Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with .scr & not sure if safe :(


  • This topic is locked This topic is locked
17 replies to this topic

#1 Kyle_1995

Kyle_1995

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 27 August 2015 - 09:52 AM

Hi,

 

I recently was infected by .scr virus from csgolounge, where a user posted a link to a knife "screenshot". I then clicked on the link assuming it was safe and it downloaded a .scr & ran it. It then started to control my mouse and attempted to access my gmail accounts for steam, to trade off my skins. Luckily my gmail was protected and stopped the person (russian ofc) from accessing my account. It did however get my passwords (quickly changed) and managed to send a trade offer to another account. However I had steam email confirmation security so nothing was taken. Here are the steps I took:

 

1. Deleted the .scr file

2. Changed passwords

3. Restarted (was still active, moving my mouse, typing etc.)

5. Turned my computer off, turned off my internet connection.

6. Restarted (without internet), no sign of it being active.

7. Ran antivirus (windows defender, full scan, didn't find anything)

9. Did a system restore

 

Even after these steps I'm still unsure whether i'm totally safe. It had a keylogger so i don't want to type any passwords etc. I don't know if it has infected any registry stuff or whether it is still present (defender didn't find anything).

 

Can anybody help me?

 

BTW I live in Australia (UTC/GMT +9:30), so I might be quite late with replies (1am here atm) etc. 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-08-2015
Ran by Kyle (administrator) on BELLABOO (27-08-2015 23:57:36)
Running from C:\Users\Kyle\Downloads
Loaded Profiles: Kyle (Available Profiles: Kyle)
Platform: Windows 8.1 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Valve Corporation) D:\Steam\Steam.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\Kyle\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-20] (Valve Corporation)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3730192 2014-12-09] (Disc Soft Ltd)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Spotify] => C:\Users\Kyle\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-19] (Spotify Ltd)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Dropbox Update] => C:\Users\Kyle\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-19] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-02-16]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2015-03-03]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kyle\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-19] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 61.9.226.33 61.9.226.1
Tcpip\..\Interfaces\{ECCBA195-B742-4320-94E2-E14265FDEDBD}: [DhcpNameServer] 61.9.226.33 61.9.226.1
 
FireFox:
========
FF ProfilePath: C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default
FF Homepage: hxxps://accounts.google.com/ServiceLogin?service=youtube&uilel=3&hl=en&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Ffeature%3Dsign_in_button%26hl%3Den%26action_handle_signin%3Dtrue%26next%3D%252F%26app%3Ddesktop&passive=true
hxxps://www.facebook.com/?stype=lo&jlou=AfeLScKDWgejVocDqn_VG7Y82-EtAN4vyZGpRUfaaYG7G9zR6qOP5QjDSwRRZyOdzDqXUwumN6BtWC4kDvhCd40LFRA7AG9u9-9EL2w_G16kFA&smuh=4120&lh=Ac_qEzlbyYso9KpUeh0
hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxps://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Stylish - C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-02-20]
FF Extension: Adblock Plus - C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-13]
 
Chrome: 
=======
CHR Profile: C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Google Docs) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Google Drive) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-06]
CHR Extension: (YouTube) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-06]
CHR Extension: (Google Search) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-06]
CHR Extension: (Google Sheets) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Stylish) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-08-20]
CHR Extension: (LoungeDestroyer) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-08-25]
CHR Extension: (AdBlock) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR Extension: (Gmail) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-02-13] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2015-02-13] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2015-02-13] (ASUSTeK Computer Inc.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2014-12-09] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2015-02-13] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2015-02-13] (MCCI Corporation)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-02-26] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47944 2015-08-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-11] (Razer, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R4 IOMap; \??\C:\WINDOWS\system32\drivers\IOMap64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-27 23:57 - 2015-08-27 23:59 - 00025132 _____ C:\Users\Kyle\Downloads\FRST.txt
2015-08-27 23:57 - 2015-08-27 23:57 - 02186752 _____ (Farbar) C:\Users\Kyle\Downloads\FRST64.exe
2015-08-27 23:57 - 2015-08-27 23:57 - 00000000 ____D C:\FRST
2015-08-27 21:37 - 2015-08-27 21:37 - 00000000 ____D C:\Users\Kyle\AppData\Local\NetSupport
2015-08-27 21:29 - 2015-08-27 21:29 - 00000830 _____ C:\ProgramData\moon.txt
2015-08-25 01:04 - 2015-08-25 01:04 - 00000000 ____D C:\Users\Kyle\.swt
2015-08-22 02:15 - 2015-08-27 23:01 - 00000000 ____D C:\BOSS
2015-08-22 01:01 - 2015-08-27 23:01 - 00000000 ____D C:\Users\Kyle\Downloads\FNV
2015-08-22 00:49 - 2015-08-22 18:54 - 00000000 ____D C:\Users\Kyle\Documents\Nexus Mod Manager
2015-08-21 00:43 - 2015-08-21 00:45 - 00000000 ____D C:\Users\Kyle\Documents\NetBeansProjects
2015-08-20 22:38 - 2015-08-27 23:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-20 22:38 - 2015-07-03 13:58 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-20 22:38 - 2015-07-03 13:58 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-20 22:17 - 2015-08-20 22:17 - 00001533 _____ C:\Users\Kyle\Desktop\StarCraft II.lnk
2015-08-20 14:23 - 2015-08-20 14:23 - 00000000 ____D C:\Users\Kyle\AppData\Local\GWX
2015-08-20 01:32 - 2015-08-27 18:31 - 00000043 _____ C:\Users\Kyle\jagex_cl_oldschool_LIVE.dat
2015-08-20 01:32 - 2015-08-20 01:42 - 00000024 ____R C:\Users\Kyle\random.dat
2015-08-20 01:31 - 2015-08-27 23:01 - 00000000 ____D C:\Users\Kyle\OSBuddy
2015-08-20 01:12 - 2015-08-22 00:49 - 00000000 ____D C:\Users\Kyle\AppData\Local\Black_Tree_Gaming
2015-08-20 01:11 - 2015-08-20 01:11 - 06173272 _____ (Black Tree Gaming ) C:\Users\Kyle\Downloads\Nexus Mod Manager-0.56.1.exe
2015-08-20 01:11 - 2015-08-20 01:11 - 00000600 _____ C:\Users\Kyle\AppData\Roaming\winscp.rnd
2015-08-20 01:02 - 2015-08-22 13:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\FalloutNV
2015-08-20 00:32 - 2015-08-27 23:01 - 00000000 ____D C:\Program Files (x86)\Fallout New Vegas
2015-08-20 00:24 - 2015-08-20 00:24 - 00000000 ____D C:\Users\Kyle\AppData\Local\2K Games
2015-08-20 00:23 - 2015-08-20 00:23 - 00002128 _____ C:\Users\Public\Desktop\Mafia II.lnk
2015-08-20 00:23 - 2015-08-20 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2015-08-20 00:22 - 2015-08-20 00:22 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-08-20 00:21 - 2015-08-20 00:22 - 00264293 _____ C:\Users\Kyle\Downloads\OSBuddy.jar
2015-08-20 00:20 - 2015-08-20 00:20 - 00000080 _____ C:\Users\Kyle\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-20 00:19 - 2015-08-20 00:19 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-08-20 00:19 - 2015-08-20 00:19 - 00000998 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-08-20 00:19 - 2015-08-20 00:19 - 00000000 ____D C:\Program Files (x86)\WinSCP
2015-08-20 00:16 - 2015-08-20 00:16 - 00002044 _____ C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-14 15:28 - 05861512 _____ (Martin Prikryl ) C:\Users\Kyle\Downloads\winscp575setup.exe
2015-08-20 00:16 - 2015-08-04 20:23 - 22660464 _____ (Microsoft Corporation) C:\Users\Kyle\Downloads\LifeCam3.60.exe
2015-08-20 00:14 - 2015-08-20 23:00 - 00000000 ____D C:\Users\Kyle\Documents\StarCraft II
2015-08-20 00:14 - 2015-08-20 00:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\Blizzard Entertainment
2015-08-20 00:13 - 2015-08-27 23:01 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Battle.net
2015-08-20 00:13 - 2015-08-26 22:04 - 00000000 ____D C:\Users\Kyle\AppData\Local\Battle.net
2015-08-20 00:13 - 2015-08-20 00:14 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-08-20 00:13 - 2015-08-20 00:13 - 00001163 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-08-20 00:13 - 2015-08-20 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-20 00:13 - 2015-08-20 00:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-20 00:11 - 2015-08-20 00:11 - 00000000 ____D C:\ProgramData\Battle.net
2015-08-20 00:10 - 2015-08-20 01:32 - 00000000 ____D C:\Users\Kyle\jagexcache
2015-08-20 00:09 - 2015-08-20 00:11 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-08-19 23:59 - 2015-08-11 10:50 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 23:59 - 2015-08-11 09:50 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 23:47 - 2015-08-19 23:47 - 00000000 ____D C:\Users\Kyle\AppData\Local\CEF
2015-08-19 23:34 - 2015-08-19 23:34 - 00000941 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-19 23:34 - 2015-08-19 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-19 23:34 - 2015-08-19 23:34 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-19 23:34 - 2015-08-14 11:20 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-19 23:34 - 2015-08-14 11:20 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-19 23:31 - 2015-07-30 23:34 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 23:31 - 2015-07-30 23:18 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 23:24 - 2015-08-19 23:24 - 00002080 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-08-19 23:24 - 2015-08-07 09:34 - 00572024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-19 23:12 - 2015-08-19 23:13 - 00000000 ____D C:\Users\Kyle\Downloads\Intel_Chipset_Win7-8-8-1_V100160
2015-08-19 23:11 - 2015-08-19 23:11 - 00000000 ____D C:\Users\Kyle\Documents\ahk
2015-08-19 22:53 - 2015-08-20 21:42 - 00003404 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-08-19 22:44 - 2015-07-17 06:06 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-19 22:44 - 2015-07-17 06:06 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-19 22:44 - 2015-07-17 06:05 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-19 22:44 - 2015-07-17 05:56 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-19 22:44 - 2015-07-17 05:53 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-19 22:44 - 2015-07-17 05:51 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-19 22:44 - 2015-07-17 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-19 22:44 - 2015-07-17 05:21 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-19 22:44 - 2015-07-17 05:20 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-19 22:44 - 2015-07-17 05:15 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 22:44 - 2015-07-17 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-19 22:44 - 2015-07-17 05:11 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-19 22:44 - 2015-07-17 05:09 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-19 22:44 - 2015-07-17 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-19 22:44 - 2015-07-17 05:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-19 22:44 - 2015-07-17 05:04 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-19 22:44 - 2015-07-17 05:02 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-19 22:44 - 2015-07-17 04:44 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-19 22:44 - 2015-07-17 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-19 22:44 - 2015-07-17 04:42 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-19 22:44 - 2015-07-17 04:42 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-19 22:44 - 2015-07-17 04:40 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-19 22:44 - 2015-07-17 04:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-19 22:44 - 2015-07-17 04:31 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-19 22:44 - 2015-07-17 04:22 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-19 22:44 - 2015-07-17 04:19 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-19 22:44 - 2015-07-17 04:12 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-19 22:44 - 2015-07-17 04:08 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-19 22:44 - 2015-07-17 04:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-19 22:44 - 2015-06-16 08:08 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-19 22:44 - 2015-06-16 07:32 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-19 22:44 - 2015-06-16 07:28 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-19 22:44 - 2015-06-16 07:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-19 22:44 - 2015-06-16 07:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-19 22:44 - 2015-06-16 06:43 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-19 22:44 - 2015-06-16 06:17 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-19 22:44 - 2015-06-16 06:14 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-19 22:44 - 2015-06-16 06:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-19 22:44 - 2015-06-16 06:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-19 22:44 - 2015-06-16 06:11 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-19 22:44 - 2015-06-16 06:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-19 22:44 - 2015-06-16 06:00 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-19 22:44 - 2015-06-16 06:00 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-19 22:44 - 2015-05-23 12:34 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-19 22:44 - 2015-05-23 04:17 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-19 22:44 - 2015-05-23 03:38 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-08-19 22:44 - 2015-04-22 01:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-19 22:44 - 2015-04-22 01:19 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-08-19 22:42 - 2015-08-19 22:46 - 00000000 ____D C:\ProgramData\Gyazo
2015-08-19 22:41 - 2015-07-14 12:57 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-19 22:40 - 2015-08-19 23:00 - 00004968 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BELLABOO-Kyle Bellaboo
2015-08-19 22:39 - 2015-08-27 23:01 - 00005944 _____ C:\WINDOWS\setupact.log
2015-08-19 22:39 - 2015-08-19 22:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 22:39 - 2015-06-13 02:33 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 22:39 - 2015-06-13 02:06 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 22:39 - 2015-05-01 10:43 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-08-19 22:39 - 2015-05-01 10:43 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-19 22:39 - 2015-05-01 10:43 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-08-19 22:38 - 2015-07-22 23:49 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-19 22:38 - 2015-07-22 23:22 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-19 22:38 - 2015-07-19 11:28 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-19 22:38 - 2015-07-19 04:21 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-19 22:38 - 2015-07-19 03:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-19 22:38 - 2015-07-19 03:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-19 22:38 - 2015-07-19 03:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-19 22:38 - 2015-07-19 03:58 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-19 22:38 - 2015-07-19 03:42 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-19 22:38 - 2015-07-19 03:40 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-19 22:38 - 2015-07-19 03:39 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-19 22:38 - 2015-07-17 23:45 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-19 22:38 - 2015-07-17 23:40 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-19 22:38 - 2015-07-10 04:10 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-19 22:38 - 2015-06-27 12:38 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-19 22:38 - 2015-06-27 12:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-19 22:38 - 2015-06-27 11:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-19 22:38 - 2015-05-08 03:20 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-19 22:38 - 2015-05-08 02:30 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-19 22:38 - 2015-05-08 02:23 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-19 22:38 - 2015-05-08 01:42 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-19 22:37 - 2015-07-29 08:54 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-19 22:37 - 2015-07-28 23:54 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-19 22:37 - 2015-06-27 08:51 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-19 22:37 - 2015-05-21 22:38 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-19 22:36 - 2015-07-30 00:07 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-19 22:36 - 2015-07-30 00:00 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-19 22:36 - 2015-07-29 23:53 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-19 22:36 - 2015-07-25 04:27 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-19 22:36 - 2015-07-25 04:27 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-19 22:36 - 2015-07-25 04:22 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-19 22:36 - 2015-07-25 02:57 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-19 22:36 - 2015-07-25 02:53 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-19 22:36 - 2015-07-16 09:59 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-19 22:36 - 2015-07-16 09:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-19 22:36 - 2015-07-16 09:59 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-19 22:36 - 2015-07-16 09:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-19 22:36 - 2015-07-14 05:16 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-19 22:36 - 2015-07-14 05:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-19 22:36 - 2015-07-14 04:40 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-19 22:36 - 2015-07-11 03:24 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-19 22:36 - 2015-07-10 01:44 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-19 22:36 - 2015-07-07 19:10 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-19 22:36 - 2015-07-07 19:10 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-19 22:36 - 2015-07-07 19:10 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-19 22:36 - 2015-07-04 07:21 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-19 22:36 - 2015-07-03 23:30 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-19 22:36 - 2015-06-28 14:37 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-19 22:36 - 2015-06-28 14:37 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-19 22:36 - 2015-06-28 14:36 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-19 22:36 - 2015-06-28 14:36 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-19 22:36 - 2015-06-28 02:12 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-19 22:36 - 2015-06-27 21:17 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-19 22:36 - 2015-06-27 12:43 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-19 22:36 - 2015-06-27 12:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-19 22:36 - 2015-06-27 12:42 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-19 22:36 - 2015-06-27 12:10 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-19 22:36 - 2015-06-27 11:35 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-19 22:36 - 2015-06-27 11:30 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-19 22:36 - 2015-06-27 11:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-19 22:36 - 2015-06-27 10:56 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-19 22:36 - 2015-06-20 02:37 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-19 22:36 - 2015-03-30 15:17 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-19 22:35 - 2015-07-15 07:29 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-19 22:35 - 2015-07-15 07:29 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-19 22:35 - 2015-07-15 07:29 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-19 22:35 - 2015-07-14 12:52 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-19 22:35 - 2015-07-14 12:51 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-19 22:35 - 2015-07-11 03:49 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-19 22:35 - 2015-07-11 03:12 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-19 22:35 - 2015-07-11 02:44 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-19 22:35 - 2015-07-11 02:43 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-19 22:35 - 2015-07-11 02:17 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-19 22:35 - 2015-07-11 02:01 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-19 22:35 - 2015-07-10 02:43 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-19 22:35 - 2015-07-10 02:43 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-19 22:35 - 2015-07-10 02:00 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-19 22:35 - 2015-07-02 07:49 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-19 22:35 - 2015-07-02 07:46 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-19 22:35 - 2015-07-02 07:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-19 22:35 - 2015-07-02 07:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-19 22:35 - 2015-06-16 15:06 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-19 22:35 - 2015-06-16 15:06 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-19 22:35 - 2015-06-16 08:11 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-19 22:35 - 2015-06-16 07:54 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-19 22:35 - 2015-06-16 06:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-19 22:35 - 2015-06-16 06:39 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-19 22:35 - 2015-06-16 06:20 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-19 22:35 - 2015-06-16 05:27 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-19 22:35 - 2015-06-12 05:42 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-19 22:35 - 2015-06-12 05:42 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-19 22:35 - 2015-05-31 06:48 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-19 22:35 - 2015-05-31 05:06 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-19 22:35 - 2015-05-31 05:05 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-19 22:35 - 2015-05-12 22:49 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-19 22:35 - 2015-05-12 02:04 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-19 22:35 - 2015-05-08 02:17 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-19 22:35 - 2015-05-08 00:51 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-19 22:35 - 2015-05-08 00:35 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-19 22:35 - 2015-05-04 00:39 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 22:35 - 2015-05-04 00:37 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-19 22:35 - 2015-05-04 00:28 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 22:35 - 2015-05-04 00:27 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-19 22:35 - 2015-05-04 00:25 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-19 22:35 - 2015-05-04 00:19 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-19 22:35 - 2015-05-01 08:35 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-08-19 22:35 - 2015-05-01 08:18 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-08-19 22:35 - 2015-04-30 08:52 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-19 22:35 - 2015-04-28 22:43 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-19 22:35 - 2015-04-28 22:43 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-19 22:35 - 2015-04-25 12:04 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-08-19 22:35 - 2015-04-25 12:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-19 22:35 - 2015-04-25 11:55 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-19 22:35 - 2015-04-24 01:17 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-19 22:35 - 2015-04-24 00:46 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-19 22:35 - 2015-04-16 15:47 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-19 22:35 - 2015-04-14 08:07 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-19 22:35 - 2015-04-14 08:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-19 22:35 - 2015-04-10 10:10 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 22:35 - 2015-04-10 10:04 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-19 22:35 - 2015-04-10 09:47 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 22:35 - 2015-04-10 09:41 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-19 22:35 - 2015-04-09 08:25 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-08-19 22:35 - 2015-04-09 08:11 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-19 22:35 - 2015-04-03 10:05 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-19 22:35 - 2015-04-03 09:44 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-19 22:35 - 2015-04-02 07:52 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-19 22:35 - 2015-04-02 07:50 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-19 22:35 - 2015-04-01 13:51 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 22:35 - 2015-04-01 13:48 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-08-19 22:35 - 2015-04-01 13:47 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-08-19 22:35 - 2015-04-01 13:38 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-08-19 22:35 - 2015-04-01 13:16 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-19 22:35 - 2015-04-01 13:15 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-19 22:35 - 2015-04-01 12:47 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-19 22:35 - 2015-04-01 12:47 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-19 22:35 - 2015-04-01 12:23 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-08-19 22:35 - 2015-04-01 12:23 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 22:35 - 2015-04-01 12:15 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 22:35 - 2015-04-01 12:15 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-08-19 22:35 - 2015-04-01 12:01 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-19 22:35 - 2015-04-01 11:44 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 22:35 - 2015-04-01 11:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-19 22:35 - 2015-03-20 13:19 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-19 22:35 - 2015-03-20 12:38 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-19 22:35 - 2015-03-20 12:07 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-19 22:35 - 2015-03-20 11:37 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-19 22:35 - 2015-03-20 11:26 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-19 22:35 - 2015-03-18 02:56 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-19 22:35 - 2015-03-13 13:33 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-08-19 22:35 - 2015-03-13 13:33 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-08-19 22:35 - 2015-03-13 11:32 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-19 22:35 - 2015-03-13 10:41 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-19 22:35 - 2015-03-13 10:09 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-19 22:35 - 2015-03-11 11:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-08-19 22:35 - 2015-03-11 10:39 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-08-19 22:35 - 2015-03-09 11:32 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2015-08-19 22:35 - 2015-03-09 11:32 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-19 22:35 - 2015-03-06 12:17 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-19 22:35 - 2015-03-04 11:02 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-19 22:35 - 2015-03-04 10:42 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-19 22:35 - 2015-03-02 11:13 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-19 22:35 - 2015-03-02 10:51 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-19 22:35 - 2015-02-18 08:49 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-08-19 22:34 - 2015-03-06 12:38 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-19 22:34 - 2015-03-06 12:13 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-19 22:33 - 2015-08-27 23:38 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001UA.job
2015-08-19 22:33 - 2015-08-20 22:38 - 00000880 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001Core.job
2015-08-19 22:33 - 2015-08-19 22:33 - 00003876 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001UA
2015-08-19 22:33 - 2015-08-19 22:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001Core
2015-08-19 22:33 - 2015-08-19 22:33 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-19 22:33 - 2015-08-19 22:33 - 00000000 ____D C:\Users\Kyle\AppData\Local\Dropbox
2015-08-19 22:33 - 2015-08-19 22:33 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-14 06:19 - 2015-08-14 06:19 - 01730328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-08-14 06:19 - 2015-08-14 06:19 - 00201432 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzudd.sys
2015-08-14 06:19 - 2015-08-14 06:19 - 00050392 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzendpt.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 42740536 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 37757584 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 30497920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 22960768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 16160424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 15902640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 15139256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 14512608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 13277448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 12885072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 11845224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 11063440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 03019128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 02942280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 02609480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01906832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435382.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01577808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01568056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435382.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01566536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01110768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01071416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01063040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00991888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00985232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00948832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00887544 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00513840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00417096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00415840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00372880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00213360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 00185632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00164192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00160896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00137424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00127616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00048992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00047944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-27 23:52 - 2015-02-13 20:21 - 00000000 ___DO C:\Users\Kyle\OneDrive
2015-08-27 23:50 - 2015-02-14 06:39 - 01897457 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-27 23:50 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-27 23:48 - 2015-02-13 20:30 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15200E30-DA4B-4A85-9FB0-2BB616968CC2}
2015-08-27 23:37 - 2015-02-16 15:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-27 23:30 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-27 23:27 - 2015-04-06 17:02 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-27 23:25 - 2015-02-13 20:27 - 00000000 ____D C:\Users\Kyle\Documents\Work
2015-08-27 23:12 - 2015-02-13 20:26 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1325000466-3342817125-3708368534-1001
2015-08-27 23:07 - 2014-03-19 00:55 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-27 23:02 - 2015-04-06 17:02 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-27 23:02 - 2015-02-13 20:35 - 00000000 ____D C:\Users\Kyle\AppData\Local\Spotify
2015-08-27 23:02 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle
2015-08-27 23:01 - 2015-04-06 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-27 23:01 - 2015-04-03 22:21 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-27 23:01 - 2015-02-16 21:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-27 23:01 - 2015-02-13 20:38 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Azureus
2015-08-27 23:01 - 2015-02-13 20:27 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Spotify
2015-08-27 23:01 - 2013-08-23 00:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-27 23:00 - 2015-03-01 23:24 - 00000000 __RHD C:\MSOCache
2015-08-27 23:00 - 2015-02-14 17:51 - 00000000 ___RD C:\Users\Kyle\Dropbox
2015-08-27 23:00 - 2015-02-13 20:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-27 23:00 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle\AppData\Local\Packages
2015-08-27 23:00 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\registration
2015-08-27 18:14 - 2014-03-18 17:46 - 00029556 _____ C:\WINDOWS\PFRO.log
2015-08-21 13:54 - 2015-02-14 17:45 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Dropbox
2015-08-21 00:42 - 2015-02-13 21:39 - 00000000 ____D C:\Users\Kyle\Documents\My Games
2015-08-20 22:38 - 2015-02-14 06:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-20 21:42 - 2015-03-01 16:41 - 00003278 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-08-20 21:42 - 2015-03-01 16:41 - 00000000 ____D C:\Program Files (x86)\Gyazo
2015-08-20 18:05 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\rescache
2015-08-20 11:23 - 2015-02-13 21:45 - 00003094 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1325000466-3342817125-3708368534-1001
2015-08-20 01:48 - 2015-02-13 21:48 - 00184607 _____ C:\WINDOWS\DirectX.log
2015-08-20 00:21 - 2015-04-16 21:01 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-20 00:21 - 2015-04-16 21:00 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-20 00:01 - 2015-03-04 16:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-19 23:59 - 2013-08-23 00:50 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 23:33 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-19 23:33 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-19 23:33 - 2013-08-23 00:14 - 00503464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 23:33 - 2013-08-22 22:55 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-19 23:32 - 2015-04-03 22:21 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-19 23:32 - 2015-02-14 00:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-19 23:32 - 2015-02-14 00:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-19 23:32 - 2014-03-19 00:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-19 23:32 - 2013-08-22 23:06 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-19 23:30 - 2015-02-13 22:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-19 23:24 - 2015-02-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-19 23:22 - 2015-02-13 20:34 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\HpUpdate
2015-08-19 23:20 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle\AppData\Local\VirtualStore
2015-08-19 22:53 - 2015-02-16 15:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-19 22:32 - 2015-03-05 10:14 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-19 22:21 - 2015-04-06 17:02 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-19 22:21 - 2015-04-06 17:02 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-19 22:10 - 2015-05-12 11:16 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-11 01:08 - 2015-02-12 21:33 - 17625848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-11 01:08 - 2015-02-12 21:33 - 03417208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-10 23:43 - 2015-02-12 21:34 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-07 10:14 - 2015-03-01 23:05 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 06873904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 03492984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 10:14 - 2015-02-16 21:58 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-03 22:37 - 2015-02-16 21:58 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-07-28 10:59 - 2015-02-13 22:30 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Files in the root of some directories =======
 
2015-08-20 01:11 - 2015-08-20 01:11 - 0000600 _____ () C:\Users\Kyle\AppData\Roaming\winscp.rnd
2015-02-13 20:32 - 2015-02-13 20:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-14 06:39 - 2015-02-14 06:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-27 21:29 - 2015-08-27 21:29 - 0000830 _____ () C:\ProgramData\moon.txt
 
Some files in TEMP:
====================
C:\Users\Kyle\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqc_s4q.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-26 12:44
 
==================== End of FRST.txt ============================

Edited by Kyle_1995, 27 August 2015 - 10:22 AM.


BC AdBot (Login to Remove)

 


m

#2 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 27 August 2015 - 09:53 AM

Addition.txt attached.

Attached Files


Edited by Kyle_1995, 28 August 2015 - 01:16 AM.


#3 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 31 August 2015 - 07:05 AM

Hey, :)

 

STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is selected and click Start Scan.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
  •  

STEP 2
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3

BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab, and click Cleaning
  • Follow the prompts and allow your computer to reboot
  • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S1].txt.

 
======================================================

STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM log
  • JRT.txt
  • AdwCleaner[C1].txt

Edited by Machiavelli, 31 August 2015 - 07:05 AM.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#4 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 31 August 2015 - 10:41 PM

MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/9/2015
Scan Time: 12:51 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.01.01
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Kyle
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 395061
Time Elapsed: 7 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 Pro x64
Ran by Kyle on Tue 01/09/2015 at 13:08:54.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\Kyle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Kyle\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Kyle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Kyle\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/09/2015 at 13:10:04.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
AdwCleaner:
# AdwCleaner v5.005 - Logfile created 01/09/2015 at 13:04:36
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Kyle - BELLABOO
# Running from : C:\Users\Kyle\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [621 bytes] ##########


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 01 September 2015 - 03:34 AM

I don't think that you have done this:

 

and click Cleaning.


~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 01 September 2015 - 03:45 AM

# AdwCleaner v5.005 - Logfile created 01/09/2015 at 18:13:29
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Kyle - BELLABOO
# Running from : C:\Users\Kyle\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [691 bytes] ##########


#7 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 01 September 2015 - 06:55 AM

Well done. :)
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#8 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 01 September 2015 - 07:31 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Kyle (administrator) on BELLABOO (01-09-2015 22:00:29)
Running from C:\Users\Kyle\Downloads
Loaded Profiles: Kyle (Available Profiles: Kyle)
Platform: Windows 8.1 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Valve Corporation) D:\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Kyle\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\Kyle\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Martin Prikryl) C:\Program Files (x86)\WinSCP\WinSCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-20] (Valve Corporation)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3730192 2014-12-09] (Disc Soft Ltd)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Dropbox Update] => C:\Users\Kyle\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-19] (Dropbox, Inc.)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Spotify Web Helper] => C:\Users\Kyle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-29] (Spotify Ltd)
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\...\Run: [Spotify] => C:\Users\Kyle\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-29] (Spotify Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kyle\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-02-16]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2015-03-03]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kyle\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 61.9.226.33 61.9.226.1
Tcpip\..\Interfaces\{ECCBA195-B742-4320-94E2-E14265FDEDBD}: [DhcpNameServer] 61.9.226.33 61.9.226.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1325000466-3342817125-3708368534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-19] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default
FF Homepage: hxxps://accounts.google.com/ServiceLogin?service=youtube&uilel=3&hl=en&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Ffeature%3Dsign_in_button%26hl%3Den%26action_handle_signin%3Dtrue%26next%3D%252F%26app%3Ddesktop&passive=true
hxxps://www.facebook.com/?stype=lo&jlou=AfeLScKDWgejVocDqn_VG7Y82-EtAN4vyZGpRUfaaYG7G9zR6qOP5QjDSwRRZyOdzDqXUwumN6BtWC4kDvhCd40LFRA7AG9u9-9EL2w_G16kFA&smuh=4120&lh=Ac_qEzlbyYso9KpUeh0
hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxps://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-19] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Stylish - C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-02-20]
FF Extension: Adblock Plus - C:\Users\Kyle\AppData\Roaming\Mozilla\Firefox\Profiles\46dkgyiu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-13]
 
Chrome: 
=======
CHR Profile: C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Google Docs) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Google Drive) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-06]
CHR Extension: (YouTube) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-06]
CHR Extension: (Google Search) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-06]
CHR Extension: (Google Sheets) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Stylish) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-08-20]
CHR Extension: (LoungeDestroyer) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-08-29]
CHR Extension: (AdBlock) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR Extension: (Gmail) - C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-02-13] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2015-02-13] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2015-02-13] (ASUSTeK Computer Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2014-12-09] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-02-13] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2015-02-13] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2015-02-13] (MCCI Corporation)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-02-26] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47944 2015-08-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-14] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-12-11] (Razer, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R4 IOMap; \??\C:\WINDOWS\system32\drivers\IOMap64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-01 22:00 - 2015-09-01 22:00 - 00025988 _____ C:\Users\Kyle\Downloads\FRST.txt
2015-09-01 22:00 - 2015-09-01 22:00 - 00000000 ____D C:\Users\Kyle\Downloads\FRST-OlderVersion
2015-09-01 13:39 - 2015-09-01 13:39 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 13:12 - 2015-09-01 13:12 - 00000728 _____ C:\Users\Kyle\Desktop\OSBuddy.jar.lnk
2015-09-01 13:10 - 2015-09-01 13:10 - 00001059 _____ C:\Users\Kyle\Downloads\JRT.txt
2015-09-01 13:04 - 2015-09-01 18:13 - 00000000 ____D C:\AdwCleaner
2015-09-01 13:04 - 2015-09-01 13:05 - 00000699 _____ C:\Users\Kyle\Downloads\AdwCleaner[S1].txt
2015-09-01 13:03 - 2015-09-01 13:04 - 01654272 _____ C:\Users\Kyle\Downloads\AdwCleaner.exe
2015-09-01 12:59 - 2015-09-01 13:00 - 00001037 _____ C:\Users\Kyle\Downloads\MBAM.txt
2015-09-01 12:53 - 2015-09-01 12:53 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Kyle\Downloads\JRT.exe
2015-08-29 17:59 - 2015-09-01 18:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\Spotify
2015-08-29 17:59 - 2015-08-29 17:59 - 00001811 _____ C:\Users\Kyle\Desktop\Spotify.lnk
2015-08-29 17:59 - 2015-08-29 17:59 - 00001797 _____ C:\Users\Kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-08-29 17:58 - 2015-09-01 21:59 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Spotify
2015-08-29 17:58 - 2015-08-29 17:58 - 00146080 _____ (Spotify Ltd) C:\Users\Kyle\Downloads\SpotifySetup.exe
2015-08-29 00:55 - 2015-08-29 00:55 - 00000905 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-08-29 00:55 - 2015-08-29 00:55 - 00000000 ____D C:\Games
2015-08-29 00:54 - 2015-08-29 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-08-29 00:54 - 2015-08-29 00:54 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-08-29 00:41 - 2015-08-29 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout New Vegas
2015-08-28 22:22 - 2015-08-28 22:22 - 00000600 _____ C:\Users\Kyle\AppData\Local\PUTTY.RND
2015-08-28 22:21 - 2015-08-28 22:21 - 00524288 _____ (Simon Tatham) C:\Users\Kyle\Downloads\putty.exe
2015-08-28 13:51 - 2015-09-01 12:51 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-28 13:51 - 2015-08-28 13:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Kyle\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-28 13:51 - 2015-08-28 13:51 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-28 13:51 - 2015-08-28 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-28 13:51 - 2015-08-28 13:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-28 13:51 - 2015-08-28 13:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-28 13:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-28 13:51 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-28 13:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-27 23:57 - 2015-09-01 22:00 - 02188800 _____ (Farbar) C:\Users\Kyle\Downloads\FRST64.exe
2015-08-27 23:57 - 2015-09-01 22:00 - 00000000 ____D C:\FRST
2015-08-27 21:37 - 2015-08-27 21:37 - 00000000 ____D C:\Users\Kyle\AppData\Local\NetSupport
2015-08-27 21:29 - 2015-08-27 21:29 - 00000830 _____ C:\ProgramData\moon.txt
2015-08-25 01:04 - 2015-08-25 01:04 - 00000000 ____D C:\Users\Kyle\.swt
2015-08-22 02:15 - 2015-08-27 23:01 - 00000000 ____D C:\BOSS
2015-08-22 01:01 - 2015-08-29 01:05 - 00000000 ____D C:\Users\Kyle\Downloads\FNV
2015-08-22 00:49 - 2015-08-22 18:54 - 00000000 ____D C:\Users\Kyle\Documents\Nexus Mod Manager
2015-08-21 00:43 - 2015-08-29 16:49 - 00000000 ____D C:\Users\Kyle\Documents\NetBeansProjects
2015-08-20 22:38 - 2015-08-27 23:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-20 22:38 - 2015-07-03 13:58 - 00065896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-20 22:38 - 2015-07-03 13:58 - 00047976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-20 22:17 - 2015-08-20 22:17 - 00001533 _____ C:\Users\Kyle\Desktop\StarCraft II.lnk
2015-08-20 14:23 - 2015-08-20 14:23 - 00000000 ____D C:\Users\Kyle\AppData\Local\GWX
2015-08-20 01:32 - 2015-09-01 13:12 - 00000043 _____ C:\Users\Kyle\jagex_cl_oldschool_LIVE.dat
2015-08-20 01:32 - 2015-08-20 01:42 - 00000024 ____R C:\Users\Kyle\random.dat
2015-08-20 01:31 - 2015-08-27 23:01 - 00000000 ____D C:\Users\Kyle\OSBuddy
2015-08-20 01:12 - 2015-08-29 00:55 - 00000000 ____D C:\Users\Kyle\AppData\Local\Black_Tree_Gaming
2015-08-20 01:11 - 2015-08-28 22:28 - 00000600 _____ C:\Users\Kyle\AppData\Roaming\winscp.rnd
2015-08-20 01:11 - 2015-08-20 01:11 - 06173272 _____ (Black Tree Gaming ) C:\Users\Kyle\Downloads\Nexus Mod Manager-0.56.1.exe
2015-08-20 01:02 - 2015-08-22 13:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\FalloutNV
2015-08-20 00:24 - 2015-08-20 00:24 - 00000000 ____D C:\Users\Kyle\AppData\Local\2K Games
2015-08-20 00:23 - 2015-08-20 00:23 - 00002128 _____ C:\Users\Public\Desktop\Mafia II.lnk
2015-08-20 00:23 - 2015-08-20 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2015-08-20 00:22 - 2015-08-20 00:22 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-08-20 00:21 - 2015-08-20 00:22 - 00264293 _____ C:\Users\Kyle\Downloads\OSBuddy.jar
2015-08-20 00:20 - 2015-08-31 22:42 - 00000080 _____ C:\Users\Kyle\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-08-20 00:19 - 2015-08-20 00:19 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-08-20 00:19 - 2015-08-20 00:19 - 00000998 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-08-20 00:19 - 2015-08-20 00:19 - 00000000 ____D C:\Program Files (x86)\WinSCP
2015-08-20 00:16 - 2015-08-20 00:16 - 00002044 _____ C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-20 00:16 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2015-08-20 00:16 - 2015-08-14 15:28 - 05861512 _____ (Martin Prikryl ) C:\Users\Kyle\Downloads\winscp575setup.exe
2015-08-20 00:16 - 2015-08-04 20:23 - 22660464 _____ (Microsoft Corporation) C:\Users\Kyle\Downloads\LifeCam3.60.exe
2015-08-20 00:14 - 2015-08-20 23:00 - 00000000 ____D C:\Users\Kyle\Documents\StarCraft II
2015-08-20 00:14 - 2015-08-20 00:14 - 00000000 ____D C:\Users\Kyle\AppData\Local\Blizzard Entertainment
2015-08-20 00:13 - 2015-08-27 23:01 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Battle.net
2015-08-20 00:13 - 2015-08-26 22:04 - 00000000 ____D C:\Users\Kyle\AppData\Local\Battle.net
2015-08-20 00:13 - 2015-08-20 00:14 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-08-20 00:13 - 2015-08-20 00:13 - 00001163 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-08-20 00:13 - 2015-08-20 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-20 00:13 - 2015-08-20 00:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-20 00:11 - 2015-08-20 00:11 - 00000000 ____D C:\ProgramData\Battle.net
2015-08-20 00:10 - 2015-08-20 01:32 - 00000000 ____D C:\Users\Kyle\jagexcache
2015-08-20 00:09 - 2015-08-20 00:11 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-08-19 23:59 - 2015-08-11 10:50 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 23:59 - 2015-08-11 09:50 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 23:47 - 2015-08-19 23:47 - 00000000 ____D C:\Users\Kyle\AppData\Local\CEF
2015-08-19 23:34 - 2015-08-19 23:34 - 00000941 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-19 23:34 - 2015-08-19 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-19 23:34 - 2015-08-19 23:34 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-19 23:34 - 2015-08-14 11:20 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-19 23:34 - 2015-08-14 11:20 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-19 23:31 - 2015-07-30 23:34 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 23:31 - 2015-07-30 23:18 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-19 23:24 - 2015-08-19 23:24 - 00002080 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-08-19 23:24 - 2015-08-07 09:34 - 00572024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-19 23:12 - 2015-08-19 23:13 - 00000000 ____D C:\Users\Kyle\Downloads\Intel_Chipset_Win7-8-8-1_V100160
2015-08-19 23:11 - 2015-08-19 23:11 - 00000000 ____D C:\Users\Kyle\Documents\ahk
2015-08-19 22:53 - 2015-08-20 21:42 - 00003404 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-08-19 22:44 - 2015-07-17 06:06 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-19 22:44 - 2015-07-17 06:06 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-19 22:44 - 2015-07-17 06:05 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-19 22:44 - 2015-07-17 05:56 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-19 22:44 - 2015-07-17 05:53 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-19 22:44 - 2015-07-17 05:51 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-19 22:44 - 2015-07-17 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-19 22:44 - 2015-07-17 05:21 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-19 22:44 - 2015-07-17 05:20 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-19 22:44 - 2015-07-17 05:15 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 22:44 - 2015-07-17 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-19 22:44 - 2015-07-17 05:11 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-19 22:44 - 2015-07-17 05:09 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-19 22:44 - 2015-07-17 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-19 22:44 - 2015-07-17 05:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-19 22:44 - 2015-07-17 05:04 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-19 22:44 - 2015-07-17 05:02 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-19 22:44 - 2015-07-17 04:44 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-19 22:44 - 2015-07-17 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-19 22:44 - 2015-07-17 04:42 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-19 22:44 - 2015-07-17 04:42 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-19 22:44 - 2015-07-17 04:40 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-19 22:44 - 2015-07-17 04:36 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-19 22:44 - 2015-07-17 04:31 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-19 22:44 - 2015-07-17 04:22 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-19 22:44 - 2015-07-17 04:19 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-19 22:44 - 2015-07-17 04:12 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-19 22:44 - 2015-07-17 04:08 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-19 22:44 - 2015-07-17 04:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-19 22:44 - 2015-06-16 08:08 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-19 22:44 - 2015-06-16 07:32 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-19 22:44 - 2015-06-16 07:28 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-08-19 22:44 - 2015-06-16 07:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-19 22:44 - 2015-06-16 07:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-19 22:44 - 2015-06-16 06:43 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-19 22:44 - 2015-06-16 06:17 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-19 22:44 - 2015-06-16 06:14 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-08-19 22:44 - 2015-06-16 06:13 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-19 22:44 - 2015-06-16 06:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-19 22:44 - 2015-06-16 06:11 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-19 22:44 - 2015-06-16 06:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-19 22:44 - 2015-06-16 06:00 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-19 22:44 - 2015-06-16 06:00 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-19 22:44 - 2015-05-23 12:34 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-19 22:44 - 2015-05-23 04:17 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-19 22:44 - 2015-05-23 03:38 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-08-19 22:44 - 2015-04-22 01:43 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-19 22:44 - 2015-04-22 01:19 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-08-19 22:42 - 2015-08-19 22:46 - 00000000 ____D C:\ProgramData\Gyazo
2015-08-19 22:41 - 2015-07-14 12:57 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-19 22:40 - 2015-08-19 23:00 - 00004968 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BELLABOO-Kyle Bellaboo
2015-08-19 22:39 - 2015-09-01 18:14 - 00006988 _____ C:\WINDOWS\setupact.log
2015-08-19 22:39 - 2015-08-19 22:39 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 22:39 - 2015-06-13 02:33 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 22:39 - 2015-06-13 02:06 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 22:39 - 2015-05-01 10:43 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-08-19 22:39 - 2015-05-01 10:43 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-19 22:39 - 2015-05-01 10:43 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-08-19 22:38 - 2015-07-22 23:49 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-19 22:38 - 2015-07-22 23:22 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-19 22:38 - 2015-07-19 11:28 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-19 22:38 - 2015-07-19 04:21 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-19 22:38 - 2015-07-19 04:01 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-19 22:38 - 2015-07-19 03:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-19 22:38 - 2015-07-19 03:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-19 22:38 - 2015-07-19 03:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-19 22:38 - 2015-07-19 03:58 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-19 22:38 - 2015-07-19 03:42 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-19 22:38 - 2015-07-19 03:40 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-19 22:38 - 2015-07-19 03:39 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-19 22:38 - 2015-07-17 23:45 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-19 22:38 - 2015-07-17 23:40 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-19 22:38 - 2015-07-10 04:10 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-08-19 22:38 - 2015-06-27 12:38 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-08-19 22:38 - 2015-06-27 12:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-08-19 22:38 - 2015-06-27 11:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-08-19 22:38 - 2015-05-08 03:20 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-19 22:38 - 2015-05-08 02:30 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-19 22:38 - 2015-05-08 02:23 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-19 22:38 - 2015-05-08 01:42 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-19 22:37 - 2015-07-29 08:54 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-19 22:37 - 2015-07-28 23:54 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-19 22:37 - 2015-07-28 23:54 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-19 22:37 - 2015-06-27 08:51 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-08-19 22:37 - 2015-05-21 22:38 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-08-19 22:36 - 2015-07-30 00:07 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-19 22:36 - 2015-07-30 00:00 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-19 22:36 - 2015-07-29 23:53 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-19 22:36 - 2015-07-25 04:27 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-19 22:36 - 2015-07-25 04:27 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-19 22:36 - 2015-07-25 04:22 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-19 22:36 - 2015-07-25 02:57 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-19 22:36 - 2015-07-25 02:53 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-19 22:36 - 2015-07-16 09:59 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-19 22:36 - 2015-07-16 09:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-19 22:36 - 2015-07-16 09:59 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-19 22:36 - 2015-07-16 09:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-19 22:36 - 2015-07-14 05:16 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-19 22:36 - 2015-07-14 05:15 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-19 22:36 - 2015-07-14 04:40 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-19 22:36 - 2015-07-11 03:24 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-19 22:36 - 2015-07-10 01:44 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-19 22:36 - 2015-07-07 19:10 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-19 22:36 - 2015-07-07 19:10 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-19 22:36 - 2015-07-07 19:10 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-19 22:36 - 2015-07-04 07:21 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-19 22:36 - 2015-07-03 23:30 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-19 22:36 - 2015-06-28 14:37 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-08-19 22:36 - 2015-06-28 14:37 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-08-19 22:36 - 2015-06-28 14:36 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-19 22:36 - 2015-06-28 14:36 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-08-19 22:36 - 2015-06-28 02:12 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-19 22:36 - 2015-06-27 21:17 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-19 22:36 - 2015-06-27 12:43 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-08-19 22:36 - 2015-06-27 12:42 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-08-19 22:36 - 2015-06-27 12:42 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-19 22:36 - 2015-06-27 12:10 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-08-19 22:36 - 2015-06-27 11:35 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-19 22:36 - 2015-06-27 11:30 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-08-19 22:36 - 2015-06-27 11:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-08-19 22:36 - 2015-06-27 10:56 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-08-19 22:36 - 2015-06-20 02:37 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-19 22:36 - 2015-03-30 15:17 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-19 22:35 - 2015-07-15 07:29 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-19 22:35 - 2015-07-15 07:29 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-19 22:35 - 2015-07-15 07:29 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-19 22:35 - 2015-07-14 12:52 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-19 22:35 - 2015-07-14 12:51 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-19 22:35 - 2015-07-11 03:49 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-19 22:35 - 2015-07-11 03:12 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-19 22:35 - 2015-07-11 02:44 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-19 22:35 - 2015-07-11 02:43 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-19 22:35 - 2015-07-11 02:17 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-19 22:35 - 2015-07-11 02:01 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-19 22:35 - 2015-07-10 02:43 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-19 22:35 - 2015-07-10 02:43 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-19 22:35 - 2015-07-10 02:00 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-19 22:35 - 2015-07-02 07:49 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-19 22:35 - 2015-07-02 07:46 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-19 22:35 - 2015-07-02 07:07 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-19 22:35 - 2015-07-02 07:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-19 22:35 - 2015-06-16 15:06 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-08-19 22:35 - 2015-06-16 15:06 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-08-19 22:35 - 2015-06-16 08:11 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-19 22:35 - 2015-06-16 07:54 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-19 22:35 - 2015-06-16 06:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-19 22:35 - 2015-06-16 06:39 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-19 22:35 - 2015-06-16 06:20 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-19 22:35 - 2015-06-16 05:27 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-19 22:35 - 2015-06-12 05:42 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-19 22:35 - 2015-06-12 05:42 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-19 22:35 - 2015-05-31 06:48 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-08-19 22:35 - 2015-05-31 05:06 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-19 22:35 - 2015-05-31 05:05 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-19 22:35 - 2015-05-12 22:49 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-08-19 22:35 - 2015-05-12 02:04 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-08-19 22:35 - 2015-05-08 02:17 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-08-19 22:35 - 2015-05-08 00:51 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-08-19 22:35 - 2015-05-08 00:35 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-08-19 22:35 - 2015-05-04 00:39 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 22:35 - 2015-05-04 00:37 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-19 22:35 - 2015-05-04 00:28 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 22:35 - 2015-05-04 00:27 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-19 22:35 - 2015-05-04 00:25 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-08-19 22:35 - 2015-05-04 00:19 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-08-19 22:35 - 2015-05-01 08:35 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-08-19 22:35 - 2015-05-01 08:18 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-08-19 22:35 - 2015-04-30 08:52 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-08-19 22:35 - 2015-04-28 22:43 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-08-19 22:35 - 2015-04-28 22:43 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-08-19 22:35 - 2015-04-25 12:04 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-08-19 22:35 - 2015-04-25 12:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-19 22:35 - 2015-04-25 11:55 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-08-19 22:35 - 2015-04-24 01:17 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-19 22:35 - 2015-04-24 00:46 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-19 22:35 - 2015-04-16 15:47 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-19 22:35 - 2015-04-14 08:07 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-08-19 22:35 - 2015-04-14 08:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-08-19 22:35 - 2015-04-10 10:10 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 22:35 - 2015-04-10 10:04 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-19 22:35 - 2015-04-10 09:47 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 22:35 - 2015-04-10 09:41 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-19 22:35 - 2015-04-09 08:25 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-08-19 22:35 - 2015-04-09 08:11 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-19 22:35 - 2015-04-03 10:05 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-08-19 22:35 - 2015-04-03 09:44 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-08-19 22:35 - 2015-04-02 07:52 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-19 22:35 - 2015-04-02 07:50 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-08-19 22:35 - 2015-04-01 13:51 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 22:35 - 2015-04-01 13:48 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-08-19 22:35 - 2015-04-01 13:47 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-08-19 22:35 - 2015-04-01 13:38 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-08-19 22:35 - 2015-04-01 13:16 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-19 22:35 - 2015-04-01 13:15 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-08-19 22:35 - 2015-04-01 12:47 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-19 22:35 - 2015-04-01 12:47 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-19 22:35 - 2015-04-01 12:23 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-08-19 22:35 - 2015-04-01 12:23 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 22:35 - 2015-04-01 12:15 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 22:35 - 2015-04-01 12:15 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-08-19 22:35 - 2015-04-01 12:01 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-19 22:35 - 2015-04-01 11:44 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 22:35 - 2015-04-01 11:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-19 22:35 - 2015-03-20 13:19 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-08-19 22:35 - 2015-03-20 12:38 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-08-19 22:35 - 2015-03-20 12:07 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-08-19 22:35 - 2015-03-20 11:37 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-08-19 22:35 - 2015-03-20 11:26 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-08-19 22:35 - 2015-03-18 02:56 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-19 22:35 - 2015-03-13 13:33 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-08-19 22:35 - 2015-03-13 13:33 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-08-19 22:35 - 2015-03-13 11:32 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-08-19 22:35 - 2015-03-13 10:41 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-08-19 22:35 - 2015-03-13 10:09 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-08-19 22:35 - 2015-03-11 11:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-08-19 22:35 - 2015-03-11 10:39 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-08-19 22:35 - 2015-03-09 11:32 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys
2015-08-19 22:35 - 2015-03-09 11:32 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-19 22:35 - 2015-03-06 12:17 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-08-19 22:35 - 2015-03-04 11:02 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-08-19 22:35 - 2015-03-04 10:42 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-08-19 22:35 - 2015-03-02 11:13 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-08-19 22:35 - 2015-03-02 10:51 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-08-19 22:35 - 2015-02-18 08:49 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-08-19 22:34 - 2015-03-06 12:38 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-19 22:34 - 2015-03-06 12:13 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-19 22:33 - 2015-09-01 21:38 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001UA.job
2015-08-19 22:33 - 2015-08-31 22:38 - 00000880 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001Core.job
2015-08-19 22:33 - 2015-08-19 22:33 - 00003876 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001UA
2015-08-19 22:33 - 2015-08-19 22:33 - 00003496 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1325000466-3342817125-3708368534-1001Core
2015-08-19 22:33 - 2015-08-19 22:33 - 00000000 ____D C:\Users\Kyle\AppData\Local\Dropbox
2015-08-19 22:33 - 2015-08-19 22:33 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-14 06:19 - 2015-08-14 06:19 - 01730328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-08-14 06:19 - 2015-08-14 06:19 - 00201432 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzudd.sys
2015-08-14 06:19 - 2015-08-14 06:19 - 00050392 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzendpt.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 42740536 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 37757584 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 30497920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 22960768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 16160424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 15902640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 15139256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 14512608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 13277448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 12885072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 11845224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 11063440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 03019128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 02942280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 02609480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01906832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435382.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01577808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01568056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435382.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01566536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01110768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01071416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 01063040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00991888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00985232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00948832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00887544 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00513840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00417096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00415840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00372880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00213360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-08-11 01:08 - 2015-08-11 01:08 - 00185632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00164192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00160896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00137424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00127616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00048992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-08-11 01:08 - 2015-08-11 01:08 - 00047944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-01 21:37 - 2015-02-16 15:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-01 21:32 - 2015-04-06 17:02 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 21:30 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-01 18:57 - 2015-02-13 20:30 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15200E30-DA4B-4A85-9FB0-2BB616968CC2}
2015-09-01 18:20 - 2014-03-19 00:55 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 18:14 - 2015-04-06 17:02 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 18:14 - 2015-02-14 17:51 - 00000000 ___RD C:\Users\Kyle\Dropbox
2015-09-01 18:14 - 2015-02-14 17:45 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Dropbox
2015-09-01 18:14 - 2015-02-13 20:21 - 00000000 ___DO C:\Users\Kyle\OneDrive
2015-09-01 18:13 - 2015-02-16 21:58 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 18:13 - 2013-08-23 00:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-01 14:21 - 2015-02-13 20:26 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1325000466-3342817125-3708368534-1001
2015-09-01 14:15 - 2015-02-14 06:39 - 01310729 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-01 13:06 - 2013-08-22 22:55 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-01 01:16 - 2015-02-16 15:35 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\vlc
2015-09-01 00:23 - 2015-02-13 20:38 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\Azureus
2015-08-31 22:43 - 2015-04-16 21:01 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-31 22:43 - 2015-04-16 21:00 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-30 12:27 - 2015-04-06 17:02 - 00003896 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 12:27 - 2015-04-06 17:02 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 16:32 - 2014-03-18 17:46 - 00030238 _____ C:\WINDOWS\PFRO.log
2015-08-28 16:42 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-28 16:37 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle\AppData\Local\Packages
2015-08-28 00:15 - 2015-02-13 20:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-27 23:25 - 2015-02-13 20:27 - 00000000 ____D C:\Users\Kyle\Documents\Work
2015-08-27 23:02 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle
2015-08-27 23:01 - 2015-04-06 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-27 23:01 - 2015-04-03 22:21 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-08-27 23:00 - 2015-03-01 23:24 - 00000000 __RHD C:\MSOCache
2015-08-27 23:00 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\registration
2015-08-21 00:42 - 2015-02-13 21:39 - 00000000 ____D C:\Users\Kyle\Documents\My Games
2015-08-20 22:38 - 2015-02-14 06:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-20 21:42 - 2015-03-01 16:41 - 00003278 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-08-20 21:42 - 2015-03-01 16:41 - 00000000 ____D C:\Program Files (x86)\Gyazo
2015-08-20 18:05 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\rescache
2015-08-20 11:23 - 2015-02-13 21:45 - 00003094 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1325000466-3342817125-3708368534-1001
2015-08-20 01:48 - 2015-02-13 21:48 - 00184607 _____ C:\WINDOWS\DirectX.log
2015-08-20 00:01 - 2015-03-04 16:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-19 23:59 - 2013-08-23 00:50 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 23:33 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-19 23:33 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-19 23:33 - 2013-08-23 00:14 - 00503464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 23:32 - 2015-04-03 22:21 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-08-19 23:32 - 2015-02-14 00:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-19 23:32 - 2015-02-14 00:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-19 23:32 - 2014-03-19 00:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\WinStore
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-19 23:32 - 2013-08-23 01:06 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-19 23:32 - 2013-08-22 23:06 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-08-19 23:30 - 2015-02-13 22:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-19 23:24 - 2015-02-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-19 23:22 - 2015-02-13 20:34 - 00000000 ____D C:\Users\Kyle\AppData\Roaming\HpUpdate
2015-08-19 23:20 - 2015-02-13 20:17 - 00000000 ____D C:\Users\Kyle\AppData\Local\VirtualStore
2015-08-19 22:53 - 2015-02-16 15:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-19 22:32 - 2015-03-05 10:14 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-19 22:10 - 2015-05-12 11:16 - 00000401 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-11 01:08 - 2015-02-12 21:33 - 17625848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-11 01:08 - 2015-02-12 21:33 - 03417208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-10 23:43 - 2015-02-12 21:34 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-07 10:14 - 2015-03-01 23:05 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 06873904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 03492984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 10:14 - 2015-02-16 21:58 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 10:14 - 2015-02-16 21:58 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-03 22:37 - 2015-02-16 21:58 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
 
==================== Files in the root of some directories =======
 
2015-08-20 01:11 - 2015-08-28 22:28 - 0000600 _____ () C:\Users\Kyle\AppData\Roaming\winscp.rnd
2015-08-28 22:22 - 2015-08-28 22:22 - 0000600 _____ () C:\Users\Kyle\AppData\Local\PUTTY.RND
2015-02-13 20:32 - 2015-02-13 20:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-14 06:39 - 2015-02-14 06:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-27 21:29 - 2015-08-27 21:29 - 0000830 _____ () C:\ProgramData\moon.txt
 
Some files in TEMP:
====================
C:\Users\Kyle\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7p45os.dll
C:\Users\Kyle\AppData\Local\Temp\i4jdel0.exe
C:\Users\Kyle\AppData\Local\Temp\SpotifyUninstall.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-26 12:44
 
==================== End of FRST.txt ============================


#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 01 September 2015 - 12:37 PM

Well done. :)
 

GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 01 September 2015 - 10:24 PM

Found some threats :( with ESET online scan.

 

D:\Steam\config\mail\result1.exe a variant of Win32/PSW.Delf.OOH trojan
D:\Steam\dumps_cache\dump.exe a variant of Win32/PSW.Delf.OOM trojan
D:\Steam\dumps_cache\dump2.exe a variant of MSIL/Injector.LQX trojan


#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 02 September 2015 - 05:03 AM

Do you know these files?

How is your system running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#12 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 02 September 2015 - 05:40 AM

Everything has been fine since the day after the post. But no i don't know these files. 



#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:10 PM

Posted 02 September 2015 - 09:57 AM

Delete this files and you are declared as clean.

======

Hello,
in my opinion your PC is clean. :) If you would like to donate some money to me, then click on the button paypal.gif. I'd really appreciate it, my friend. :)


We need to remove the tools we've used during cleaning your machine.
  • Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 

Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

Keep Safe! :thumbsup:

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#14 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 02 September 2015 - 10:01 AM

# DelFix v1.011 - Logfile created 03/09/2015 at 00:29:58
# Updated 18/08/2015 by Xplode
# Username : Kyle - BELLABOO
# Operating System : Windows 8.1 Pro  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Kyle\Downloads\Addition.txt
Deleted : C:\Users\Kyle\Downloads\AdwCleaner.exe
Deleted : C:\Users\Kyle\Downloads\AdwCleaner[S1].txt
Deleted : C:\Users\Kyle\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Kyle\Downloads\FRST.txt
Deleted : C:\Users\Kyle\Downloads\FRST64.exe
Deleted : C:\Users\Kyle\Downloads\JRT.exe
Deleted : C:\Users\Kyle\Downloads\JRT.txt
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Cleaning system restore ...
 
Deleted : RP #32 [Scheduled Checkpoint | 09/02/2015 03:16:03]
 
New restore point created !
 
########## - EOF - ##########
 
Cheers Machiavelli, really appreciate the help you have given me <3.
 
Take care my friend :)


#15 Kyle_1995

Kyle_1995
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 02 September 2015 - 10:03 AM

Btw what anti-virus would you recommend?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users