errors were found right click inside the command window, click Select All, and hit the ctrl+C keys at the same time to copy the text
  • Right click inside the topic Reply window and select Paste to include the information in your reply
  • If errors were found run sfc /scannow another time
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • sfc results
  • FRST.txt
  • Addition.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 ptarafdar

ptarafdar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:11:35 PM

Posted 14 August 2015 - 03:25 PM

After running the sfc scan twice, I received the same message as before, "Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.log." Here are the FRST logs.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
Ran by owner (administrator) on GAMING-PC (14-08-2015 16:21:50)
Running from C:\Users\owner\Desktop\FRST
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(OpenVPN Technologies, Inc) C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe
(OpenVPN Technologies, Inc) C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptcore.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Spotify Ltd) C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Run: [Spotify Web Helper] => C:\Users\owner\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-08-02] (Spotify Ltd)
HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Run: [Spotify] => C:\Users\owner\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-08-02] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk [2015-06-26]
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-10] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2411303924-2966975986-415115124-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/?type=903578&fr=spigot-yhp-ie
SearchScopes: HKU\S-1-5-21-2411303924-2966975986-415115124-1000 -> {90305DB2-109D-41CF-86E7-9740F5717DBF} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-08] (Avast Software s.r.o.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-03] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-08] (Avast Software s.r.o.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3205BD4-D4D0-4E56-BB2E-F342CDEAB0EE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D9CE877E-D36F-473B-997D-2520FEE594F5}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2411303924-2966975986-415115124-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092\searchplugins\yahoo_ff.xml [2015-06-05]
FF Extension: WOT - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09]
FF Extension: YouTube High Definition - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-08-03]
FF Extension: StumbleUpon - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2015-05-29]
FF Extension: Adblock Plus - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\jzp7clok.default-1430170865092\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-08]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-09]
FF HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-09]
CHR Extension: (Adblock Plus) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-22]
CHR Extension: (Avast Online Security) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-14]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-14]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-10] (Avast Software s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 ptservice; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ptservice.exe [17816 2015-01-29] (OpenVPN Technologies, Inc)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2015-05-07] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-10] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-10] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-10] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-10] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-10] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2015-05-07] ()
R3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-26] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows ® Win 7 DDK provider)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [765288 2011-10-01] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [268648 2011-10-01] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [25960 2011-10-01] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [22376 2011-10-01] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 207BEEDFC2E357A4A27E99DEA0FBEDF3
C:\Windows\System32\DRIVERS\atikmpag.sys 50228D17A34A1E5CF93084A6AE70870B
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys C3D487827E48CC5EC17994FEC5BDFF87
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys 68726474C69B738EAC3A62E06B33ADDC
C:\Windows\system32\drivers\aswHwid.sys B5B4C90E9F52DA8586F1E5461AD90A5D
C:\Windows\system32\drivers\aswMonFlt.sys 300CB8E510855189CAD0B72FFB5590CB
C:\Windows\system32\drivers\aswRdr2.sys 6D37D8DB30D086739507C5F6E542656A
C:\Windows\System32\Drivers\aswRvrt.sys 07E32DFCA422A2920482D762D01957EC
C:\Windows\system32\drivers\aswSnx.sys 3B4AC2DBFC86F7247C1FF1FAF2860530
C:\Windows\system32\drivers\aswSP.sys A04F190FCD762E7BCC9BFC70563C52DB
C:\Windows\system32\drivers\aswStm.sys 6E53278ECCFFBC2ACC2A5006745ED4BB
C:\Windows\System32\Drivers\aswVmm.sys 91782404718C6352C26B3242BAC3F0F1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys 0ACC06FCF46F64ED4F11E57EE461C1F4
C:\Windows\System32\drivers\AtihdW76.sys F270AFC3848C54C67E3BFB892CE9B9C6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys C0A6C3D6E02B61B5D100FE17306C276F
C:\Windows\System32\Drivers\ksecpkg.sys 7A7328E427694CC7244235C3BC299F80
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys 1877EB1495CFBDAB27D6A32F6DDF3818
C:\Windows\System32\DRIVERS\mrxsmb10.sys 21AF322605D8C7F2A627C22634D1C9C9
C:\Windows\System32\DRIVERS\mrxsmb20.sys 45A03A0B6461EFBEE77E0A6AC2816EDA
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 2219A3D695405E7BA2186BA6B9EDE14A
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ptun0901.sys D8EB393983B644879DE0546122CC16DF
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\system32\drivers\rzpmgrk.sys 0C90E6CEA576095888E779E5BD9DD060
C:\Windows\system32\drivers\rzpnk.sys 288471F132C7249F598032D03575F083
C:\Windows\System32\drivers\RzSurroundVAD.sys 6F59DE8AD8A6946D9133550BA481E6AD
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfswin7.sys B2F21560016B3C200FC34F2BD13DE469
C:\Windows\System32\DRIVERS\Sftplaywin7.sys AD9449F3BF407DBD1742A465F2163847
C:\Windows\System32\DRIVERS\Sftredirwin7.sys 78A1496BA75C7D5700CECB77DDD291BB
C:\Windows\System32\DRIVERS\Sftvolwin7.sys DA674FD0164D64BD4980A619410D57E3
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-14 15:58 - 2015-08-14 16:21 - 00000000 ____D C:\Users\owner\Desktop\FRST
2015-08-13 22:09 - 2015-08-14 16:21 - 00000000 ____D C:\FRST
2015-08-13 12:31 - 2015-08-13 12:31 - 00000000 __SHD C:\found.004
2015-08-11 08:21 - 2015-08-11 08:21 - 00010696 ____N C:\bootsqm.dat
2015-08-11 08:20 - 2015-08-11 08:20 - 00000000 __SHD C:\found.003
2015-08-09 08:15 - 2015-08-09 08:15 - 00005341 _____ C:\Users\owner\Downloads\PrimaryLock.zip
2015-08-08 00:59 - 2015-08-14 15:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-07 22:16 - 2015-05-10 03:27 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-08-07 22:05 - 2015-08-07 22:05 - 00000000 __SHD C:\found.002
2015-08-07 08:19 - 2015-08-07 08:19 - 22833582 _____ C:\Users\owner\Downloads\Nightshade Armor - Natural BBP.7z
2015-08-07 08:18 - 2015-08-07 08:18 - 00892970 _____ C:\Users\owner\Downloads\Roughspun Tunic - Cleavage BBP.7z
2015-08-07 08:18 - 2015-08-07 08:18 - 00690228 _____ C:\Users\owner\Downloads\Skimpy Vampire Royal Armor - Cleavage BBP.7z
2015-08-07 08:17 - 2015-08-07 08:17 - 01825236 _____ C:\Users\owner\Downloads\Ancient Nord Armor SuperCleavage - Cleavage BBP.7z
2015-08-07 08:15 - 2015-08-07 08:15 - 09494845 _____ C:\Users\owner\Downloads\Fitness Outfit - Bombshell BBP.7z
2015-08-07 07:43 - 2015-08-07 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-07 02:32 - 2015-08-07 02:32 - 00144482 _____ C:\Users\owner\Downloads\Alternate Meadery Location-58357--.zip
2015-08-06 23:49 - 2015-08-06 23:49 - 00000222 _____ C:\Users\owner\Desktop\Fingerbones.url
2015-08-06 12:22 - 2015-08-06 12:24 - 101876490 _____ C:\Users\owner\Downloads\UNP main-45453-v2.7z
2015-08-06 12:12 - 2015-08-06 12:13 - 37487215 _____ C:\Users\owner\Downloads\standard.7z
2015-08-06 04:13 - 2015-08-06 04:13 - 01977867 _____ C:\Users\owner\Downloads\Switching hair bug fix by Dubhorizon-64473-1-0b.rar
2015-08-05 07:33 - 2015-08-05 07:33 - 00902027 _____ C:\Users\owner\Downloads\ICBINE 3-63839-3-0(1).rar
2015-08-04 08:03 - 2015-08-04 08:03 - 00348275 _____ C:\Users\owner\Downloads\hdtHighHeel_beta0_5-36213-beta0-5.7z
2015-08-04 08:01 - 2015-08-04 08:02 - 28943331 _____ C:\Users\owner\Downloads\NewlynaArmorMain-57369-0-8.7z
2015-08-04 00:07 - 2015-08-04 00:07 - 02361555 _____ C:\Users\owner\Downloads\enbseries_skyrim_v0279.zip
2015-08-03 19:48 - 2015-08-03 19:48 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-03 19:47 - 2015-08-03 19:47 - 00000000 ____D C:\Program Files\Java
2015-08-03 17:49 - 2015-08-03 17:49 - 00014171 _____ C:\Users\owner\Downloads\ENBoost 5_0-38649-5-0.zip
2015-08-02 21:13 - 2015-08-02 23:54 - 743956849 _____ C:\Users\owner\Downloads\LegacyPack3 (2 of 4)-52248-V14Final.7z
2015-08-02 21:13 - 2015-08-02 23:52 - 743934935 _____ C:\Users\owner\Downloads\LegacyPack3 (1 of 4)-52248-V14Final.7z
2015-08-02 19:56 - 2015-08-02 19:56 - 07445656 _____ C:\Users\owner\Downloads\Legacy BCS Compatibility patch collection V14-52248-1.7z
2015-08-02 19:56 - 2015-08-02 19:56 - 00297776 _____ C:\Users\owner\Downloads\Immersive Weapons and Armor addons (V14)-52248-1.7z
2015-08-02 19:56 - 2015-08-02 19:56 - 00160136 _____ C:\Users\owner\Downloads\Solitude Compatibility Patches (V14)-52248-1.7z
2015-08-02 19:56 - 2015-08-02 19:56 - 00009760 _____ C:\Users\owner\Downloads\SkyRe Compatibility patch (V14)-52248-1.7z
2015-08-02 19:56 - 2015-08-02 19:56 - 00005939 _____ C:\Users\owner\Downloads\Weapons and Armor Fixes Remade Patch (V14)-52248-2.7z
2015-08-02 19:55 - 2015-08-02 19:58 - 201963789 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 2 of 3-52248-V14Final.7z
2015-08-02 19:55 - 2015-08-02 19:56 - 58794654 _____ C:\Users\owner\Downloads\Legacy of the Dragonborn 1 of 4-52248-V14Final.7z
2015-08-02 04:26 - 2015-08-02 04:27 - 68157278 _____ C:\Users\owner\Downloads\CB++Tera_Collection-v-1.298.7z
2015-08-02 02:03 - 2015-08-02 02:03 - 00000000 ____D C:\Users\owner\AppData\Local\AMD
2015-08-02 02:03 - 2015-08-02 02:03 - 00000000 ____D C:\ProgramData\ATI
2015-08-02 02:02 - 2015-08-02 02:02 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201508020202552352.log
2015-08-02 02:02 - 2015-08-02 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-01 08:46 - 2015-08-01 08:55 - 133901841 _____ C:\Users\owner\Downloads\EotW Mage Robes of Skyrim-50445-1-0.rar
2015-07-31 09:15 - 2015-07-31 09:15 - 21789814 _____ C:\Users\owner\Downloads\Skyforge Hotfix-24909-1-9.zip
2015-07-28 04:07 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 04:07 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 04:07 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 04:07 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 04:07 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 04:07 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 04:07 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 04:07 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 02:59 - 2015-07-28 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True - Blood 2.0
2015-07-28 01:55 - 2015-08-08 04:56 - 00000000 ____D C:\Users\owner\AppData\Local\Warframe
2015-07-28 00:43 - 2015-07-28 00:43 - 00000222 _____ C:\Users\owner\Desktop\Warframe.url
2015-07-27 20:10 - 2015-07-27 20:10 - 00003048 _____ C:\Windows\System32\Tasks\ScanToPCActivationApp.exe_{1570B940-9D24-44E3-A4F6-7671FC8FB875}
2015-07-27 20:08 - 2015-07-27 20:08 - 00003614 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 6830
2015-07-27 20:08 - 2015-07-27 20:08 - 00002200 _____ C:\Users\Public\Desktop\HP Officejet Pro 6830.lnk
2015-07-27 20:08 - 2015-07-27 20:08 - 00001152 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 6830.lnk
2015-07-27 20:08 - 2015-07-27 20:08 - 00000962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2015-07-27 20:08 - 2014-07-18 19:48 - 00763968 ____N (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPM7212.dll
2015-07-27 20:07 - 2015-07-27 20:09 - 00000000 ____D C:\Users\owner\AppData\Local\HP
2015-07-27 20:07 - 2015-07-27 20:07 - 00000057 _____ C:\ProgramData\Ament.ini
2015-07-27 20:04 - 2015-07-27 20:06 - 179306328 _____ C:\Users\owner\Downloads\OJ6830_73.exe
2015-07-27 20:04 - 2015-07-27 20:04 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-07-27 20:03 - 2015-07-27 20:09 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-07-27 20:02 - 2015-07-27 20:02 - 03748672 _____ (Oleg N. Scherbakov) C:\Users\owner\Downloads\HPSupportSolutionsFramework-12.0.26.exe
2015-07-24 15:55 - 2015-06-26 19:27 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-07-24 15:52 - 2015-07-24 15:54 - 00001941 _____ C:\Users\owner\Desktop\Razer Synapse.lnk
2015-07-24 15:46 - 2015-07-24 15:46 - 22589448 _____ (Razer Inc.) C:\Users\owner\Downloads\1435565211rzrmodRazer_Synapse_Framework_V1.18.21.26599.exe
2015-07-24 09:43 - 2015-07-24 09:43 - 00001020 _____ C:\Users\owner\Desktop\SKSE.lnk
2015-07-24 08:48 - 2015-07-24 08:48 - 00000000 __SHD C:\found.001
2015-07-23 22:50 - 2015-07-23 22:50 - 00000144 _____ C:\Windows\system32\java-test.log
2015-07-23 02:42 - 2015-07-23 02:42 - 12339827 _____ C:\Users\owner\Downloads\forgeessentials-1.7.10-1.4.0-server.jar
2015-07-23 01:45 - 2015-07-23 01:46 - 216991474 _____ C:\Users\owner\Downloads\FTBInfinityServer(1).zip
2015-07-23 01:26 - 2015-07-23 01:26 - 00576163 _____ C:\Users\owner\Downloads\Ars Magica 2 Mod Installer 1.7.10.zip
2015-07-23 01:25 - 2015-07-23 01:25 - 02379383 _____ C:\Users\owner\Downloads\EquivalentExchange3-1.7.10-0.3.507.jar
2015-07-22 17:15 - 2015-07-22 17:15 - 37348448 _____ (Oracle Corporation) C:\Users\owner\Downloads\jre-8u51-windows-i586.exe
2015-07-20 15:21 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 15:21 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 15:21 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 15:21 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 15:21 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 15:21 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 15:21 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 15:21 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 15:21 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 15:21 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 13:58 - 2015-07-20 13:58 - 28114017 _____ C:\Users\owner\Downloads\ReShade 0.19.0 Public Beta with Framework.7z
2015-07-20 11:43 - 2015-07-20 11:44 - 71024493 _____ C:\Users\owner\Downloads\Main-52906-V1.7z
2015-07-19 15:17 - 2015-07-19 15:17 - 00887896 _____ (Microsoft Corporation) C:\Users\owner\Downloads\dotNetFx40_Client_setup.exe
2015-07-18 04:58 - 2015-07-18 04:58 - 05171262 _____ C:\Users\owner\Downloads\MCKING-NightMotherReplacer-56366-1-0.zip
2015-07-18 00:35 - 2015-07-18 00:35 - 24778718 _____ C:\Users\owner\Downloads\BetterDarkBrotherhood-25941-1-9.zip
2015-07-16 02:05 - 2015-07-16 02:07 - 101896047 _____ C:\Users\owner\Downloads\Replacer-42398-v3.7z
2015-07-15 22:12 - 2015-07-15 22:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-07-15 22:12 - 2015-07-15 22:12 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-07-15 22:12 - 2015-07-15 22:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-15 22:12 - 2015-07-15 22:12 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-15 22:11 - 2015-07-15 22:11 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-15 22:11 - 2015-07-15 22:11 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-07-15 22:11 - 2015-07-15 22:11 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-07-15 22:11 - 2015-07-15 22:11 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-15 22:11 - 2015-07-15 22:11 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-07-15 22:09 - 2015-07-15 22:09 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-07-15 22:06 - 2015-07-15 22:06 - 21622272 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-07-15 22:01 - 2015-07-15 22:01 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-07-15 22:01 - 2015-07-15 22:01 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-07-15 22:00 - 2015-07-15 22:00 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-15 21:59 - 2015-07-15 21:59 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-15 21:59 - 2015-07-15 21:59 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-15 21:58 - 2015-07-15 21:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-07-15 21:57 - 2015-07-15 21:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-15 21:35 - 2015-07-15 21:35 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-07-15 21:35 - 2015-07-15 21:35 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-07-15 21:35 - 2015-07-15 21:35 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-15 21:30 - 2015-07-15 21:30 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-15 21:28 - 2015-07-15 21:28 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-07-15 21:26 - 2015-07-15 21:26 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-07-15 21:26 - 2015-07-15 21:26 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-15 21:25 - 2015-07-15 21:25 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-07-15 21:25 - 2015-07-15 21:25 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-15 21:23 - 2015-07-15 21:23 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-07-15 21:22 - 2015-07-15 21:22 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-15 21:21 - 2015-07-15 21:21 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-07-15 21:21 - 2015-07-15 21:21 - 00660912 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-15 21:21 - 2015-07-15 21:21 - 00660912 _____ C:\Windows\system32\atiapfxx.blb
2015-07-15 21:21 - 2015-07-15 21:21 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-07-15 21:21 - 2015-07-15 21:21 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-07-15 21:21 - 2015-07-15 21:21 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-07-15 21:21 - 2015-07-15 21:21 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-15 21:21 - 2015-07-15 21:21 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-15 21:20 - 2015-07-15 21:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-15 21:18 - 2015-07-15 21:18 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-15 21:17 - 2015-07-15 21:17 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-07-15 21:17 - 2015-07-15 21:17 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-07-15 21:17 - 2015-07-15 21:17 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-07-15 21:17 - 2015-07-15 21:17 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-15 21:17 - 2015-07-15 21:17 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-15 21:17 - 2015-07-15 21:17 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-07-15 21:14 - 2015-07-15 21:14 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-07-15 21:13 - 2015-07-15 21:13 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-15 21:13 - 2015-07-15 21:13 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-07-15 21:12 - 2015-07-15 21:12 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-07-15 21:12 - 2015-07-15 21:12 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-07-15 21:12 - 2015-07-15 21:12 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-15 06:20 - 2015-07-15 06:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-07-15 06:20 - 2015-07-15 06:20 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-14 19:41 - 2015-06-09 14:45 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-14 16:10 - 2015-04-09 08:38 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2015-08-14 16:02 - 2009-07-14 00:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-14 16:02 - 2009-07-14 00:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-14 16:01 - 2009-07-14 01:13 - 00782228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-14 15:55 - 2015-06-28 09:07 - 00000000 ____D C:\Users\owner\AppData\Roaming\Spotify
2015-08-14 15:55 - 2015-06-28 09:07 - 00000000 ____D C:\Users\owner\AppData\Local\Spotify
2015-08-14 15:54 - 2015-04-09 08:05 - 00072977 _____ C:\Windows\setupact.log
2015-08-14 15:50 - 2015-04-09 14:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-14 15:50 - 2015-04-07 20:18 - 01223519 _____ C:\Windows\WindowsUpdate.log
2015-08-14 15:49 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 08:40 - 2015-04-25 16:51 - 200399584 _____ C:\Windows\MEMORY.DMP
2015-08-12 21:47 - 2015-04-14 17:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 21:39 - 2015-04-09 14:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-12 19:12 - 2015-04-08 07:34 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 19:08 - 2015-04-08 07:34 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:06 - 2015-04-09 08:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-12 18:35 - 2015-04-20 17:06 - 00000000 ____D C:\Program Files (x86)\Mod Organizer
2015-08-12 10:47 - 2015-04-14 17:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 10:47 - 2015-04-14 17:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 10:47 - 2015-04-14 17:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 18:44 - 2015-04-09 14:12 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-10 11:07 - 2015-07-03 18:29 - 00000000 ____D C:\Users\owner\Desktop\Skyrim Mods
2015-08-09 17:09 - 2015-04-16 18:29 - 00000000 ____D C:\Users\owner\AppData\Local\osu!
2015-08-08 00:53 - 2015-04-09 08:05 - 00134908 _____ C:\Windows\PFRO.log
2015-08-07 22:17 - 2015-04-08 07:28 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-07 09:44 - 2015-04-08 07:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-02 22:39 - 2015-07-08 10:42 - 00007605 _____ C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2015-08-02 02:02 - 2015-04-12 23:11 - 00000000 ____D C:\Program Files\AMD
2015-08-02 02:01 - 2015-04-12 23:15 - 00000000 ____D C:\ProgramData\AMD
2015-08-02 01:59 - 2015-04-12 23:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-02 01:53 - 2015-04-12 23:07 - 00000000 ____D C:\AMD
2015-08-01 23:46 - 2015-05-20 22:01 - 00000000 ____D C:\Users\owner\Documents\The Witcher 3
2015-08-01 14:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-28 05:01 - 2015-04-08 08:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 04:39 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 04:22 - 2015-04-07 21:06 - 00000000 ____D C:\Windows\Panther
2015-07-28 01:55 - 2015-04-09 10:07 - 00158138 _____ C:\Windows\DirectX.log
2015-07-28 00:42 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-28 00:41 - 2015-06-28 17:20 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-28 00:28 - 2015-06-02 20:43 - 00000000 ____D C:\Users\owner\Desktop\Witcher 3 Mods
2015-07-27 20:08 - 2015-04-09 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-07-27 20:08 - 2015-04-09 13:19 - 00000000 ____D C:\Program Files\HP
2015-07-27 20:08 - 2015-04-09 13:19 - 00000000 ____D C:\Program Files (x86)\HP
2015-07-27 20:08 - 2015-04-09 13:18 - 00000000 ____D C:\ProgramData\HP
2015-07-27 04:21 - 2009-07-14 01:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-25 05:33 - 2015-04-08 07:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 18:33 - 2009-07-14 00:45 - 00342400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-24 17:29 - 2015-07-03 07:07 - 00000000 ____D C:\Program Files (x86)\LOOT
2015-07-24 17:28 - 2015-04-25 22:23 - 00000000 ____D C:\Users\owner\AppData\Local\LOOT
2015-07-24 17:26 - 2015-04-08 04:38 - 00076216 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-24 15:57 - 2015-06-25 07:12 - 00000000 ____D C:\Users\owner\AppData\Local\ftblauncher
2015-07-24 15:56 - 2015-06-25 07:12 - 00000000 ____D C:\ftb
2015-07-24 15:55 - 2015-04-26 16:37 - 00000000 ____D C:\ProgramData\Razer
2015-07-24 15:54 - 2015-04-26 16:37 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-24 15:47 - 2015-04-26 16:39 - 00000000 ____D C:\Users\owner\AppData\Local\Razer
2015-07-24 10:28 - 2015-06-25 08:10 - 00000000 ____D C:\Users\owner\Desktop\Servers
2015-07-23 22:49 - 2015-06-28 05:14 - 00000000 ____D C:\Users\owner\Desktop\Minecraft Mods
2015-07-22 22:08 - 2015-06-25 07:12 - 04731400 _____ () C:\Users\owner\Desktop\Technic Launcher.exe
2015-07-22 22:08 - 2015-06-25 07:12 - 00000000 ____D C:\Users\owner\AppData\Roaming\.technic
2015-07-22 17:29 - 2015-07-02 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-22 17:29 - 2015-04-08 07:20 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 17:28 - 2015-07-02 15:23 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-22 17:15 - 2015-07-05 14:42 - 43221600 _____ (Oracle Corporation) C:\Users\owner\Desktop\Java 64bit.exe
2015-07-16 14:12 - 2015-04-08 07:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 14:11 - 2015-06-03 00:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:11 - 2011-04-20 05:09 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-15 22:11 - 2011-04-20 05:07 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-07-15 22:11 - 2011-04-20 04:49 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-07-15 22:11 - 2011-04-20 04:38 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-15 22:11 - 2011-04-20 04:30 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-15 22:11 - 2011-04-20 04:21 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-07-15 22:11 - 2011-04-20 04:21 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-15 18:34 - 2015-04-09 14:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:34 - 2015-04-09 14:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 05:42 - 2015-04-08 07:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 04:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 03:25 - 2015-04-08 08:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 03:25 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Files in the root of some directories =======

2015-07-08 10:42 - 2015-08-02 22:39 - 0007605 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2015-07-27 20:07 - 2015-07-27 20:07 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-09 13:19 - 2015-04-28 17:56 - 0003399 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\owner\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\owner\AppData\Local\Temp\APNSetup.exe
C:\Users\owner\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\owner\AppData\Local\Temp\ChangeIcon.exe
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\owner\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\owner\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\owner\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\owner\AppData\Local\Temp\raptrpatch.exe
C:\Users\owner\AppData\Local\Temp\raptr_stub.exe
C:\Users\owner\AppData\Local\Temp\__pythonRunner.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-13 13:24

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by owner (2015-08-14 16:22:59)
Running from C:\Users\owner\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2411303924-2966975986-415115124-500 - Administrator - Disabled)
Guest (S-1-5-21-2411303924-2966975986-415115124-501 - Limited - Disabled)
owner (S-1-5-21-2411303924-2966975986-415115124-1000 - Administrator - Enabled) => C:\Users\owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeblade (HKLM-x32\...\Steam App 207230) (Version:  - CodeBrush Games)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4700 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
DarthMod: Shogun II (HKLM-x32\...\DarthMod: Shogun II) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fingerbones (HKLM-x32\...\Steam App 391270) (Version:  - David Szymanski)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotline Miami 2: Wrong Number (HKLM-x32\...\Steam App 274170) (Version:  - Dennaton Games)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Officejet Pro 6830 Help (HKLM-x32\...\{28693307-6F99-4B5D-9FA3-4D9132DDA716}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{A772EA32-AE5B-4474-BFC0-4C69C04AFF6A}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LibreOffice 4.4.2.2 (HKLM-x32\...\{99A395EF-A310-40BB-B7A3-E3FF07CC38FC}) (Version: 4.4.2.2 - The Document Foundation)
LOOT (HKLM-x32\...\LOOT) (Version: 0.7.1 - LOOT Development Team)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.7145.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 39.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 en-US)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.5 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.1 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
osu! (HKLM-x32\...\{35e58831-794d-4f9c-a559-c519248d4265}) (Version: latest - ppy Pty Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.4.2.4 - OpenVPN Technologies)
Product Improvement Study for HP Officejet Pro 6830 (HKLM\...\{96ABEAD3-67AE-4BF7-8A16-F745352049B3}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Saints Row Complete First Person Mod (HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Saints Row Complete First Person Mod) (Version:  - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version:  - Flying Wild Hog)
Shrug version 1.2 (HKLM-x32\...\{4BF0DA04-A6E9-4757-A142-4A966559F49A}_is1) (Version: 1.2 - Tang Game Design)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version:  - Berserk Games)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
True - Blood 2.0 (HKLM-x32\...\True - Blood 2.0) (Version:  - )
Unity Web Player (HKU\S-1-5-21-2411303924-2966975986-415115124-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.5 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

07-08-2015 22:11:40 avast! antivirus system restore point
07-08-2015 22:16:09 avast! antivirus system restore point
11-08-2015 08:31:06 Windows Update
12-08-2015 19:06:30 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2FDDBEDB-2E42-432E-8C58-D4CB2D812383} - System32\Tasks\{544B8612-7DD2-432B-8C90-1D48F8E1A051} => pcalua.exe -a C:\Users\owner\Desktop\jre-8u45-windows-i586.exe -d C:\Users\owner\Desktop
Task: {43D5EC0A-1391-4786-80B7-18BE220ADD4D} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {479EAF65-3CFF-4603-BA6C-5B738F5079DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {4AE7D100-F2D9-48F6-93F9-46CA8FCB6C60} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4B108B51-6260-4F71-9E24-5714C0A96F88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {697A9C4A-342D-4484-8990-7A4A9BEBA366} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-09] (Google Inc.)
Task: {9898DD5D-E71C-4325-A759-6EBE4E174483} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-09] (Google Inc.)
Task: {B09B7898-E92E-4180-9036-2540124527F6} - System32\Tasks\{D129279E-8E1B-4B36-9F68-2BEE8B5D233E} => pcalua.exe -a C:\Users\owner\Desktop\jre-8u45-windows-i586(1).exe -d C:\Users\owner\Desktop
Task: {CF12172C-3948-47E0-9E6A-0BE4761CF0FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {E4C0C4F7-1E72-45E5-A9E5-C112B469BE3E} - System32\Tasks\ScanToPCActivationApp.exe_{1570B940-9D24-44E3-A4F6-7671FC8FB875} => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {E672DBE5-4809-4EF5-94D5-1048159FEE2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-07] (Avast Software s.r.o.)
Task: {FFEF6337-4FF5-42EF-B1BD-A4348BABA8A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-15 16:13 - 2015-04-15 16:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-07-15 21:39 - 2015-07-15 21:39 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-07-15 21:38 - 2015-07-15 21:38 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-23 15:11 - 2015-06-23 15:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-01-29 13:43 - 2015-01-29 13:43 - 00872344 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\PrivateTunnel.exe
2015-07-15 21:38 - 2015-07-15 21:38 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-05-10 03:27 - 2015-05-10 03:27 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-10 03:26 - 2015-05-10 03:26 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-12 16:07 - 2015-08-12 16:07 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15081203\algo.dll
2015-08-14 15:54 - 2015-08-14 15:54 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081406\algo.dll
2015-01-26 13:29 - 2015-01-26 13:29 - 00113664 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\lzo2.dll
2015-01-26 13:29 - 2015-01-26 13:29 - 01034752 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libxml2.dll
2015-01-26 13:29 - 2015-01-26 13:29 - 38713856 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libcef.dll
2015-04-08 07:27 - 2015-04-08 07:27 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-09 04:44 - 2015-03-09 04:44 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-01-26 13:29 - 2015-01-26 13:29 - 00880128 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libglesv2.dll
2015-01-26 13:29 - 2015-01-26 13:29 - 00102400 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2411303924-2966975986-415115124-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{53F1B024-1C79-402C-A935-22BF7C84A86A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCFCAC7A-7B95-440F-AF37-EAD755575CAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D43B4558-2FCC-4B2C-ABAE-CC106C97FB5E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2FD4E32-6B1F-445A-87C3-53F399E9EA97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B18753A-00EB-4A68-9FCD-2B9B38281364}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FD2C3DE0-B9F6-49DC-8FA8-98D2EA2A3298}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{85419FC4-9794-4913-8A10-55E3785BEB14}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90592E65-EEAD-450A-B051-529F7519E2F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{AFFA4FAC-5F1C-43DA-9FAF-B2E2F2D9C1FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{66C5AF7E-A4A4-4BA5-8162-37E78DC5E9D6}] => (Allow) C:\Users\owner\AppData\Local\Temp\7zS7AFC\setup\hpznui40.exe
FirewallRules: [{7FB3026D-4617-402D-8091-E73F517EA90B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{AC343319-E4AE-4765-80C2-35BFF1A84E5B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{E2549D7F-8BF8-41BA-895F-F0D247039D98}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{79C93970-BF1C-4B22-AD63-B098C2BBE7EF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{2AB43BA2-612D-4AED-8D19-CDADF83BE11F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A734AB65-480F-48A9-9131-DEA335FA5F99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{915CF9C6-D199-40A6-BBC7-D0E1119CFE99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{EC4D3DF2-BB7C-49B1-A1A5-1AE21927BD4F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{00184430-985F-4362-A83F-5909F14549B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{2E9A3225-2D5E-45FF-93A9-BA22500CC581}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F5F83044-F122-4771-8643-488542D3F9E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{1C74C27A-9D7B-4CAE-AF4B-B11845E6A91B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D1265326-1304-4697-8CD8-769D34EB087A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{ECD5648E-A156-47C6-BBC8-352FB4D861F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{54A284AA-B7A1-4102-B071-6388B1294ED7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{0E8861DB-2145-44A0-BB41-6806B0ED5B40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CD134773-1549-4911-B10F-7389E50F9C3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{DEF5D906-BDD0-486C-B8C0-125D64788E17}C:\program files (x86)\shrug\shrug.exe] => (Allow) C:\program files (x86)\shrug\shrug.exe
FirewallRules: [UDP Query User{265D6992-1D64-4A0B-B670-33500E701F48}C:\program files (x86)\shrug\shrug.exe] => (Allow) C:\program files (x86)\shrug\shrug.exe
FirewallRules: [TCP Query User{5D0083BD-EBAF-4A8D-932B-EA624189F150}C:\users\owner\desktop\shrug\shrug\shrug v1_3.exe] => (Allow) C:\users\owner\desktop\shrug\shrug\shrug v1_3.exe
FirewallRules: [UDP Query User{E1804C6D-5676-4787-90CE-CB188A8CC0F6}C:\users\owner\desktop\shrug\shrug\shrug v1_3.exe] => (Allow) C:\users\owner\desktop\shrug\shrug\shrug v1_3.exe
FirewallRules: [{D69694DF-D64B-4A2E-ACAA-87DA9029E721}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8FE19C9A-AE3C-4695-992B-5F70C88F193F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{8EE68CFC-660F-412A-94D8-9444BC9BE859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{4881028E-235D-4332-B9F8-B96FAFFB3E0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{73FB2F47-6AF8-4FDA-8953-92C792D78831}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{77CA5B78-92EB-4F4C-9B3E-EB5DE67CDED8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{9F642D9D-7816-4275-8627-3945D66246A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{B7836D00-702E-4979-9C94-644D77194507}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{0E1A6B5E-6C7E-4FDA-B3BF-27A2CA9AAAD1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2464077F-A11E-4474-AB75-4E8B3480BCBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA62F49C-1A5E-4CF5-BAE9-564DBABF0218}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{91FCBD3A-C5A2-4873-B782-878CD7796165}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{98C058DA-1697-48A0-A45E-4D7AD32B7E18}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{19F97D4A-CA44-4835-B024-48BEBEFD4839}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7D6D6AD5-6CFA-4C81-B81B-0942845AE094}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{09CD9B23-35E8-41AB-8DB1-3914F1971360}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FC997126-3A03-42D0-9151-FBEF99615573}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B2C284B0-D242-4386-8364-3F43301B2DCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5C3E2DAE-6F7F-4C29-A7D6-7CFC673D2A1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{6D9F2F38-A98F-4CBF-AB99-96BA6F75D922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{E9C42745-D47E-44D3-93A5-F5C3BE5F2431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{4F5DDD25-252D-45E7-975C-0419C4A62549}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{5B61796B-FC8E-45E6-9BB9-BF3AB47755E3}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{812BF7FD-F57F-48B7-82CB-CB50BB1E8881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{2F955435-6ABD-482A-A029-ED3EFA44F8CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{C6219CAE-6AE1-45F0-802D-058AE1EECA4B}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{41F32EA7-B268-4646-ACB4-DB5CFF0B28B8}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{68C0DB47-0C20-41A4-A327-104716F3D961}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{739836F1-F497-4771-9EC1-3D835104E475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [TCP Query User{71789992-5665-499E-9AAC-BC8413D0E413}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{CA06A61F-9EBF-460C-B109-621B1D07140E}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{B6C99FD2-B9DC-42ED-B2CD-59A617FB7877}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{5334D4A7-DA2B-449E-8EEF-2A946C0A7F0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{E6A5C1F4-0EA2-44A1-9267-44A15C3D38AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{9BB7C322-419E-4F16-B69F-A8137A5D70A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{F36DB541-1623-4D8A-B2B2-E3D23AE0ABAC}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{9110BED0-BEDA-4597-91F7-D1B73B9D4B40}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [{4B5DEAD3-A310-4DF1-A9F9-86D0C0E53E27}] => (Allow) C:\Users\owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF84AFDC-56DE-4878-AFAA-3DD4F84A100D}] => (Allow) C:\Users\owner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AD907BE2-BD1C-41F9-A0BB-392AFF15F362}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{67611264-5FE6-4FAF-9079-6CC275B5A56E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{B14B337C-D490-46A4-A254-E331FDAE17C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{17911B77-21D8-4E9E-99B9-AFF5282BE0B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{3187DC0D-E206-4199-87DF-47CAFB68D662}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{8EA4839E-CB62-4B64-9215-C367F4F2BE55}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{02E0D0C5-9B96-4F30-A28C-AA15C1AB1432}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{A537CD50-109E-4CC3-A74B-250F1C1F7C8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{0CF8763B-45B9-46EA-87B2-D2FA19A46206}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{606954E3-41E7-494A-8A4D-C45E1BB2FCE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{3012F079-99A9-4B93-B782-B61EB6C4762C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{E8FB08D5-3238-48F7-A40D-B05CB1D69B6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{FB3531F4-55EB-4F71-8B34-2B56004C65B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{48E23DC5-12E4-409C-822D-3095FD9D79D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{9199550A-2159-4CB0-8168-8F051291B17A}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{88465585-0881-4A32-850C-B0032A5C07BF}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{A1FFB05F-2999-4266-967D-BA318D20E3AB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{79D3A895-7368-40DC-842F-400C23783B92}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6FBE2EBD-C1AB-46DD-85C9-080423A39A61}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{651D3F72-8F7B-47C6-9BA9-59942E6A4D8F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{778230E1-DBCC-41C9-9396-DE56D0A205B1}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2C10D2F9-E8EE-48FE-B352-0F48EFD96B9B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{847B00B3-1DA1-4406-B1F1-788EEE9E530F}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{A9D06D24-D1BA-43E3-B1D3-9D57A8EE877F}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{07CFE3E2-FFC3-49E2-A14B-220955BE684D}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CA159EA2-F13F-492C-8F1A-3F183711FBE3}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7875E5BB-8853-4EEF-9559-CA08E2E06B93}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B80D711C-4760-43C4-9819-5BE0520A2087}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E8ABD130-ED25-4283-AD73-961B3CD9AC0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{F754448A-7EFD-4987-8449-FDA367950B93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{69805119-E8EE-4622-9AAA-6C3519255E64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{583F60E5-41AE-4F93-AF4A-116D13D3A5D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{819E8FED-ABBE-4F05-B713-8E54F26815C9}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{E76FAEFA-4469-487F-966D-75317F54CB20}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{2C859091-F6C9-4C53-8129-871BBF5DE3AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{9E5601B6-DC60-4142-A04E-FECE3A267E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [TCP Query User{A73DACA5-5FCA-4CA4-A2F6-D52952671629}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{BC956158-5E98-46C9-9AEF-3A5A8D951654}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{DC15E616-9C45-4645-AE4D-5BD029CBAE56}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{71A86ACD-0CAD-432E-8085-69A23FCF15D8}C:\program files\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{56AE9A20-2174-4917-A0AC-1C9C9C2D86E6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe
FirewallRules: [{D3618FBA-2F12-4E04-836A-B9208888B854}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe
FirewallRules: [{445D7EF6-F015-436C-9301-E60055F0C322}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe
FirewallRules: [{9680DADC-0E3E-457E-9EA4-2ECDD403718D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe
FirewallRules: [{223BFEFA-384E-4D13-A9D5-509438733E3F}] => (Allow) LPort=5357
FirewallRules: [{FACA2341-20FE-4619-9E37-0D0B8BDA3FF6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{60153B7F-E599-4358-993C-DFDA59BF578A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{369CAB3A-B20B-4C4F-920F-2F008BBBAD26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{294A5EED-E1F7-4926-AC7A-2B335DB628D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{198826D5-F86F-415D-A66D-B59847A50E75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6B8CCF76-4641-4A3C-8A3A-496072922CD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{DCE9F645-D949-40BE-B95C-30F0FF3A768C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{321BE923-CC21-4631-8887-707F3E13EF34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F6137DEA-66FD-44BA-BCBD-0B94629BB339}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B5CED213-500B-4B90-B896-C8B716FB4B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A65E2754-D532-4279-A522-838373495392}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8EA43C09-DE17-46D6-AAA2-0E5B1A77B47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{02D285E7-F633-496C-A779-C4B49A93A42D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{1E6BC8B8-EED1-4F06-BBE0-56BF4841CF5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{978F608B-E318-4DCF-85C0-949A4B0A0EE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{96D09462-5034-4073-885D-C74130485EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fingerbones\Fingerbones.exe
FirewallRules: [{5834133E-70D8-4FC8-A32A-BB5767CF3F09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fingerbones\Fingerbones.exe
FirewallRules: [{CBE26458-8A30-41DF-AAA1-CA8621881C33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DD6C5C4E-9C00-44EE-8E6E-64EDB8012671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{85895A7C-4EE6-48BE-83D7-692D0E9E24F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 6830
Description: Officejet Pro 6830
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (08/14/2015 03:51:16 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=3600}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (08/14/2015 03:51:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 03:50:34 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: System restore ended unexpectedly because of power loss or a program error. Additional information: (avast! antivirus system restore point).


System errors:
=============
Error: (08/14/2015 03:51:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/14/2015 03:51:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1053

Error: (08/14/2015 03:51:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

Error: (08/14/2015 03:51:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/14/2015 03:51:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473536.

Error: (08/14/2015 03:50:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/14/2015 03:49:28 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 106) (User: NT AUTHORITY)
Description: Corruption was detected in the log for the Microsoft-Windows-Windows Defender/WHC channel and some data was erased.

Error: (08/13/2015 03:23:07 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \\?\Volume{4212cd5a-dd83-11e4-92a4-806e6f6e6963}.

Error: (08/13/2015 03:23:01 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (08/12/2015 09:47:40 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.


Microsoft Office:
=========================
Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4400

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/14/2015 03:51:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
Search.TripoliIndexer

Error: (08/14/2015 03:51:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (08/14/2015 03:51:16 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)
3600

Error: (08/14/2015 03:51:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 03:50:34 PM) (Source: System Restore) (EventID: 8204) (User: )
Description: avast! antivirus system restore point


==================== Memory info ===========================

Processor: AMD FX™-4100 Quad-Core Processor
Percentage of memory in use: 55%
Total physical RAM: 4078.12 MB
Available physical RAM: 1805.7 MB
Total Virtual: 8154.44 MB
Available Virtual: 5594.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:458.32 GB) NTFS
Drive d: (P-TARAFDAR) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7154C22A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of log ============================






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users