trovi keeps coming back

backdrop001 · August 12, 2014

Hi I've got that trovi thing and it keeps coming back I used malware bytes and adwcleaner and it gets rid of it but then comes right back. Here's the fixit log, i'm a novice at this. Also the log says kasperky is disabled ignore that was trying another scanner at the time so that's why it says that.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by backdrop001 at 2014-08-12 10:28:47
Running from C:\Users\backdrop001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAWIKKYD
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.2.1 - IObit)
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.27 - ASUSTeK Computer Inc)
ASUS Instant On (HKLM-x32\...\{CCC4652E-F5E0-498A-84F3-5DDBEF84642B}) (Version: 1.01.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_MSI_mm17_silver_asus) (Version: 17.0.2.32 - MAGIX AG)
ASUS Music Maker (x32 Version: 17.0.2.32 - MAGIX AG) Hidden
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.00 - Canon Inc.)
Canon MG5400 series On-screen Manual (HKLM-x32\...\Canon MG5400 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG5400 series User Registration (HKLM-x32\...\Canon MG5400 series User Registration) (Version: - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 2.0.0 - ASUS)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.8-1.0.8500.20 - raidcall.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.)
RoboForm 7-8-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-8-8-5 - Siber Systems)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.47 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2562964511-3703098086-3565090693-1001_Classes\CLSID\{30445789-3811-43d5-94c5-ea105b955848}\InprocServer32 -> C:\windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

08-08-2014 06:32:25 Windows Update
08-08-2014 06:40:32 Windows Update
08-08-2014 07:24:21 Windows Update
09-08-2014 01:41:30 Language Pack Removal
12-08-2014 11:48:08 Checkpoint by HitmanPro
12-08-2014 11:49:14 Checkpoint by HitmanPro
12-08-2014 12:01:06 Windows Modules Installer
12-08-2014 12:04:25 Windows Modules Installer
12-08-2014 12:07:02 Windows Modules Installer
12-08-2014 12:22:03 Windows Modules Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {250AC192-90AB-4AA6-B468-4B78722DDC7B} - System32\Tasks\ASUS\ASUS Dr.Net Execute => C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe [2012-07-06] (ASUSTeK Computer Inc.)
Task: {2D745E5E-0617-4FFA-925C-A3F26245C697} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {4898A0AB-E029-4F43-8B7A-D37BCA5820D2} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {5F370C5D-9208-435F-9CA6-8EBB3E7AC920} - System32\Tasks\ASC7_SkipUac_backdrop001 => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-03-21] (IObit)
Task: {78FB008D-D813-4360-8ECF-AF40D62F890B} - System32\Tasks\ASUS\Asus HybridSleep Helper => C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe [2011-10-31] (ASUSTeK Computer Inc.)
Task: {811D1901-DA0A-434D-96B9-23C63C716F7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02] (Google Inc.)
Task: {88D1A32A-6C50-4B81-8B98-CF4BEB4F5EFA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {8C368A03-DDC1-4575-9F3F-C389D613F47E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {BB8250C5-E298-4ACD-9F42-0612A57E0AEF} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMJJLJIMJMJJLMMJNMCNKMJMIMKMCNLMMMLMOJCNNJMJKMLMCNLJGMNMIMPMJMMJGMOMLJJJHMJNJICMIMCNHMCNHMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMNJOJMJEJLJNIAJPIPMPMOMJNKJCMJNNICMJNDJCMKJBJ"
Task: {D4A5328D-CA46-4AF5-A5C6-16074D2595BC} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-23] (ASUSTeK Computer Inc.)
Task: {DD60E34F-4445-4B3E-ACA9-FF6CDB8DE0F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02] (Google Inc.)
Task: {E9DAC5DA-3F4E-476D-87DB-C9771F4520A1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-07] (Adobe Systems Incorporated)
Task: {F7629A90-33C2-49DB-BFEA-E840D98358CF} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-08-06] (Siber Systems)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-06 18:16 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-02 00:42 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-08-07 03:26 - 2012-03-28 08:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-12 10:15 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-08-10 01:58 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-08-02 00:42 - 2014-08-12 09:50 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-08-02 00:42 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-02-02 14:13 - 2011-06-13 13:53 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\MSPowerLib.dll
2012-02-02 14:07 - 2011-12-16 14:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: Advanced SystemCare Ultimate => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: ASUS Ai Charger => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
MSCONFIG\startupreg: ASUS Easy Update => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: RoboForm => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: RunAIShell => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/12/2014 10:23:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wlmail.exe version 15.4.3538.513 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bc8

Start Time: 01cfb638e4cb9836

Termination Time: 16

Application Path: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

Report Id: 3bfa9ae8-222c-11e4-b799-10bf484e8bd4

Error: (08/12/2014 10:15:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2014 10:15:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2014 09:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:42:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:37:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:36:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2784) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\backdrop001\AppData\Local\Microsoft\Windows\WebCache\V0100031.log.

Error: (08/12/2014 08:47:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.17028 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15c0

Start Time: 01cfb6296066585c

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (08/12/2014 08:29:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 08:12:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/12/2014 09:51:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).

Error: (08/12/2014 09:42:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/12/2014 09:41:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (08/12/2014 09:41:22 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Microsoft Office Sessions:
=========================
Error: (08/12/2014 10:23:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wlmail.exe15.4.3538.5131bc801cfb638e4cb983616C:\Program Files (x86)\Windows Live\Mail\wlmail.exe3bfa9ae8-222c-11e4-b799-10bf484e8bd4

Error: (08/12/2014 10:15:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\backdrop001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAWIKKYD\esetsmartinstaller_enu.exe

Error: (08/12/2014 10:15:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\backdrop001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAWIKKYD\esetsmartinstaller_enu.exe

Error: (08/12/2014 09:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:42:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:37:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 09:36:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost2784WebCacheLocal: C:\Users\backdrop001\AppData\Local\Microsoft\Windows\WebCache\V0100031.log-1811

Error: (08/12/2014 08:47:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.1702815c001cfb6296066585c31C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (08/12/2014 08:29:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2014 08:12:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-08-12 05:53:33.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:33.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:33.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_c02406161666a81a\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.334
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.297
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.254
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.176
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.138
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:53:23.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22653_none_b5cf5bc3e205e61f\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-12 05:51:21.200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8144.55 MB
Available physical RAM: 5806.2 MB
Total Pagefile: 16287.29 MB
Available Pagefile: 13567.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:745.21 GB) (Free:640.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:1099.13 GB) (Free:1099.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5658EE57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=19 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=745 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1099 GB) - (Type=07 NTFS)

==================== End Of Log ============================

MrCharlie · August 12, 2014

Welcome to the forum. (Do what you can)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
2. If you have illegal/cracked software (MS Office, Adobe Products), cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

Please run a Quick Scan with Malwarebytes

For Malwarebytes ver: 1.75

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Post the log

For Malwarebytes 2.0, please run a Threat Scan

Click on Settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware

Same for PUM (Potentially Unwanted Modifications)

Quarantine all that's found

Post the log

Then.......

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Wait for the Prescan to finish

Click Scan to scan the system.

When the scan completes > Don't Fix anything! > Click on the Report Button and post the Report back here.

Don't run any other options, they're not all bad!!!!!!!

RogueKiller logs will also be located here:

%programdata%/RogueKiller/Logs <-------W7

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------XP

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running. Create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear".

------->Your topic will be closed if you haven't replied within 3 days!<--------

If I don't respond within 24 hours, please send me a PM

backdrop001 · August 12, 2014

malwarebytes

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/12/2014
Scan Time: 11:01:41 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.12.05
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: backdrop001

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321577
Time Elapsed: 5 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2562964511-3703098086-3565090693-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [94213e87fa8189ad5cbd97d18c7602fe],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.Trovi.A, C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M8ED2BBB0-2E0E-4917-B1AF-93C4D2996A5F&SearchSource=55&CUI=&UM=6&UP=SP09F2EE62-C61A-4BFC-9CE9-A13BD7E51C4B&SSPV=" ],), ,[f4c105c091ea7cba44dba557c3413dc3]

Physical Sectors: 0
(No malicious items detected)

(end)

backdrop001 · August 12, 2014

Roguekiller

RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : backdrop001 [Admin rights]
Mode : Scan -- Date : 08/12/2014 11:09:54

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND
[PUM.Desktop] (X64) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0 -> FOUND
[PUM.Desktop] (X86) HKEY_USERS\S-1-5-21-2562964511-3703098086-3565090693-1001\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000DL003-9VT166 ATA Device +++++
--- User ---
[MBR] eecf290755bce37e86d24e44f9a4ecdc
[bSP] 07025818fdfd1bd53c357a9b3c431697 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 206848 | Size: 19024 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 39168000 | Size: 763090 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1601976320 | Size: 1125513 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SM/xD Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Canon MG5400 series USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

MrCharlie · August 12, 2014

Sorry, can you post the FRST.txt log from FRST.

You only posted the Addition.txt

MrC

backdrop001 · August 13, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by backdrop001 (administrator) on BACKDROP001-PC on 12-08-2014 21:33:02
Running from C:\Users\backdrop001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AD3IKQCQ
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2562964511-3703098086-3565090693-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-08-02] (Google Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M8ED2BBB0-2E0E-4917-B1AF-93C4D2996A5F&SearchSource=58&CUI=&UM=6&UP=SP09F2EE62-C61A-4BFC-9CE9-A13BD7E51C4B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\backdrop001\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-08-06]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-06]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-08-06]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-08-06]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-08-06]

Chrome:
=======
CHR HomePage: hxxp://www.comcast.net/
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M8ED2BBB0-2E0E-4917-B1AF-93C4D2996A5F&SearchSource=55&CUI=&UM=6&UP=SP09F2EE62-C61A-4BFC-9CE9-A13BD7E51C4B&SSPV="
CHR Extension: (Google Docs) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-05]
CHR Extension: (Google Drive) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-05]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-08-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-05]
CHR Extension: (YouTube) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-05]
CHR Extension: (Google Search) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-05]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-08-05]
CHR Extension: (Safe Money) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-08-05]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-08-05]
CHR Extension: (Virtual Keyboard) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-05]
CHR Extension: (Gmail) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-05]
CHR Extension: (Anti-Banner) - C:\Users\backdrop001\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-08-12]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-08-12]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-08]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-08]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-08]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-08]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-08] (Kaspersky Lab ZAO)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177136 2014-04-28] (Coupons.com Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-06] (IObit)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel® Corporation) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-08-06] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-08-06] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-08-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-08] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-08-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-08-06] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-12 11:02 - 2014-08-12 11:02 - 05392984 _____ () C:\Users\backdrop001\Desktop\RogueKillerX64.exe
2014-08-12 11:02 - 2014-08-12 11:02 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-08-12 11:02 - 2014-08-12 11:02 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-12 10:27 - 2014-08-12 21:33 - 00000000 ____D () C:\FRST
2014-08-12 09:38 - 2014-08-12 09:38 - 01366203 _____ () C:\Users\backdrop001\Desktop\adwcleaner_3.304.exe
2014-08-12 09:36 - 2014-08-12 21:29 - 00000560 _____ () C:\windows\setupact.log
2014-08-12 09:36 - 2014-08-12 09:36 - 00000000 _____ () C:\windows\setuperr.log
2014-08-12 09:35 - 2014-08-12 09:50 - 00000616 _____ () C:\windows\PFRO.log
2014-08-12 09:19 - 2014-08-12 09:19 - 00001177 _____ () C:\Users\backdrop001\Desktop\Auslogics DiskDefrag.lnk
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\ProgramData\Auslogics
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-08-12 09:12 - 2014-08-12 09:12 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\{81FE83BB-44C7-416A-8704-0ED9C4CDA3C6}
2014-08-12 09:08 - 2014-08-12 09:08 - 00019616 _____ () C:\Users\backdrop001\Documents\cc_20140812_090819.reg
2014-08-12 09:07 - 2014-08-12 09:07 - 00002784 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-12 09:06 - 2014-08-12 09:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-12 09:06 - 2014-08-12 09:06 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-12 09:06 - 2014-08-12 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-12 07:45 - 2014-08-12 07:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-12 07:38 - 2014-08-12 07:38 - 00002718 _____ () C:\Users\backdrop001\Desktop\JRT.txt
2014-08-12 07:31 - 2014-08-12 07:31 - 00000000 ____D () C:\windows\ERUNT
2014-08-12 07:26 - 2014-08-12 09:42 - 00000000 ____D () C:\AdwCleaner
2014-08-12 07:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-12 06:47 - 2014-08-12 07:06 - 00290304 _____ (Microsoft Corporation) C:\windows\SysWOW64\subinacl.exe
2014-08-12 06:47 - 2014-08-12 06:47 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-08-12 06:31 - 2014-08-12 06:31 - 00001087 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-08-12 06:31 - 2014-08-12 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-08-12 06:31 - 2014-08-12 06:31 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-12 06:31 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCTL.OCX
2014-08-12 06:31 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSSTDFMT.DLL
2014-08-12 05:20 - 2014-08-12 05:20 - 86052864 _____ () C:\windows\system32\config\components.iobit
2014-08-12 05:09 - 2014-08-12 11:00 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 05:09 - 2014-08-12 05:09 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-12 05:09 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-08-12 05:09 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-08-12 05:09 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-08-10 02:06 - 2014-08-10 02:06 - 65351680 _____ () C:\windows\system32\config\software.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00229376 _____ () C:\windows\system32\config\default.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00024576 _____ () C:\windows\system32\config\security.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00024576 _____ () C:\windows\system32\config\sam.iodefrag.bak
2014-08-10 02:02 - 2014-02-17 13:41 - 00027456 _____ (IObit) C:\windows\system32\RegistryDefragBootTime.exe
2014-08-10 02:01 - 2014-08-10 02:01 - 65351680 _____ () C:\windows\system32\config\software.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00229376 _____ () C:\windows\system32\config\default.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00024576 _____ () C:\windows\system32\config\security.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00024576 _____ () C:\windows\system32\config\sam.iobit
2014-08-10 01:59 - 2014-08-10 01:59 - 00002898 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-10 01:59 - 2014-08-10 01:59 - 00001236 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-08-10 01:58 - 2014-08-12 05:21 - 00002213 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-08-10 01:58 - 2014-08-10 01:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-08-10 01:58 - 2014-08-10 01:58 - 00002866 _____ () C:\windows\System32\Tasks\ASC7_SkipUac_backdrop001
2014-08-10 01:58 - 2014-08-10 01:58 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-10 01:57 - 2014-08-10 01:57 - 00000223 _____ () C:\ASCInit.log
2014-08-10 01:56 - 2014-08-10 01:56 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-08-10 01:48 - 2014-08-10 01:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\ProductData
2014-08-10 01:47 - 2014-08-12 05:00 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Apple Computer
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-08-10 01:46 - 2014-08-12 05:00 - 00000000 ____D () C:\ProgramData\IObit
2014-08-10 01:46 - 2014-08-10 01:58 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-08-10 01:46 - 2014-08-10 01:47 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\IObit
2014-08-09 23:39 - 2014-08-09 23:41 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Curse Advertising
2014-08-09 23:39 - 2014-08-09 23:39 - 00003302 _____ () C:\windows\System32\Tasks\{6271F969-6BE2-49C8-B38B-41A55A811744}
2014-08-09 23:39 - 2014-08-09 23:39 - 00000318 _____ () C:\Users\backdrop001\Desktop\Curse Client.appref-ms
2014-08-09 23:39 - 2014-08-09 23:39 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-08-08 02:55 - 2014-08-08 02:55 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-08-08 02:53 - 2014-08-12 08:29 - 00001421 _____ () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-08 02:09 - 2014-08-08 02:10 - 44335120 _____ (Microsoft Corporation) C:\Users\backdrop001\Documents\IE10-Windows6.1-x64-en-us.exe
2014-08-07 18:42 - 2014-08-12 07:33 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-08-07 18:42 - 2014-08-07 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-08-07 18:04 - 2014-08-07 18:04 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Adobe
2014-08-07 04:23 - 2014-08-07 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2014-08-07 04:23 - 2014-08-07 04:23 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-08-07 04:07 - 2014-08-12 10:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-07 04:07 - 2014-08-07 04:07 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-08-07 04:07 - 2014-08-07 04:07 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-08-07 04:07 - 2014-08-07 04:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-08-07 03:27 - 2014-08-07 03:27 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-08-07 03:27 - 2014-08-07 03:27 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-08-07 03:26 - 2014-08-07 03:27 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\canon
2014-08-07 03:26 - 2014-08-07 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series User Registration
2014-08-07 03:26 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\windows\SysWOW64\CNC_BBL.dll
2014-08-07 03:26 - 2012-01-26 10:28 - 00081920 _____ () C:\windows\SysWOW64\CNC1764D.TBL
2014-08-07 03:26 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\windows\SysWOW64\CNC_BBU.dll
2014-08-07 03:26 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\windows\SysWOW64\CNHMCA.dll
2014-08-07 03:25 - 2014-08-07 03:25 - 00002029 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-08-07 03:25 - 2014-08-07 03:25 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-08-07 03:25 - 2014-08-07 03:25 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-08-07 03:22 - 2014-08-07 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-08-07 03:22 - 2014-08-07 03:26 - 00000000 ____D () C:\Program Files\Canon
2014-08-07 03:22 - 2014-08-07 03:22 - 00002366 _____ () C:\Users\Public\Desktop\Canon MG5400 series On-screen Manual.lnk
2014-08-07 03:22 - 2014-08-07 03:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series Manual
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series
2014-08-07 03:21 - 2012-04-16 05:00 - 00389120 _____ (CANON INC.) C:\windows\system32\CNMLMBB.DLL
2014-08-07 03:21 - 2012-02-08 16:36 - 00363520 _____ (CANON INC.) C:\windows\system32\CNC_BBL.dll
2014-08-07 03:21 - 2012-01-26 10:28 - 00081920 _____ () C:\windows\system32\CNC1764D.TBL
2014-08-07 03:21 - 2012-01-16 14:21 - 00287744 _____ (CANON INC.) C:\windows\system32\CNC_BBC.dll
2014-08-07 03:21 - 2012-01-16 14:20 - 00106496 _____ (CANON INC.) C:\windows\system32\CNC_BBI.dll
2014-08-07 03:21 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\windows\system32\CNHMCA6.dll
2014-08-07 03:20 - 2014-08-07 18:46 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-07 03:20 - 2014-08-07 03:20 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2014-08-07 03:20 - 2014-08-07 03:20 - 00000000 ____D () C:\windows\system32\STRING
2014-08-07 03:20 - 2012-03-28 13:01 - 00359936 _____ (CANON INC.) C:\windows\system32\CNMN6PPM.DLL
2014-08-07 03:20 - 2012-03-28 13:01 - 00039424 _____ (CANON INC.) C:\windows\system32\CNMN6UI.DLL
2014-08-07 03:19 - 2014-08-07 03:26 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-08-07 02:48 - 2014-08-07 02:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\SWTOR
2014-08-07 00:08 - 2014-08-07 00:08 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-08-07 00:08 - 2014-08-07 00:08 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\SWTORPerf
2014-08-07 00:07 - 2014-08-07 00:07 - 00014492 _____ () C:\Users\backdrop001\Documents\Install STAR WARS The Old Republic.log
2014-08-07 00:07 - 2014-08-07 00:07 - 00001457 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-08-07 00:07 - 2014-08-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-08-07 00:07 - 2014-08-07 00:07 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-06 22:16 - 2014-08-06 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 22:15 - 2014-08-06 22:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-06 22:15 - 2014-08-06 22:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-06 20:02 - 2014-08-11 20:08 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-08-06 20:02 - 2014-08-06 20:02 - 00001015 _____ () C:\Users\backdrop001\Desktop\SpeedFan.lnk
2014-08-06 20:02 - 2014-08-06 20:02 - 00000045 _____ () C:\windows\SysWOW64\initdebug.nfo
2014-08-06 20:02 - 2014-08-06 20:02 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-08-06 20:02 - 2014-08-06 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-08-06 20:01 - 2014-08-06 20:02 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\rmi
2014-08-06 19:57 - 2014-08-06 19:57 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Mozilla
2014-08-06 19:57 - 2014-08-06 19:57 - 00000000 ____D () C:\ProgramData\Norton
2014-08-06 19:06 - 2014-08-07 19:06 - 00000000 ____D () C:\Users\backdrop001\Documents\RIFT
2014-08-06 19:06 - 2014-08-06 20:15 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\RIFT
2014-08-06 19:01 - 2014-08-06 19:01 - 00001128 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-08-06 19:01 - 2014-08-06 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-08-06 19:01 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\windows\system32\klfphc.dll
2014-08-06 19:00 - 2014-08-12 21:29 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-06 19:00 - 2014-08-06 19:33 - 00625248 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-08-06 19:00 - 2014-08-06 19:33 - 00115296 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-08-06 19:00 - 2014-08-06 19:00 - 00000000 ____D () C:\windows\ELAMBKUP
2014-08-06 19:00 - 2014-08-06 19:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-06 18:45 - 2014-08-06 18:45 - 00001039 _____ () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2014-08-06 18:45 - 2014-08-06 18:45 - 00001015 _____ () C:\Users\backdrop001\Desktop\RaidCall.lnk
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\raidcall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Program Files (x86)\RaidCall
2014-08-06 18:43 - 2014-08-06 18:43 - 05519456 _____ () C:\Users\backdrop001\Downloads\raidcall.exe
2014-08-06 18:43 - 2014-08-06 18:43 - 00004050 _____ () C:\windows\System32\Tasks\LaunchSignup
2014-08-06 18:41 - 2014-08-06 18:41 - 00004040 _____ () C:\windows\System32\Tasks\Open URL by RoboForm
2014-08-06 18:41 - 2014-08-06 18:41 - 00003516 _____ () C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\backdrop001\Documents\My RoboForm Data
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\RoboForm
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-08-06 18:40 - 2014-08-06 18:40 - 00000000 ____D () C:\Users\backdrop001\Documents\addons
2014-08-06 18:40 - 2014-08-06 18:40 - 00000000 ____D () C:\Program Files (x86)\Siber Systems
2014-08-06 18:39 - 2014-08-06 19:16 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-08-06 18:37 - 2014-08-06 18:37 - 00001861 _____ () C:\Users\backdrop001\Desktop\RIFT.lnk
2014-08-06 18:37 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2014-08-06 18:37 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2014-08-06 18:37 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2014-08-06 18:37 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2014-08-06 18:37 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2014-08-06 18:37 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2014-08-06 18:37 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-08-06 18:37 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2014-08-06 18:37 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-08-06 18:37 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2014-08-06 18:37 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2014-08-06 18:37 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2014-08-06 18:37 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2014-08-06 18:37 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2014-08-06 18:37 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2014-08-06 18:37 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2014-08-06 18:37 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2014-08-06 18:37 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2014-08-06 18:37 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2014-08-06 18:37 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2014-08-06 18:37 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2014-08-06 18:37 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2014-08-06 18:37 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2014-08-06 18:37 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2014-08-06 18:37 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2014-08-06 18:37 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2014-08-06 18:37 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2014-08-06 18:37 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2014-08-06 18:37 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2014-08-06 18:37 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2014-08-06 18:37 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2014-08-06 18:37 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2014-08-06 18:37 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2014-08-06 18:37 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2014-08-06 18:37 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2014-08-06 18:37 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2014-08-06 18:37 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2014-08-06 18:37 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2014-08-06 18:37 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2014-08-06 18:37 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2014-08-06 18:37 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2014-08-06 18:37 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2014-08-06 18:37 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2014-08-06 18:37 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2014-08-06 18:37 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2014-08-06 18:37 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2014-08-06 18:37 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2014-08-06 18:37 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2014-08-06 18:37 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2014-08-06 18:37 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2014-08-06 18:37 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2014-08-06 18:37 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2014-08-06 18:37 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2014-08-06 18:37 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2014-08-06 18:37 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2014-08-06 18:37 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2014-08-06 18:37 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2014-08-06 18:37 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2014-08-06 18:37 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2014-08-06 18:37 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2014-08-06 18:37 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2014-08-06 18:37 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2014-08-06 18:37 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2014-08-06 18:37 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2014-08-06 18:37 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2014-08-06 18:37 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2014-08-06 18:37 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2014-08-06 18:36 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2014-08-06 18:36 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2014-08-06 18:36 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2014-08-06 18:36 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2014-08-06 18:36 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2014-08-06 18:36 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2014-08-06 18:36 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2014-08-06 18:36 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2014-08-06 18:36 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2014-08-06 18:36 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2014-08-06 18:36 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2014-08-06 18:36 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2014-08-06 18:36 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2014-08-06 18:36 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2014-08-06 18:36 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2014-08-06 18:36 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2014-08-06 18:36 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2014-08-06 18:36 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2014-08-06 18:36 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2014-08-06 18:36 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2014-08-06 18:36 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2014-08-06 18:36 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2014-08-06 18:36 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2014-08-06 18:36 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2014-08-06 18:36 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2014-08-06 18:36 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2014-08-06 18:36 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2014-08-06 18:36 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2014-08-06 18:36 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2014-08-06 18:36 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2014-08-06 18:36 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2014-08-06 18:36 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2014-08-06 18:36 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2014-08-06 18:36 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2014-08-06 18:36 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2014-08-06 18:36 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
2014-08-06 18:36 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll
2014-08-06 18:36 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
2014-08-06 18:36 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll
2014-08-06 18:36 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2014-08-06 18:36 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2014-08-06 18:36 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2014-08-06 18:36 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2014-08-06 18:36 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
2014-08-06 18:36 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll
2014-08-06 18:36 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2014-08-06 18:36 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2014-08-06 18:36 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2014-08-06 18:36 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2014-08-06 18:36 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2014-08-06 18:36 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2014-08-06 18:36 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2014-08-06 18:36 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2014-08-06 18:36 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2014-08-06 18:36 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2014-08-06 18:35 - 2014-08-06 18:37 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-08-06 18:34 - 2014-08-06 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-08-06 18:34 - 2014-08-06 18:37 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-08-06 18:34 - 2014-08-06 18:34 - 00001005 _____ () C:\Users\backdrop001\Desktop\Glyph.lnk
2014-08-06 18:34 - 2014-08-06 18:34 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Glyph
2014-08-06 18:34 - 2014-08-06 18:34 - 00000000 ____D () C:\ProgramData\Glyph
2014-08-06 18:17 - 2014-08-06 20:34 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\NVIDIA Corporation
2014-08-06 18:17 - 2014-08-06 20:34 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\NVIDIA
2014-08-06 18:17 - 2014-08-06 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-06 18:17 - 2014-08-06 18:17 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-06 18:17 - 2014-07-25 10:01 - 01715224 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-08-06 18:17 - 2014-07-25 10:01 - 01291280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-08-06 18:17 - 2014-07-25 10:01 - 01283136 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-08-06 18:17 - 2014-07-25 10:01 - 01126480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-08-06 18:17 - 2014-07-02 13:44 - 00609240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2014-08-06 18:17 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-08-06 18:17 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2014-08-06 18:17 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-08-06 18:17 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-08-06 18:17 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-08-06 18:17 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-08-06 18:16 - 2014-07-02 06:14 - 03826628 _____ () C:\windows\system32\nvcoproc.bin
2014-08-06 18:15 - 2014-08-06 18:15 - 06051254 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-06 18:14 - 2014-07-02 17:29 - 01515296 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2014-08-06 18:14 - 2014-07-02 17:29 - 00197408 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2014-08-06 18:14 - 2014-07-02 17:29 - 00031520 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 31512520 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 24196896 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 22994208 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 18626304 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 17555104 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 16122344 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 15294296 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 14498552 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 13922752 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 13835208 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 12866008 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-08-06 18:14 - 2014-07-02 16:48 - 11283344 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 11222048 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 04247000 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 03989960 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 03196816 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 02814656 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 01890080 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434052.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 01539928 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434052.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00965312 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00944928 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00907096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00903624 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00869152 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00846832 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00354016 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00305600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00166568 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-08-06 18:14 - 2014-07-02 16:48 - 00146480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-08-06 18:14 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-08-06 18:14 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2014-08-06 18:14 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-08-06 18:08 - 2014-08-06 18:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Sun
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-05 14:04 - 2014-08-05 14:04 - 00002263 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 14:04 - 2014-08-05 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-03 16:01 - 2013-02-17 01:40 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2014-08-03 15:51 - 2014-08-03 15:51 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-03 15:51 - 2014-08-03 15:51 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-03 15:51 - 2014-08-03 15:51 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-03 15:51 - 2014-08-03 15:51 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-03 15:51 - 2014-08-03 15:51 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2014-08-03 15:51 - 2014-08-03 15:51 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-08-03 15:51 - 2014-08-03 15:51 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-08-03 15:51 - 2014-08-03 15:51 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-08-03 15:51 - 2014-08-03 15:51 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-08-03 15:51 - 2014-08-03 15:51 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-08-03 15:51 - 2014-08-03 15:51 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 01162240 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

backdrop001 · August 13, 2014

2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 05559152 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03968368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 03913584 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-03 15:46 - 2014-08-03 15:46 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-08-03 15:46 - 2014-08-03 15:46 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-08-02 04:25 - 2014-08-12 11:10 - 01254142 _____ () C:\windows\WindowsUpdate.log
2014-08-02 04:24 - 2009-01-01 00:01 - 00002688 _____ () C:\windows\system32\RaCoInst.log
2014-08-02 03:09 - 2014-08-06 20:12 - 00002338 _____ () C:\Users\backdrop001\Desktop\Safe Money.lnk
2014-08-02 03:08 - 2014-08-02 03:08 - 00000584 _____ () C:\windows\system32\TmInstall.log
2014-08-02 02:28 - 2014-08-02 06:53 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-02 02:28 - 2014-08-02 06:53 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-02 02:28 - 2014-08-02 02:41 - 00000000 ____D () C:\Users\TEMP
2014-08-02 02:21 - 2014-08-12 10:45 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\TS3Client
2014-08-02 02:14 - 2014-08-08 02:59 - 00007753 _____ () C:\Users\backdrop001\Desktop\Passwords.txt
2014-08-02 02:14 - 2014-07-16 09:24 - 00001076 _____ () C:\Users\backdrop001\Desktop\New Rich Text Document.txt
2014-08-02 02:14 - 2014-06-08 19:15 - 00002559 _____ () C:\Users\backdrop001\Desktop\game info.txt
2014-08-02 02:14 - 2014-03-18 10:20 - 00000043 _____ () C:\Users\backdrop001\Desktop\stuff.txt
2014-08-02 02:13 - 2014-08-12 10:42 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-02 02:13 - 2014-08-12 10:41 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-08-02 02:09 - 2014-08-06 19:16 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-02 02:09 - 2014-08-06 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-08-02 01:34 - 2014-08-10 02:02 - 00000000 ____D () C:\windows\Minidump
2014-08-02 01:31 - 2014-08-10 17:42 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Windows Live
2014-08-02 01:30 - 2014-08-02 02:16 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Windows Live Writer
2014-08-02 01:30 - 2014-08-02 01:30 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Windows Live Writer
2014-08-02 01:14 - 2014-08-02 06:54 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-08-02 01:04 - 2014-08-07 00:41 - 00000000 ____D () C:\Users\backdrop001\Documents\Fanfiction
2014-08-02 01:03 - 2014-08-02 01:03 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\ASUS WebStorage
2014-08-02 00:52 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-02 00:52 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-02 00:52 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-02 00:52 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-02 00:51 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-02 00:51 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-02 00:51 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-02 00:51 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-02 00:49 - 2014-08-02 01:27 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Google
2014-08-02 00:49 - 2014-08-02 00:49 - 00000000 ____D () C:\ProgramData\Google
2014-08-02 00:49 - 2014-08-02 00:49 - 00000000 ____D () C:\Program Files\Google
2014-08-02 00:48 - 2014-08-12 21:29 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 00:48 - 2014-08-12 10:53 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 00:48 - 2014-08-09 23:50 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Deployment
2014-08-02 00:48 - 2014-08-06 19:15 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Google
2014-08-02 00:48 - 2014-08-05 14:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-02 00:48 - 2014-08-02 00:48 - 00097200 _____ () C:\Users\backdrop001\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-02 00:48 - 2014-08-02 00:48 - 00003904 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:48 - 2014-08-02 00:48 - 00003652 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:48 - 2014-08-02 00:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Apps\2.0
2014-08-02 00:47 - 2014-08-02 00:47 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Macromedia
2014-08-02 00:46 - 2014-08-07 18:04 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Adobe
2014-08-02 00:42 - 2014-08-02 00:42 - 00000000 ____D () C:\windows\SysWOW64\Drivers\MFDLL
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 _____ () C:\windows\SysWOW64\Drivers\1043_ASUSTeK_CM6870.alu
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\Public\Documents\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\MAGIX
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\MAGIX
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Program Files (x86)\ASUS Music Maker
2014-08-02 00:30 - 2014-08-12 21:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-02 00:30 - 2014-08-12 08:23 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\VirtualStore
2014-08-02 00:30 - 2014-08-06 20:34 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-02 00:30 - 2014-08-06 18:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-02 00:30 - 2014-07-02 14:55 - 06783776 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-08-02 00:30 - 2014-07-02 14:55 - 03522392 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-08-02 00:30 - 2014-07-02 14:55 - 00935368 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-08-02 00:30 - 2014-07-02 14:55 - 00386520 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-08-02 00:30 - 2014-07-02 14:55 - 00062808 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-08-02 00:30 - 2011-08-03 15:50 - 02560616 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-08-02 00:30 - 2011-08-03 15:50 - 00067176 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-08-02 00:30 - 2011-08-03 15:50 - 00057960 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-08-02 00:29 - 2014-08-12 05:20 - 00000000 ____D () C:\Users\backdrop001
2014-08-02 00:29 - 2014-08-06 18:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-02 00:29 - 2014-08-02 00:29 - 00000020 ___SH () C:\Users\backdrop001\ntuser.ini
2014-08-02 00:29 - 2014-07-02 16:48 - 00026353 _____ () C:\windows\system32\nvinfo.pb
2014-08-02 00:29 - 2011-08-03 15:50 - 01519720 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco64.dll
2014-08-02 00:29 - 2011-08-03 15:50 - 01453160 _____ (NVIDIA Corporation) C:\windows\system32\nvgenco64.dll
2014-08-02 00:29 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-02 00:29 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-12 21:33 - 2014-08-12 10:27 - 00000000 ____D () C:\FRST
2014-08-12 21:32 - 2014-08-02 04:25 - 01254142 _____ () C:\windows\WindowsUpdate.log
2014-08-12 21:29 - 2014-08-12 09:36 - 00000560 _____ () C:\windows\setupact.log
2014-08-12 21:29 - 2014-08-06 19:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-12 21:29 - 2014-08-02 00:48 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-12 21:29 - 2014-08-02 00:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-12 21:29 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-12 11:02 - 2014-08-12 11:02 - 05392984 _____ () C:\Users\backdrop001\Desktop\RogueKillerX64.exe
2014-08-12 11:02 - 2014-08-12 11:02 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-08-12 11:02 - 2014-08-12 11:02 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-12 11:00 - 2014-08-12 05:09 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 10:58 - 2014-08-07 04:07 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 10:53 - 2014-08-02 00:48 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 10:45 - 2014-08-02 02:21 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\TS3Client
2014-08-12 10:42 - 2014-08-02 02:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-12 10:41 - 2014-08-02 02:13 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-08-12 10:00 - 2009-07-14 00:45 - 00021648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-12 10:00 - 2009-07-14 00:45 - 00021648 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-12 09:57 - 2009-07-14 01:13 - 00793530 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-12 09:50 - 2014-08-12 09:35 - 00000616 _____ () C:\windows\PFRO.log
2014-08-12 09:42 - 2014-08-12 07:26 - 00000000 ____D () C:\AdwCleaner
2014-08-12 09:38 - 2014-08-12 09:38 - 01366203 _____ () C:\Users\backdrop001\Desktop\adwcleaner_3.304.exe
2014-08-12 09:36 - 2014-08-12 09:36 - 00000000 _____ () C:\windows\setuperr.log
2014-08-12 09:19 - 2014-08-12 09:19 - 00001177 _____ () C:\Users\backdrop001\Desktop\Auslogics DiskDefrag.lnk
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\ProgramData\Auslogics
2014-08-12 09:19 - 2014-08-12 09:19 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-08-12 09:12 - 2014-08-12 09:12 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\{81FE83BB-44C7-416A-8704-0ED9C4CDA3C6}
2014-08-12 09:08 - 2014-08-12 09:08 - 00019616 _____ () C:\Users\backdrop001\Documents\cc_20140812_090819.reg
2014-08-12 09:08 - 2011-12-27 20:49 - 00000000 ____D () C:\windows\Panther
2014-08-12 09:07 - 2014-08-12 09:07 - 00002784 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-12 09:07 - 2014-08-12 09:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-12 09:06 - 2014-08-12 09:06 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-12 09:06 - 2014-08-12 09:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-12 08:29 - 2014-08-08 02:53 - 00001421 _____ () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 08:26 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-12 08:23 - 2014-08-02 00:30 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\VirtualStore
2014-08-12 07:49 - 2014-08-12 07:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-12 07:38 - 2014-08-12 07:38 - 00002718 _____ () C:\Users\backdrop001\Desktop\JRT.txt
2014-08-12 07:33 - 2014-08-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-08-12 07:31 - 2014-08-12 07:31 - 00000000 ____D () C:\windows\ERUNT
2014-08-12 07:06 - 2014-08-12 06:47 - 00290304 _____ (Microsoft Corporation) C:\windows\SysWOW64\subinacl.exe
2014-08-12 06:47 - 2014-08-12 06:47 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-08-12 06:31 - 2014-08-12 06:31 - 00001087 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-08-12 06:31 - 2014-08-12 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-08-12 06:31 - 2014-08-12 06:31 - 00000000 ____D () C:\ProgramData\Licenses
2014-08-12 05:21 - 2014-08-10 01:58 - 00002213 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-08-12 05:20 - 2014-08-12 05:20 - 86052864 _____ () C:\windows\system32\config\components.iobit
2014-08-12 05:20 - 2014-08-02 00:29 - 00000000 ____D () C:\Users\backdrop001
2014-08-12 05:17 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Vss
2014-08-12 05:09 - 2014-08-12 05:09 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 05:09 - 2014-08-12 05:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-12 05:00 - 2014-08-10 01:47 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-12 05:00 - 2014-08-10 01:46 - 00000000 ____D () C:\ProgramData\IObit
2014-08-11 20:08 - 2014-08-06 20:02 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-08-10 17:42 - 2014-08-02 01:31 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Windows Live
2014-08-10 02:08 - 2012-02-02 14:13 - 00001749 _____ () C:\windows\system32\AutoRunFilter.ini
2014-08-10 02:08 - 2012-02-02 14:13 - 00001549 _____ () C:\windows\system32\ServiceFilter.ini
2014-08-10 02:06 - 2014-08-10 02:06 - 65351680 _____ () C:\windows\system32\config\software.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00229376 _____ () C:\windows\system32\config\default.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00024576 _____ () C:\windows\system32\config\security.iodefrag.bak
2014-08-10 02:06 - 2014-08-10 02:06 - 00024576 _____ () C:\windows\system32\config\sam.iodefrag.bak
2014-08-10 02:02 - 2014-08-02 01:34 - 00000000 ____D () C:\windows\Minidump
2014-08-10 02:01 - 2014-08-10 02:01 - 65351680 _____ () C:\windows\system32\config\software.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00229376 _____ () C:\windows\system32\config\default.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00024576 _____ () C:\windows\system32\config\security.iobit
2014-08-10 02:01 - 2014-08-10 02:01 - 00024576 _____ () C:\windows\system32\config\sam.iobit
2014-08-10 01:59 - 2014-08-10 01:59 - 00002898 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-10 01:59 - 2014-08-10 01:59 - 00001236 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-08-10 01:59 - 2014-08-10 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-08-10 01:58 - 2014-08-10 01:58 - 00002866 _____ () C:\windows\System32\Tasks\ASC7_SkipUac_backdrop001
2014-08-10 01:58 - 2014-08-10 01:58 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-10 01:58 - 2014-08-10 01:46 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-08-10 01:57 - 2014-08-10 01:57 - 00000223 _____ () C:\ASCInit.log
2014-08-10 01:56 - 2014-08-10 01:56 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-08-10 01:48 - 2014-08-10 01:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\ProductData
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Apple Computer
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-08-10 01:47 - 2014-08-10 01:47 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-08-10 01:47 - 2014-08-10 01:46 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\IObit
2014-08-09 23:50 - 2014-08-02 00:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Deployment
2014-08-09 23:41 - 2014-08-09 23:39 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Curse Advertising
2014-08-09 23:39 - 2014-08-09 23:39 - 00003302 _____ () C:\windows\System32\Tasks\{6271F969-6BE2-49C8-B38B-41A55A811744}
2014-08-09 23:39 - 2014-08-09 23:39 - 00000318 _____ () C:\Users\backdrop001\Desktop\Curse Client.appref-ms
2014-08-09 23:39 - 2014-08-09 23:39 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-08-09 08:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-08-09 01:24 - 2011-04-12 04:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\SysWOW64\winrm
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\SysWOW64\WCN
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\SysWOW64\slmgr
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\SysWOW64\Printing_Admin_Scripts
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\system32\winrm
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\system32\WCN
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\system32\slmgr
2014-08-09 01:24 - 2011-04-12 04:17 - 00000000 ____D () C:\windows\system32\Printing_Admin_Scripts
2014-08-09 01:24 - 2009-07-14 01:37 - 00000000 ____D () C:\windows\DigitalLocker
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-09 01:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\MUI
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\sysprep
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Setup
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\oobe
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\MUI
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\com
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\servicing
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\IME
2014-08-09 01:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-09 01:23 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\WinBioPlugIns
2014-08-08 02:59 - 2014-08-02 02:14 - 00007753 _____ () C:\Users\backdrop001\Desktop\Passwords.txt
2014-08-08 02:55 - 2014-08-08 02:55 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-08-08 02:55 - 2012-02-02 14:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-08-08 02:28 - 2012-02-02 14:11 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-08 02:10 - 2014-08-08 02:09 - 44335120 _____ (Microsoft Corporation) C:\Users\backdrop001\Documents\IE10-Windows6.1-x64-en-us.exe
2014-08-07 19:06 - 2014-08-06 19:06 - 00000000 ____D () C:\Users\backdrop001\Documents\RIFT
2014-08-07 18:46 - 2014-08-07 03:20 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-07 18:42 - 2014-08-07 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-08-07 18:04 - 2014-08-07 18:04 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Adobe
2014-08-07 18:04 - 2014-08-02 00:46 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Adobe
2014-08-07 04:23 - 2014-08-07 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2014-08-07 04:23 - 2014-08-07 04:23 - 00000000 ____D () C:\Program Files (x86)\Combined Community Codec Pack
2014-08-07 04:07 - 2014-08-07 04:07 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-08-07 04:07 - 2014-08-07 04:07 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-08-07 04:07 - 2014-08-07 04:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-08-07 04:07 - 2012-02-02 14:00 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-07 03:27 - 2014-08-07 03:27 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-08-07 03:27 - 2014-08-07 03:27 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-08-07 03:27 - 2014-08-07 03:26 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\canon
2014-08-07 03:26 - 2014-08-07 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series User Registration
2014-08-07 03:26 - 2014-08-07 03:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-08-07 03:26 - 2014-08-07 03:22 - 00000000 ____D () C:\Program Files\Canon
2014-08-07 03:26 - 2014-08-07 03:19 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-08-07 03:26 - 2009-07-13 23:20 - 00000000 __RSD () C:\windows\Media
2014-08-07 03:25 - 2014-08-07 03:25 - 00002029 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-08-07 03:25 - 2014-08-07 03:25 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-08-07 03:25 - 2014-08-07 03:25 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-08-07 03:22 - 2014-08-07 03:22 - 00002366 _____ () C:\Users\Public\Desktop\Canon MG5400 series On-screen Manual.lnk
2014-08-07 03:22 - 2014-08-07 03:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series Manual
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-08-07 03:21 - 2014-08-07 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series
2014-08-07 03:20 - 2014-08-07 03:20 - 00000000 ___HD () C:\ProgramData\CanonIJETV
2014-08-07 03:20 - 2014-08-07 03:20 - 00000000 ____D () C:\windows\system32\STRING
2014-08-07 02:48 - 2014-08-07 02:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\SWTOR
2014-08-07 00:41 - 2014-08-02 01:04 - 00000000 ____D () C:\Users\backdrop001\Documents\Fanfiction
2014-08-07 00:08 - 2014-08-07 00:08 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-08-07 00:08 - 2014-08-07 00:08 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\SWTORPerf
2014-08-07 00:07 - 2014-08-07 00:07 - 00014492 _____ () C:\Users\backdrop001\Documents\Install STAR WARS The Old Republic.log
2014-08-07 00:07 - 2014-08-07 00:07 - 00001457 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-08-07 00:07 - 2014-08-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-08-07 00:07 - 2014-08-07 00:07 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-08-07 00:07 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-06 22:16 - 2014-08-06 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 22:15 - 2014-08-06 22:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-06 22:15 - 2014-08-06 22:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-06 20:34 - 2014-08-06 18:17 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\NVIDIA Corporation
2014-08-06 20:34 - 2014-08-06 18:17 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\NVIDIA
2014-08-06 20:34 - 2014-08-02 00:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-06 20:15 - 2014-08-06 19:06 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\RIFT
2014-08-06 20:12 - 2014-08-02 03:09 - 00002338 _____ () C:\Users\backdrop001\Desktop\Safe Money.lnk
2014-08-06 20:02 - 2014-08-06 20:02 - 00001015 _____ () C:\Users\backdrop001\Desktop\SpeedFan.lnk
2014-08-06 20:02 - 2014-08-06 20:02 - 00000045 _____ () C:\windows\SysWOW64\initdebug.nfo
2014-08-06 20:02 - 2014-08-06 20:02 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-08-06 20:02 - 2014-08-06 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-08-06 20:02 - 2014-08-06 20:01 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\rmi
2014-08-06 19:57 - 2014-08-06 19:57 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Mozilla
2014-08-06 19:57 - 2014-08-06 19:57 - 00000000 ____D () C:\ProgramData\Norton
2014-08-06 19:33 - 2014-08-06 19:00 - 00625248 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-08-06 19:33 - 2014-08-06 19:00 - 00115296 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-08-06 19:33 - 2013-10-08 13:49 - 00458336 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kl1.sys
2014-08-06 19:33 - 2013-10-08 13:49 - 00029280 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klkbdflt.sys
2014-08-06 19:33 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kneps.sys
2014-08-06 19:16 - 2014-08-06 18:39 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-08-06 19:16 - 2014-08-02 02:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-06 19:15 - 2014-08-02 00:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Google
2014-08-06 19:01 - 2014-08-06 19:01 - 00001128 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-08-06 19:01 - 2014-08-06 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-08-06 19:00 - 2014-08-06 19:00 - 00000000 ____D () C:\windows\ELAMBKUP
2014-08-06 19:00 - 2014-08-06 19:00 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-08-06 18:55 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-08-06 18:45 - 2014-08-06 18:45 - 00001039 _____ () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2014-08-06 18:45 - 2014-08-06 18:45 - 00001015 _____ () C:\Users\backdrop001\Desktop\RaidCall.lnk
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\raidcall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-08-06 18:45 - 2014-08-06 18:45 - 00000000 ____D () C:\Program Files (x86)\RaidCall
2014-08-06 18:43 - 2014-08-06 18:43 - 05519456 _____ () C:\Users\backdrop001\Downloads\raidcall.exe
2014-08-06 18:43 - 2014-08-06 18:43 - 00004050 _____ () C:\windows\System32\Tasks\LaunchSignup
2014-08-06 18:42 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Resources
2014-08-06 18:41 - 2014-08-06 18:41 - 00004040 _____ () C:\windows\System32\Tasks\Open URL by RoboForm
2014-08-06 18:41 - 2014-08-06 18:41 - 00003516 _____ () C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\Users\backdrop001\Documents\My RoboForm Data
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\RoboForm
2014-08-06 18:41 - 2014-08-06 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-08-06 18:40 - 2014-08-06 18:40 - 00000000 ____D () C:\Users\backdrop001\Documents\addons
2014-08-06 18:40 - 2014-08-06 18:40 - 00000000 ____D () C:\Program Files (x86)\Siber Systems
2014-08-06 18:39 - 2014-08-02 02:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-08-06 18:37 - 2014-08-06 18:37 - 00001861 _____ () C:\Users\backdrop001\Desktop\RIFT.lnk
2014-08-06 18:37 - 2014-08-06 18:35 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-08-06 18:37 - 2014-08-06 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-08-06 18:37 - 2014-08-06 18:34 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-08-06 18:34 - 2014-08-06 18:34 - 00001005 _____ () C:\Users\backdrop001\Desktop\Glyph.lnk
2014-08-06 18:34 - 2014-08-06 18:34 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Glyph
2014-08-06 18:34 - 2014-08-06 18:34 - 00000000 ____D () C:\ProgramData\Glyph
2014-08-06 18:21 - 2014-08-06 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-06 18:17 - 2014-08-06 18:17 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-06 18:17 - 2014-08-02 00:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-06 18:17 - 2014-08-02 00:29 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-06 18:15 - 2014-08-06 18:15 - 06051254 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-08-06 18:08 - 2014-08-06 18:08 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-06 18:08 - 2014-08-06 18:08 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Sun
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-06 18:08 - 2014-08-06 18:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-05 14:04 - 2014-08-05 14:04 - 00002263 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 14:04 - 2014-08-05 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 14:04 - 2014-08-02 00:48 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-05 09:20 - 2010-11-20 23:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-05 03:39 - 2009-07-14 00:45 - 00346696 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-03 16:03 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-08-03 16:03 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-08-03 16:03 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\zh-HK
2014-08-03 16:03 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\tr-TR
2014-08-03 15:51 - 2014-08-03 15:51 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-03 15:51 - 2014-08-03 15:51 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-03 15:51 - 2014-08-03 15:51 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-03 15:51 - 2014-08-03 15:51 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-03 15:51 - 2014-08-03 15:51 - 01400416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2014-08-03 15:51 - 2014-08-03 15:51 - 01400416 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-08-03 15:51 - 2014-08-03 15:51 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 01054720 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00905728 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00719360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00629248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-08-03 15:51 - 2014-08-03 15:51 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-08-03 15:51 - 2014-08-03 15:51 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00232960 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00185344 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00150528 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00110592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-08-03 15:51 - 2014-08-03 15:51 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-08-03 15:51 - 2014-08-03 15:51 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-08-03 15:51 - 2014-08-03 15:51 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-08-03 15:51 - 2014-08-03 15:51 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 01162240 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-08-03 15:50 - 2014-08-03 15:50 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-03 15:50 - 2014-08-03 15:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 05559152 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03968368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 03913584 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-08-03 15:49 - 2014-08-03 15:49 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-03 15:49 - 2014-08-03 15:49 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-03 15:46 - 2014-08-03 15:46 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-08-03 15:46 - 2014-08-03 15:46 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-08-02 06:54 - 2014-08-02 01:14 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-08-02 06:54 - 2011-04-12 04:28 - 00000000 ____D () C:\windows\ShellNew
2014-08-02 06:54 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\Offline Web Pages
2014-08-02 06:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-02 06:53 - 2014-08-02 02:28 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-02 06:53 - 2014-08-02 02:28 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-02 06:52 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2014-08-02 04:26 - 2012-02-02 14:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-02 04:22 - 2012-02-02 14:13 - 00000080 _____ () C:\windows\system32\Defrag.ini
2014-08-02 04:21 - 2009-07-14 01:38 - 00025600 ___SH () C:\windows\system32\config\BCD-Template.LOG
2014-08-02 04:21 - 2009-07-14 01:32 - 00028672 _____ () C:\windows\system32\config\BCD-Template
2014-08-02 03:08 - 2014-08-02 03:08 - 00000584 _____ () C:\windows\system32\TmInstall.log
2014-08-02 02:41 - 2014-08-02 02:28 - 00000000 ____D () C:\Users\TEMP
2014-08-02 02:16 - 2014-08-02 01:30 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Windows Live Writer
2014-08-02 01:33 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\LiveKernelReports
2014-08-02 01:30 - 2014-08-02 01:30 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Windows Live Writer
2014-08-02 01:27 - 2014-08-02 00:49 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Google
2014-08-02 01:03 - 2014-08-02 01:03 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\ASUS WebStorage
2014-08-02 00:49 - 2014-08-02 00:49 - 00000000 ____D () C:\ProgramData\Google
2014-08-02 00:49 - 2014-08-02 00:49 - 00000000 ____D () C:\Program Files\Google
2014-08-02 00:48 - 2014-08-02 00:48 - 00097200 _____ () C:\Users\backdrop001\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-02 00:48 - 2014-08-02 00:48 - 00003904 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-02 00:48 - 2014-08-02 00:48 - 00003652 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-02 00:48 - 2014-08-02 00:48 - 00000000 ____D () C:\Users\backdrop001\AppData\Local\Apps\2.0
2014-08-02 00:47 - 2014-08-02 00:47 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\Macromedia
2014-08-02 00:43 - 2012-02-02 14:09 - 00000000 ____D () C:\windows\System32\Tasks\ASUS
2014-08-02 00:43 - 2012-02-02 14:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-02 00:42 - 2014-08-02 00:42 - 00000000 ____D () C:\windows\SysWOW64\Drivers\MFDLL
2014-08-02 00:42 - 2012-02-02 14:40 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-08-02 00:42 - 2012-02-02 14:40 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-08-02 00:42 - 2012-02-02 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-08-02 00:41 - 2014-08-02 00:41 - 00000000 _____ () C:\windows\SysWOW64\Drivers\1043_ASUSTeK_CM6870.alu
2014-08-02 00:36 - 2012-02-02 13:31 - 00000000 ____D () C:\windows\SysWOW64\OEM
2014-08-02 00:33 - 2012-02-02 14:00 - 00001769 _____ () C:\windows\Language_trs.ini
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\Public\Documents\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Users\backdrop001\AppData\Roaming\MAGIX
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\MAGIX
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\ProgramData\ASUS Music Maker
2014-08-02 00:32 - 2014-08-02 00:32 - 00000000 ____D () C:\Program Files (x86)\ASUS Music Maker
2014-08-02 00:32 - 2012-02-02 14:00 - 00007987 _____ () C:\windows\Ascd_log.ini
2014-08-02 00:31 - 2009-07-14 01:32 - 00000000 ____D () C:\windows\system32\restore
2014-08-02 00:30 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Help
2014-08-02 00:29 - 2014-08-02 00:29 - 00000020 ___SH () C:\Users\backdrop001\ntuser.ini
2014-08-02 00:29 - 2012-02-02 14:00 - 00005176 _____ () C:\windows\Ascd_tmp.ini
2014-08-02 00:29 - 2011-12-27 21:20 - 00000000 __SHD () C:\Recovery
2014-08-02 00:29 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-25 10:01 - 2014-08-06 18:17 - 01715224 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-07-25 10:01 - 2014-08-06 18:17 - 01291280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-07-25 10:01 - 2014-08-06 18:17 - 01283136 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-07-25 10:01 - 2014-08-06 18:17 - 01126480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-07-16 09:24 - 2014-08-02 02:14 - 00001076 _____ () C:\Users\backdrop001\Desktop\New Rich Text Document.txt

Some content of TEMP:
====================
C:\Users\backdrop001\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-07 16:19

==================== End Of Log ============================

MrCharlie · August 13, 2014

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

Please disable Windows Defender, you have Kaspersky running and having two anti-virus programs running on a system only causes poor performance, conflicts and spotty protection.

How to Disable Defender

Dangers of running 2 anti-virus programs

--------------------------------------

Make sure you have created a restore point and.....

Download Delfix from Here and save it to your desktop.

Place a check mark in front of .......
Create registry backup <---only!
Uncheck the rest!
Click the Run button.
Close the tool out when it's done....we'll use it later.
===================
Download the attached fixlist.txt to the same folder as FRST.exe/FRST64.exe.
Run FRST.exe/FRST64.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.
===================
Please download AdwCleaner from HERE or HERE to your desktop.
- Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
- Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- When it's done you'll see: Pending: Please uncheck elements you don't want removed.
- Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
- Look over the log especially under Files/Folders for any program you want to save.
- If there's a program you may want to save, just uncheck it from AdwCleaner.
- If you're not sure, post the log for review. (all items found are either adware/spyware/foistware)
- If you're ready to clean it all up.....click the Clean button.
- After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
- Copy and paste the contents of that logfile in your next reply.
- A copy of that logfile will also be saved in the C:\AdwCleaner folder.
- Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
- To restore an item that has been deleted:
- Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Next..................
Please download Junkware Removal Tool to your desktop.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
======================
You have to reset this Chrome setting manually:
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=M8ED2BBB0-2E0E-4917-B1AF-93C4D2996A5F&SearchSource=55&CUI=&UM=6&UP=SP09F2EE62-C61A-4BFC-9CE9-A13BD7E51C4B&SSPV="

The link below explains how to do it:
https://support.google.com/chrome/answer/95421?hl=en <<<---CHR StartupUrls:
Then...........
Open up Chrome by clicking on the 3 bars in the upper right hand corner.
Then in Chrome go to Settings > Under Sign In, go to Google Dashboard > Click on Settings > Click on Stop and Clear left bottom of the page.
=======================
Rescan with Malwarebytes, that entry may be found one more time, after that it should come up clean.
Let me know.....MrC

MrCharlie · August 15, 2014

How are we doing??

Do you still need help or can I close this post??

MrC

AdvancedSetup · August 19, 2014

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

trovi keeps coming back

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information