Jump to content

AntiLog64 .sys


Recommended Posts

Hi, I recently was infected with a virus that came from a driver called AntiLog64 .sys.  I am running windows 8.1 64-bit on the infected computer.  I am not currently using the infected computer because I can not access the internet.  They suggested using malwarebytes to remove it but i cant connect to the internet to do so.  How can I get malewarebytes on the infected computer to resolve this?  Any help is appriciated, thanks.

 

Justin

 

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
Use a flash device to transfer the following tools to the infected computer. Run them there and post the logs here.
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )

    [*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Link to post
Share on other sites

This is the contents of the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by Justin (administrator) on JUSTIN on 13-08-2014 12:32:34
Running from F:\
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Gameiki] => C:\Program Files (x86)\Gameiki\Gameiki Mod Installer\Gameiki Mod Installer.exe [358912 2014-02-23] ()
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2014-02-25] (Razer Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1448521790-3827181847-1819084779-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-1448521790-3827181847-1819084779-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-15] (Valve Corporation)
HKU\S-1-5-21-1448521790-3827181847-1819084779-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.1211.1\NativeBHO.dll No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{BF243D0D-2E35-4D97-9277-E7772D3825E2}: [NameServer]75.75.75.75,75.75.76.76
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Justin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3321486&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP59CCFDFF-9643-47D8-B78D-653D3574E169&SSPV=
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3321486&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP59CCFDFF-9643-47D8-B78D-653D3574E169&SSPV=", "hxxp://us.yahoo.com/"
CHR Extension: (Google Docs) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (Google Search) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (AdBlock) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-10]
CHR Extension: (Night Dragon) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgcmiklnafggpboajdldhfdnemfaheh [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (Gmail) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
 
S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
S4 HPSLPSVC; C:\Users\Justin\AppData\Local\Temp\7zS301E\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S4 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S4 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-15] (LogMeIn Inc.)
S3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog64.sys [X]
S1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [X]
S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-13 12:32 - 2014-08-13 12:32 - 00000000 ____D () C:\FRST
2014-08-12 20:56 - 2014-08-12 20:56 - 00000000 ____D () C:\Users\Justin\AppData\Local\Adobe
2014-08-12 12:20 - 2014-08-12 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-08-12 12:20 - 2014-08-12 12:20 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-08-12 12:19 - 2014-08-12 12:19 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Justin\Downloads\everesthome220.exe
2014-08-12 10:33 - 2014-08-12 10:33 - 00454537 _____ () C:\Users\Justin\Downloads\Insanity.zip
2014-08-12 09:48 - 2014-08-12 09:48 - 32291561 _____ () C:\Users\Justin\Downloads\GLaDOS (GK and BNW) (v 4).civ5mod
2014-08-11 19:26 - 2014-08-11 19:26 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-08-11 19:26 - 2014-08-11 19:25 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-11 19:26 - 2014-08-11 19:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-11 19:26 - 2014-08-11 19:25 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-11 19:23 - 2014-08-11 19:24 - 31013800 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-x64 (1).exe
2014-08-11 19:07 - 2014-08-11 19:07 - 31013800 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-x64.exe
2014-08-11 18:26 - 2014-08-11 18:26 - 02716973 _____ () C:\Users\Justin\Downloads\anthill.zip
2014-08-11 18:17 - 2014-08-11 18:18 - 09123001 _____ () C:\Users\Justin\Downloads\Run 2.zip
2014-08-11 17:11 - 2014-08-11 17:11 - 01338757 _____ () C:\Users\Justin\Downloads\Run.zip
2014-08-11 14:27 - 2014-08-11 14:28 - 02258993 _____ () C:\Users\Justin\Downloads\Puzzle Partners 1.3.zip
2014-08-11 13:55 - 2014-08-11 13:55 - 09173673 _____ () C:\Users\Justin\Downloads\minecraft_server.1.7.5.jar
2014-08-11 13:48 - 2014-08-11 13:48 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Oracle
2014-08-11 13:47 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 13:47 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-11 13:47 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-11 13:47 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-11 13:46 - 2014-08-11 13:47 - 00004489 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 13:43 - 2014-08-11 13:43 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\chromeinstall-7u67 (1).exe
2014-08-11 13:41 - 2014-08-11 13:42 - 00247154 _____ () C:\Users\Justin\Documents\hs_err_pid5224.log
2014-08-11 13:34 - 2014-08-11 13:34 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\chromeinstall-7u67.exe
2014-08-11 08:57 - 2014-08-11 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Public\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Justin\Documents\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\ProgramData\CyberLink
2014-08-05 15:35 - 2014-08-05 15:35 - 07234489 _____ () C:\Users\Justin\Downloads\ValcanGamings Note Block Songs.rar
2014-08-05 15:20 - 2014-08-05 15:20 - 00002141 _____ () C:\Users\Justin\Downloads\13. wet hands.mid
2014-08-05 12:25 - 2014-08-05 12:25 - 02870927 _____ () C:\Users\Justin\Downloads\farlanders-1.7.2-v1.2a.jar
2014-08-05 12:25 - 2014-08-05 12:25 - 00079580 _____ () C:\Users\Justin\Downloads\Waterpipe1.1[1.7.2].jar
2014-08-05 12:24 - 2014-08-05 12:24 - 01052823 _____ () C:\Users\Justin\Downloads\MutantCreatures-1.7.2-1.4.5.jar
2014-08-05 12:15 - 2014-08-05 12:17 - 155457756 _____ () C:\Users\Justin\Downloads\Pixelmon-1.7.10-3.2.2-universal.jar
2014-08-04 23:11 - 2014-08-04 23:11 - 00001253 _____ () C:\Users\Public\Desktop\Minecraft Note Block Studio.lnk
2014-08-04 23:10 - 2014-08-04 23:10 - 03897585 _____ (David Norgren ) C:\Users\Justin\Downloads\mcnbs_setup (1).exe
2014-08-04 23:10 - 2014-08-04 23:10 - 03897585 _____ (David Norgren ) C:\Users\Justin\Downloads\mcnbs_setup (1) (1).exe
2014-08-04 12:21 - 2014-08-04 12:22 - 00000000 ____D () C:\Users\Justin\Desktop\Building Computer
2014-08-04 11:19 - 2014-08-04 11:19 - 00000752 _____ () C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2014-08-04 11:12 - 2014-08-04 11:15 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-04 11:11 - 2014-01-20 16:30 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 02476952 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00906200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 00845272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00729088 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-08-04 11:11 - 2014-01-20 16:30 - 00416216 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 00391128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00279000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-08-04 11:11 - 2014-01-20 16:30 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3383.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-08-04 11:11 - 2014-01-20 16:30 - 00002940 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-08-04 11:10 - 2014-01-20 16:30 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 21007360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 06205952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 04220416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-08-04 11:10 - 2014-01-20 16:30 - 03207680 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 02881536 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00771544 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-08-04 11:10 - 2014-01-20 16:30 - 00770520 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-08-04 11:10 - 2014-01-20 16:30 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00397784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-08-04 11:10 - 2014-01-20 16:30 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-08-04 11:10 - 2014-01-20 16:30 - 00347648 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00280064 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-08-04 11:10 - 2014-01-20 16:30 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-08-04 11:10 - 2014-01-20 16:30 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-08-04 11:10 - 2014-01-20 16:29 - 07596504 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-08-04 11:10 - 2014-01-20 16:29 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll
2014-08-04 11:10 - 2014-01-20 16:29 - 00755160 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe
2014-08-04 11:10 - 2014-01-20 16:29 - 00530904 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-08-04 11:10 - 2014-01-20 16:29 - 00396760 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-08-04 11:10 - 2014-01-20 16:29 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-08-04 11:10 - 2014-01-20 16:29 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-08-04 11:10 - 2014-01-20 16:29 - 00153048 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-08-04 11:10 - 2014-01-20 16:29 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-08-04 11:10 - 2014-01-08 16:01 - 00450520 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-08-04 10:36 - 2014-08-04 10:38 - 151539370 _____ () C:\Users\Justin\Downloads\V10.18.10.3383_Win8.1_64 (1).exe
2014-08-04 09:43 - 2014-08-04 09:43 - 08268486 _____ () C:\Users\Justin\Downloads\Unown Pack.rar
2014-08-04 09:40 - 2014-08-04 09:40 - 07994784 _____ () C:\Users\Justin\Downloads\Delta Pack Sharp 125 175b.rar
2014-08-04 09:36 - 2014-08-04 09:37 - 33676127 _____ () C:\Users\Justin\Downloads\Shadow Pack Sharp 125 175b v2.rar
2014-08-04 09:35 - 2014-08-04 09:35 - 00062122 _____ () C:\Users\Justin\Downloads\Party Stealth Selectors.rar
2014-08-04 08:49 - 2014-08-04 09:03 - 00000000 ____D () C:\Users\Justin\Desktop\Omicron Backups
2014-08-04 08:46 - 2014-08-04 08:46 - 06531055 _____ () C:\Users\Justin\Downloads\Melly's UI Mega Overhaul Updated V1.1.rar
2014-08-04 08:16 - 2014-08-04 08:16 - 00001103 _____ () C:\Users\Justin\Desktop\Cheat Engine.lnk
2014-08-04 08:16 - 2014-08-04 08:16 - 00000000 ____D () C:\Users\Justin\Documents\My Cheat Tables
2014-08-04 08:16 - 2014-08-04 08:16 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-08-04 08:12 - 2014-08-04 08:12 - 09052192 _____ (Cheat Engine ) C:\Users\Justin\Downloads\CheatEngine64.exe
2014-08-04 00:58 - 2014-08-04 08:57 - 00000000 ____D () C:\Users\Justin\Desktop\Pokemon Omicron
2014-08-04 00:57 - 2014-08-04 01:09 - 1007078353 _____ () C:\Users\Justin\Downloads\XY Animated Sprite Sharpened 125 175b.rar
2014-08-04 00:49 - 2014-08-04 00:51 - 119922034 _____ () C:\Users\Justin\Downloads\Pokemon Omicron 1.4 (Win).zip
2014-08-03 08:36 - 2014-08-03 08:36 - 00182824 _____ () C:\Users\Justin\Downloads\ModLoader.zip
2014-08-03 08:36 - 2014-08-03 08:36 - 00016210 _____ () C:\Users\Justin\Downloads\Biosphere.zip
2014-08-02 19:19 - 2014-08-02 19:19 - 39799332 _____ () C:\Users\Justin\Downloads\Atherys Ascended v3.2.zip
2014-08-02 19:19 - 2014-08-02 19:19 - 09999270 _____ () C:\Users\Justin\Downloads\minecraft_server.1.7.10.exe
2014-08-02 19:18 - 2014-08-02 19:18 - 09959536 _____ () C:\Users\Justin\Downloads\Wrath of the Fallen 1.7.zip
2014-08-02 12:04 - 2014-08-02 12:04 - 02360903 _____ () C:\Users\Justin\Downloads\minecraft_server.jar
2014-08-02 12:03 - 2014-08-11 19:51 - 00000000 ____D () C:\Users\Justin\Desktop\STUPID 1.5
2014-08-02 12:02 - 2014-08-02 12:02 - 05564661 _____ () C:\Users\Justin\Downloads\minecraft (1).jar
2014-08-02 11:27 - 2014-08-02 11:28 - 63252202 _____ () C:\Users\Justin\Downloads\The dropper 2 By BIGRE.zip
2014-07-19 09:39 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-19 09:38 - 2014-07-19 09:38 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-19 09:37 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-19 09:37 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-19 09:37 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-19 09:37 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-19 09:37 - 2014-05-09 23:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-07-19 09:37 - 2014-05-09 23:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-07-19 09:37 - 2014-05-08 19:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-07-19 09:37 - 2014-04-03 03:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-19 09:37 - 2014-04-03 03:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-19 09:36 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-19 09:36 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-19 09:36 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-19 09:36 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-19 09:36 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-19 09:36 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-19 09:36 - 2014-04-18 10:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-07-19 09:36 - 2014-04-18 10:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-07-19 09:36 - 2014-04-18 09:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-07-19 09:36 - 2014-04-18 05:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-07-19 09:36 - 2014-04-18 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-07-19 09:36 - 2014-04-18 04:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-07-19 09:36 - 2014-04-18 04:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-07-19 09:36 - 2014-04-18 03:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-07-19 09:36 - 2014-04-18 03:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-07-19 09:36 - 2014-04-14 05:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-07-19 09:36 - 2014-04-14 04:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-07-19 09:36 - 2014-04-11 00:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-07-19 09:36 - 2014-04-11 00:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-07-19 09:36 - 2014-04-10 23:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-07-19 09:36 - 2014-04-09 07:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-19 09:36 - 2014-04-09 02:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-07-19 09:36 - 2014-04-09 01:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-07-19 09:36 - 2014-04-08 23:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-07-19 09:36 - 2014-04-07 22:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-07-19 09:36 - 2014-04-06 12:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-07-19 09:36 - 2014-04-06 12:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-07-19 09:36 - 2014-04-06 12:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-07-19 09:36 - 2014-04-06 12:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-07-19 09:36 - 2014-04-06 12:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-07-19 09:36 - 2014-04-06 12:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-07-19 09:36 - 2014-04-06 12:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-07-19 09:36 - 2014-04-06 12:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-07-19 09:36 - 2014-04-06 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-07-19 09:36 - 2014-04-06 11:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-07-19 09:36 - 2014-04-06 11:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-07-19 09:36 - 2014-04-06 11:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-07-19 09:36 - 2014-04-06 11:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-07-19 09:36 - 2014-04-06 08:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-07-19 09:36 - 2014-04-06 08:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-07-19 09:36 - 2014-04-06 08:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-07-19 09:36 - 2014-04-06 08:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-07-19 09:36 - 2014-04-06 08:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-07-19 09:36 - 2014-04-06 07:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-19 09:36 - 2014-04-06 07:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-19 09:36 - 2014-04-06 07:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-07-19 09:36 - 2014-04-06 07:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-07-19 09:36 - 2014-04-06 07:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-07-19 09:36 - 2014-04-06 06:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-07-19 09:36 - 2014-04-06 06:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-07-19 09:36 - 2014-04-06 06:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-07-19 09:36 - 2014-04-06 06:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-07-19 09:36 - 2014-04-06 06:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-07-19 09:36 - 2014-04-06 05:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-07-19 09:36 - 2014-04-03 04:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-07-19 09:36 - 2014-04-03 04:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-07-19 09:36 - 2014-04-03 04:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-07-19 09:36 - 2014-04-03 00:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-07-19 09:36 - 2014-04-03 00:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-07-19 09:36 - 2014-04-02 23:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-07-19 09:36 - 2014-04-02 22:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-07-19 09:36 - 2014-04-02 22:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-07-19 09:36 - 2014-04-02 22:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-07-19 09:36 - 2014-04-02 22:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-19 09:36 - 2014-04-02 22:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-07-19 09:36 - 2014-04-02 22:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-07-19 09:36 - 2014-04-01 02:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-07-19 09:36 - 2014-03-31 01:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-19 09:36 - 2014-03-30 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-07-19 09:36 - 2014-03-30 20:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-07-19 09:36 - 2014-03-30 19:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-07-19 09:36 - 2014-03-30 18:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-07-19 09:36 - 2014-03-30 18:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-07-19 09:36 - 2014-03-30 18:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-07-19 09:36 - 2014-03-30 18:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-19 09:36 - 2014-03-30 17:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-07-19 09:36 - 2014-03-28 11:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-07-19 09:36 - 2014-03-27 02:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-07-19 09:36 - 2014-03-27 01:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-07-19 09:36 - 2014-03-27 00:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-07-19 09:36 - 2014-03-27 00:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-07-19 09:36 - 2014-03-27 00:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-07-19 09:36 - 2014-03-26 23:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-07-19 09:36 - 2014-03-26 23:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-07-19 09:36 - 2014-03-26 23:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-07-19 09:36 - 2014-03-24 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-19 09:36 - 2014-03-19 23:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-07-19 09:36 - 2014-03-19 20:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-07-19 09:36 - 2014-03-19 19:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-07-19 09:36 - 2014-03-19 04:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-07-19 09:36 - 2014-03-19 04:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-07-19 09:36 - 2014-03-19 03:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-07-19 09:36 - 2014-03-19 03:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-07-19 09:36 - 2014-03-19 02:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-07-19 09:36 - 2014-03-19 01:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-07-19 09:36 - 2014-03-19 01:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-07-19 09:36 - 2014-03-19 01:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-07-19 09:36 - 2014-03-19 01:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-07-19 09:36 - 2014-03-19 01:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-07-19 09:36 - 2014-03-19 01:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-07-19 09:36 - 2014-03-19 00:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-07-19 09:36 - 2014-03-19 00:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-07-19 09:36 - 2014-03-19 00:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-07-19 09:36 - 2014-03-18 04:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-19 09:36 - 2014-03-18 01:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-07-19 09:36 - 2014-03-18 00:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-07-19 09:36 - 2014-03-17 01:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-07-19 09:36 - 2014-03-17 00:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-07-19 09:36 - 2014-03-16 23:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-07-19 09:36 - 2014-03-16 22:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-19 09:36 - 2014-03-16 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-07-19 09:36 - 2014-03-14 02:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-07-19 09:36 - 2014-03-14 02:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-07-19 09:36 - 2014-03-06 08:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-07-19 09:35 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-19 09:35 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-19 09:35 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-19 09:35 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-19 09:35 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-19 09:35 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-19 09:35 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-19 09:35 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-19 09:35 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-19 09:35 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-19 09:35 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-19 09:35 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-19 09:35 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-19 09:35 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-19 09:35 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-19 09:35 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-19 09:35 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-19 09:35 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-19 09:35 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-19 09:35 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-19 09:35 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-19 09:35 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-19 09:35 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-19 09:35 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-19 09:35 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-19 09:35 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-19 09:35 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-19 09:35 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-19 09:35 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-19 09:35 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-19 09:35 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-19 09:35 - 2014-05-05 00:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-07-19 09:34 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-19 09:34 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-19 09:34 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-19 09:34 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-19 09:34 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-19 09:34 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-19 09:34 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-19 09:34 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-19 09:34 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-19 09:34 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-19 09:34 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-19 09:34 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-19 09:34 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-19 09:34 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-19 09:34 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-19 09:34 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-19 09:34 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-19 09:34 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-19 09:34 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-19 09:34 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-19 09:34 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-07-19 09:34 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-07-19 09:34 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-07-19 08:59 - 2014-05-01 09:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-07-19 08:59 - 2014-05-01 09:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-07-19 08:59 - 2014-05-01 03:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-07-19 08:59 - 2014-05-01 03:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-07-19 08:59 - 2014-05-01 02:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-07-19 08:59 - 2014-05-01 01:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-07-19 08:59 - 2014-04-30 07:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-07-19 08:59 - 2014-04-30 00:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-07-19 08:59 - 2014-04-30 00:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-07-19 08:59 - 2014-04-29 23:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-07-19 08:59 - 2014-04-29 23:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-07-19 08:56 - 2014-07-19 08:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-07-16 17:45 - 2014-07-16 17:45 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Proxy Studios
2014-07-15 11:09 - 2014-07-15 11:09 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-07-14 22:51 - 2014-08-12 20:56 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-14 22:51 - 2014-07-14 22:51 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-14 22:39 - 2014-07-14 22:40 - 01057176 _____ (Adobe) C:\Users\Justin\Downloads\install_flashplayer14x32_mssd_aaa_aih.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-13 12:32 - 2014-08-13 12:32 - 00000000 ____D () C:\FRST
2014-08-13 12:32 - 2013-10-17 17:59 - 00000062 _____ () C:\Users\Justin\AppData\Roaming\sp_data.sys
2014-08-13 12:31 - 2013-10-17 18:08 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 12:30 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-12 20:56 - 2014-08-12 20:56 - 00000000 ____D () C:\Users\Justin\AppData\Local\Adobe
2014-08-12 20:56 - 2014-07-14 22:51 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-12 20:45 - 2013-10-17 18:08 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 20:42 - 2013-10-17 18:08 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1448521790-3827181847-1819084779-1001
2014-08-12 20:20 - 2013-10-19 15:03 - 01206906 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-12 16:01 - 2014-01-19 18:47 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-08-12 16:01 - 2013-09-29 23:55 - 01087752 _____ () C:\WINDOWS\PFRO.log
2014-08-12 16:00 - 2014-01-19 18:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\ZALSDK_uninst
2014-08-12 15:42 - 2014-01-16 21:07 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-12 15:42 - 2013-05-16 11:20 - 00168935 ____N () C:\WINDOWS\Minidump\081214-32625-01.dmp
2014-08-12 15:37 - 2013-05-16 11:20 - 00168935 ____N () C:\WINDOWS\Minidump\081214-41843-01.dmp
2014-08-12 15:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-12 15:32 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-12 14:51 - 2013-05-16 11:20 - 00170983 ____N () C:\WINDOWS\Minidump\081214-24046-01.dmp
2014-08-12 14:45 - 2013-05-16 11:20 - 00170983 ____N () C:\WINDOWS\Minidump\081214-33859-01.dmp
2014-08-12 14:15 - 2014-01-15 14:59 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Skype
2014-08-12 14:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-12 13:57 - 2014-04-13 21:52 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\.minecraft
2014-08-12 12:33 - 2014-06-11 19:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-12 12:31 - 2014-01-31 15:53 - 00000000 __RDO () C:\Users\Justin\SkyDrive
2014-08-12 12:20 - 2014-08-12 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-08-12 12:20 - 2014-08-12 12:20 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-08-12 12:19 - 2014-08-12 12:19 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Justin\Downloads\everesthome220.exe
2014-08-12 12:12 - 2014-06-20 22:01 - 00000000 ____D () C:\Users\Justin\Desktop\WHY DIS LAG
2014-08-12 11:48 - 2014-01-16 21:07 - 584498215 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-12 10:46 - 2013-10-25 23:22 - 00000000 ____D () C:\Users\Justin\Documents\My Games
2014-08-12 10:33 - 2014-08-12 10:33 - 00454537 _____ () C:\Users\Justin\Downloads\Insanity.zip
2014-08-12 09:48 - 2014-08-12 09:48 - 32291561 _____ () C:\Users\Justin\Downloads\GLaDOS (GK and BNW) (v 4).civ5mod
2014-08-12 09:35 - 2014-01-21 21:11 - 00000000 ____D () C:\Users\Justin\AppData\Local\CrashDumps
2014-08-11 19:51 - 2014-08-02 12:03 - 00000000 ____D () C:\Users\Justin\Desktop\STUPID 1.5
2014-08-11 19:26 - 2014-08-11 19:26 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-08-11 19:25 - 2014-08-11 19:26 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-11 19:25 - 2014-08-11 19:26 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-11 19:25 - 2014-08-11 19:26 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-11 19:25 - 2013-10-28 18:04 - 00000000 ____D () C:\Program Files\Java
2014-08-11 19:24 - 2014-08-11 19:23 - 31013800 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-x64 (1).exe
2014-08-11 19:22 - 2013-08-22 10:46 - 00289687 _____ () C:\WINDOWS\setupact.log
2014-08-11 19:09 - 2013-10-17 18:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 19:07 - 2014-08-11 19:07 - 31013800 _____ (Oracle Corporation) C:\Users\Justin\Downloads\jre-7u67-windows-x64.exe
2014-08-11 18:26 - 2014-08-11 18:26 - 02716973 _____ () C:\Users\Justin\Downloads\anthill.zip
2014-08-11 18:18 - 2014-08-11 18:17 - 09123001 _____ () C:\Users\Justin\Downloads\Run 2.zip
2014-08-11 17:11 - 2014-08-11 17:11 - 01338757 _____ () C:\Users\Justin\Downloads\Run.zip
2014-08-11 14:28 - 2014-08-11 14:27 - 02258993 _____ () C:\Users\Justin\Downloads\Puzzle Partners 1.3.zip
2014-08-11 13:55 - 2014-08-11 13:55 - 09173673 _____ () C:\Users\Justin\Downloads\minecraft_server.1.7.5.jar
2014-08-11 13:48 - 2014-08-11 13:48 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Oracle
2014-08-11 13:47 - 2014-08-11 13:46 - 00004489 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 13:47 - 2013-10-17 18:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 13:43 - 2014-08-11 13:43 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\chromeinstall-7u67 (1).exe
2014-08-11 13:42 - 2014-08-11 13:41 - 00247154 _____ () C:\Users\Justin\Documents\hs_err_pid5224.log
2014-08-11 13:34 - 2014-08-11 13:34 - 00918440 _____ (Oracle Corporation) C:\Users\Justin\Downloads\chromeinstall-7u67.exe
2014-08-11 10:54 - 2013-12-01 15:28 - 00000000 ____D () C:\Users\Justin\Documents\feed the beast
2014-08-11 09:01 - 2013-12-07 13:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-11 08:57 - 2014-08-11 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 08:57 - 2013-10-17 18:08 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-10 21:48 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Public\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Justin\Documents\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\CyberLink
2014-08-10 12:27 - 2014-08-10 12:27 - 00000000 ____D () C:\ProgramData\CyberLink
2014-08-08 22:32 - 2013-10-19 14:44 - 00000000 ____D () C:\Users\Justin
2014-08-05 15:35 - 2014-08-05 15:35 - 07234489 _____ () C:\Users\Justin\Downloads\ValcanGamings Note Block Songs.rar
2014-08-05 15:20 - 2014-08-05 15:20 - 00002141 _____ () C:\Users\Justin\Downloads\13. wet hands.mid
2014-08-05 12:25 - 2014-08-05 12:25 - 02870927 _____ () C:\Users\Justin\Downloads\farlanders-1.7.2-v1.2a.jar
2014-08-05 12:25 - 2014-08-05 12:25 - 00079580 _____ () C:\Users\Justin\Downloads\Waterpipe1.1[1.7.2].jar
2014-08-05 12:24 - 2014-08-05 12:24 - 01052823 _____ () C:\Users\Justin\Downloads\MutantCreatures-1.7.2-1.4.5.jar
2014-08-05 12:17 - 2014-08-05 12:15 - 155457756 _____ () C:\Users\Justin\Downloads\Pixelmon-1.7.10-3.2.2-universal.jar
2014-08-05 12:08 - 2014-06-17 21:24 - 00000086 _____ () C:\Users\Justin\.atl.properties
2014-08-05 11:57 - 2014-04-24 23:08 - 00000000 ____D () C:\Users\Justin\Documents\AT Launcher
2014-08-05 11:44 - 2014-06-18 15:26 - 00000000 ____D () C:\Users\Justin\AppData\Local\ftblauncher
2014-08-05 11:14 - 2013-12-01 15:28 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\ftblauncher
2014-08-04 23:11 - 2014-08-04 23:11 - 00001253 _____ () C:\Users\Public\Desktop\Minecraft Note Block Studio.lnk
2014-08-04 23:11 - 2014-03-29 17:17 - 00000000 ____D () C:\Program Files (x86)\Minecraft Note Block Studio
2014-08-04 23:11 - 2014-03-29 17:16 - 00000000 ____D () C:\Users\Justin\Documents\Note Block Studio
2014-08-04 23:10 - 2014-08-04 23:10 - 03897585 _____ (David Norgren ) C:\Users\Justin\Downloads\mcnbs_setup (1).exe
2014-08-04 23:10 - 2014-08-04 23:10 - 03897585 _____ (David Norgren ) C:\Users\Justin\Downloads\mcnbs_setup (1) (1).exe
2014-08-04 14:14 - 2013-11-17 20:19 - 00000000 ___RD () C:\Users\Justin\Documents\Minecraft Server
2014-08-04 12:22 - 2014-08-04 12:21 - 00000000 ____D () C:\Users\Justin\Desktop\Building Computer
2014-08-04 11:24 - 2013-05-16 11:31 - 00015856 _____ () C:\WINDOWS\system32\results.xml
2014-08-04 11:23 - 2013-08-22 10:44 - 00503968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-04 11:22 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-04 11:19 - 2014-08-04 11:19 - 00000752 _____ () C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2014-08-04 11:19 - 2013-05-16 11:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-08-04 11:15 - 2014-08-04 11:12 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-04 10:38 - 2014-08-04 10:36 - 151539370 _____ () C:\Users\Justin\Downloads\V10.18.10.3383_Win8.1_64 (1).exe
2014-08-04 09:43 - 2014-08-04 09:43 - 08268486 _____ () C:\Users\Justin\Downloads\Unown Pack.rar
2014-08-04 09:43 - 2013-12-07 13:50 - 00000000 ___RD () C:\Users\Justin\Google Drive
2014-08-04 09:40 - 2014-08-04 09:40 - 07994784 _____ () C:\Users\Justin\Downloads\Delta Pack Sharp 125 175b.rar
2014-08-04 09:37 - 2014-08-04 09:36 - 33676127 _____ () C:\Users\Justin\Downloads\Shadow Pack Sharp 125 175b v2.rar
2014-08-04 09:35 - 2014-08-04 09:35 - 00062122 _____ () C:\Users\Justin\Downloads\Party Stealth Selectors.rar
2014-08-04 09:03 - 2014-08-04 08:49 - 00000000 ____D () C:\Users\Justin\Desktop\Omicron Backups
2014-08-04 08:57 - 2014-08-04 00:58 - 00000000 ____D () C:\Users\Justin\Desktop\Pokemon Omicron
2014-08-04 08:46 - 2014-08-04 08:46 - 06531055 _____ () C:\Users\Justin\Downloads\Melly's UI Mega Overhaul Updated V1.1.rar
2014-08-04 08:16 - 2014-08-04 08:16 - 00001103 _____ () C:\Users\Justin\Desktop\Cheat Engine.lnk
2014-08-04 08:16 - 2014-08-04 08:16 - 00000000 ____D () C:\Users\Justin\Documents\My Cheat Tables
2014-08-04 08:16 - 2014-08-04 08:16 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-08-04 08:12 - 2014-08-04 08:12 - 09052192 _____ (Cheat Engine ) C:\Users\Justin\Downloads\CheatEngine64.exe
2014-08-04 01:09 - 2014-08-04 00:57 - 1007078353 _____ () C:\Users\Justin\Downloads\XY Animated Sprite Sharpened 125 175b.rar
2014-08-04 00:51 - 2014-08-04 00:49 - 119922034 _____ () C:\Users\Justin\Downloads\Pokemon Omicron 1.4 (Win).zip
2014-08-03 08:36 - 2014-08-03 08:36 - 00182824 _____ () C:\Users\Justin\Downloads\ModLoader.zip
2014-08-03 08:36 - 2014-08-03 08:36 - 00016210 _____ () C:\Users\Justin\Downloads\Biosphere.zip
2014-08-02 19:19 - 2014-08-02 19:19 - 39799332 _____ () C:\Users\Justin\Downloads\Atherys Ascended v3.2.zip
2014-08-02 19:19 - 2014-08-02 19:19 - 09999270 _____ () C:\Users\Justin\Downloads\minecraft_server.1.7.10.exe
2014-08-02 19:18 - 2014-08-02 19:18 - 09959536 _____ () C:\Users\Justin\Downloads\Wrath of the Fallen 1.7.zip
2014-08-02 12:04 - 2014-08-02 12:04 - 02360903 _____ () C:\Users\Justin\Downloads\minecraft_server.jar
2014-08-02 12:02 - 2014-08-02 12:02 - 05564661 _____ () C:\Users\Justin\Downloads\minecraft (1).jar
2014-08-02 11:28 - 2014-08-02 11:27 - 63252202 _____ () C:\Users\Justin\Downloads\The dropper 2 By BIGRE.zip
2014-07-25 12:55 - 2014-08-11 13:47 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-25 12:49 - 2014-08-11 13:47 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-25 12:49 - 2014-08-11 13:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-25 12:49 - 2014-08-11 13:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-19 13:23 - 2013-09-30 00:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-19 12:46 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-19 12:46 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-07-19 12:46 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 12:46 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 12:46 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-07-19 12:45 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-19 09:42 - 2013-10-18 23:29 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-19 09:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-19 09:38 - 2014-07-19 09:38 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-19 09:38 - 2013-09-29 23:51 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-19 09:34 - 2014-07-19 09:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-07-19 09:34 - 2014-07-19 09:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-19 09:34 - 2014-07-19 09:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-07-19 08:56 - 2014-07-19 08:56 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-07-16 17:45 - 2014-07-16 17:45 - 00000000 ____D () C:\Users\Justin\AppData\Roaming\Proxy Studios
2014-07-15 11:09 - 2014-07-15 11:09 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-07-14 22:51 - 2014-07-14 22:51 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-14 22:40 - 2014-07-14 22:39 - 01057176 _____ (Adobe) C:\Users\Justin\Downloads\install_flashplayer14x32_mssd_aaa_aih.exe
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\Justin\AppData\Local\Temp\COMAP.EXE
C:\Users\Justin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Justin\AppData\Local\Temp\_isA30D.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-08-03 13:32
 
==================== End Of Log ============================
Link to post
Share on other sites

These are the contents of the Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014
Ran by Justin at 2014-08-13 12:34:27
Running from F:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 MFC-7840W (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - Zombie, Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Auto Clicker (HKLM-x32\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameiki Mod Installer (HKCU\...\Gameiki) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13225.3 - Linksys LLC)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Note Block Studio version 3.2.1 (HKLM-x32\...\{84077DA9-3075-4AE5-BC82-345202B8CD4F}_is1) (Version: 3.2.1 - David Norgren)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Pandora: First Contact (HKLM-x32\...\Steam App 287580) (Version:  - Proxy Studios)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version:  - Airtight Games)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{B81207ED-C990-4AB1-B5D5-A191EA253C0D}) (Version: 3.5.14064.0 - BinaryConstruct)
Terrafirma (HKLM-x32\...\{9EA1E037-86B8-496B-9C8C-31B3E3017C53}) (Version: 2.2.2.0 - Sean Kasun)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1448521790-3827181847-1819084779-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1448521790-3827181847-1819084779-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Justin\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1448521790-3827181847-1819084779-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Justin\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1448521790-3827181847-1819084779-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Justin\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1448521790-3827181847-1819084779-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Justin\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09B05414-FFB0-448D-A9F3-2872D09CC1A8} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {0A96592B-712E-4213-BF48-6508F421EF2F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C3BA6FB-80AC-4F10-93FF-47C170270A23} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {319274EF-D8A5-4075-B18F-595A5A7BD242} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D6A9179-3EDA-4E0C-8802-BE4F9D89FF35} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {47B55A6A-8D99-4BD1-BC0C-842ABD354623} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B1B14B9-F57C-46AF-9D76-146677A43BE0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {4C4775EB-472C-4FD0-8C1B-E16F65F51318} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-02-06] (AsusTek)
Task: {4F103411-1F27-4ACB-B4CB-90AE7D75E0CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {5874C941-AE51-4C4D-ADAC-3FC70551583B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {632D5310-DF90-4523-AFCB-D9D84DE5C0E8} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-01-31] (ASUS)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {8373FC0F-8614-4896-817D-C7AB17A85DCB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {96CC7814-CA31-4BFE-B179-4AD8ACFA3E87} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A09EB8C6-2503-4920-A222-8106C60C712B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-17] (Google Inc.)
Task: {A2532CD8-2D08-4B3F-AA2C-9E27A3FA3644} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {A38A8B34-C55D-4A33-93DC-52DE68CBD054} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe
Task: {B0B66DEA-7DBB-4DAC-9535-A54DD8BE4510} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe
Task: {B147C639-C3D3-428C-9FFD-D82DDB61EF51} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {C42D2AAF-A4DC-40FC-BF9E-06C1BF31E60F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-01-31] (ASUSTeK Computer Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D0684D88-8466-4F27-9EAA-5A064C9191D4} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D1D49BAC-7891-4745-9599-60FD8895E421} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D3570E86-9BFE-4B5D-A52F-BFB2EC608C9F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\WSCStub.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F0FCFCA5-1007-4916-A7B4-315B1F6F0428} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {F94D42A5-D3CC-4574-8805-30DC38E02B23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-17] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-24 20:26 - 2012-08-24 20:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-07-14 19:06 - 2014-05-20 12:19 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-03 02:59 - 2014-02-10 13:04 - 00430080 _____ () C:\WINDOWS\mod_frst.exe
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Justin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Justin\SkyDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Constant Guard.lnk"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "Gameiki"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "GoogleDriveSync"
HKCU\...\StartupApproved\Run: => "Skype"
 
==================== Faulty Device Manager Devices =============
 
Could not list Devices. Check "winmgmt" service or repair WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/12/2014 10:58:05 AM) (Source: IDVault) (EventID: 0) (User: )
Description: SessionChange Error No process is associated with this object.
 
Error: (08/12/2014 09:36:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SndVol.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 602c
 
Start Time: 01cfb6323fc80d72
 
Termination Time: 14
 
Application Path: C:\WINDOWS\system32\SndVol.exe
 
Report Id: a661d163-2225-11e4-beee-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/12/2014 09:36:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SndVol.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 63cc
 
Start Time: 01cfb632370ca626
 
Termination Time: 17
 
Application Path: C:\WINDOWS\system32\SndVol.exe
 
Report Id: a0d24a15-2225-11e4-beee-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/12/2014 09:35:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSynapse.exe, version: 1.18.15.20888, time stamp: 0x53a87450
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x100c
Faulting application start time: 0xRzSynapse.exe0
Faulting application path: RzSynapse.exe1
Faulting module path: RzSynapse.exe2
Report Id: RzSynapse.exe3
Faulting package full name: RzSynapse.exe4
Faulting package-relative application ID: RzSynapse.exe5
 
Error: (08/11/2014 08:28:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: javaw.exe, version: 7.0.670.1, time stamp: 0x53d27f39
Faulting module name: msvcr100.dll, version: 10.0.40219.1, time stamp: 0x4d5f034a
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x1310
Faulting application start time: 0xjavaw.exe0
Faulting application path: javaw.exe1
Faulting module path: javaw.exe2
Report Id: javaw.exe3
Faulting package full name: javaw.exe4
Faulting package-relative application ID: javaw.exe5
 
Error: (08/11/2014 08:10:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program java.exe version 7.0.670.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 520
 
Start Time: 01cfb5bbe2b938c8
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\java.exe
 
Report Id: 2e0f3908-21b0-11e4-beec-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/11/2014 08:05:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program javaw.exe version 7.0.670.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1674
 
Start Time: 01cfb5bf1fe6d6a9
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\Java\jre7\bin\javaw.exe
 
Report Id: 12dc624d-21b3-11e4-beec-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/11/2014 08:04:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program java.exe version 7.0.670.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 14a8
 
Start Time: 01cfb5c029b34c61
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\java.exe
 
Report Id: 36387e5e-21b4-11e4-beec-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/11/2014 07:44:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program java.exe version 7.0.670.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12e8
 
Start Time: 01cfb5bd996d7ee4
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\java.exe
 
Report Id: 5d0bc2bc-21b1-11e4-beec-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/11/2014 07:40:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program java.exe version 7.0.670.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 11dc
 
Start Time: 01cfb5bcfe1fdd4b
 
Termination Time: 4294967295
 
Application Path: C:\WINDOWS\system32\java.exe
 
Report Id: cd73afe2-21b0-11e4-beec-74d02bbb26d0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (08/13/2014 00:30:26 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Failed to start language pack setup wizard. Please restart the system and try running the wizard again.
 
Error: (08/13/2014 00:30:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: CBS Client initialization failed. Last error: 0x80070422
 
Error: (08/12/2014 00:44:36 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/12/2014 00:22:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Lavalys EVEREST Kernel Driver service failed to start due to the following error: 
%%577
 
Error: (08/12/2014 00:03:20 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume C:.
 
The exact nature of the corruption is unknown.  The file system structures need to be scanned online.
 
Error: (08/12/2014 11:49:00 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xffffe000ac6c5a00, 0x000000de9fdb0b20)C:\WINDOWS\MEMORY.DMP081214-35671-01
 
Error: (08/12/2014 11:48:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:21:59 AM on ‎8/‎12/‎2014 was unexpected.
 
Error: (08/12/2014 11:12:26 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/12/2014 11:12:22 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (08/12/2014 11:12:18 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (08/12/2014 10:58:05 AM) (Source: IDVault) (EventID: 0) (User: )
Description: SessionChange Error No process is associated with this object.
 
Error: (08/12/2014 09:36:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SndVol.exe6.3.9600.17031602c01cfb6323fc80d7214C:\WINDOWS\system32\SndVol.exea661d163-2225-11e4-beee-74d02bbb26d0
 
Error: (08/12/2014 09:36:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SndVol.exe6.3.9600.1703163cc01cfb632370ca62617C:\WINDOWS\system32\SndVol.exea0d24a15-2225-11e4-beee-74d02bbb26d0
 
Error: (08/12/2014 09:35:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RzSynapse.exe1.18.15.2088853a87450MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd100c01cfb5e473c760cbC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\WINDOWS\SYSTEM32\MSVCR100.dll7dd17e45-2225-11e4-beee-74d02bbb26d0
 
Error: (08/11/2014 08:28:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe7.0.670.153d27f39msvcr100.dll10.0.40219.14d5f034a4000001500000000000761c9131001cfb5bbf8baa82dC:\Program Files\Java\jre7\bin\javaw.exeC:\Program Files\Java\jre7\bin\msvcr100.dll90f5b7f3-21b7-11e4-beec-74d02bbb26d0
 
Error: (08/11/2014 08:10:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: java.exe7.0.670.152001cfb5bbe2b938c84294967295C:\WINDOWS\system32\java.exe2e0f3908-21b0-11e4-beec-74d02bbb26d0
 
Error: (08/11/2014 08:05:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.670.1167401cfb5bf1fe6d6a94294967295C:\Program Files\Java\jre7\bin\javaw.exe12dc624d-21b3-11e4-beec-74d02bbb26d0
 
Error: (08/11/2014 08:04:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: java.exe7.0.670.114a801cfb5c029b34c614294967295C:\WINDOWS\system32\java.exe36387e5e-21b4-11e4-beec-74d02bbb26d0
 
Error: (08/11/2014 07:44:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: java.exe7.0.670.112e801cfb5bd996d7ee44294967295C:\WINDOWS\system32\java.exe5d0bc2bc-21b1-11e4-beec-74d02bbb26d0
 
Error: (08/11/2014 07:40:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: java.exe7.0.670.111dc01cfb5bcfe1fdd4b4294967295C:\WINDOWS\system32\java.execd73afe2-21b0-11e4-beec-74d02bbb26d0
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-12 12:22:12.570
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 20%
Total physical RAM: 3981.74 MB
Available physical RAM: 3173.15 MB
Total Pagefile: 9613.74 MB
Available Pagefile: 8785.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:62.55 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:257.59 GB) NTFS
Drive f: () (Removable) (Total:0.97 GB) (Free:0.96 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 115DA0F7)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 991 MB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

No, skip GMER for the moment:

 

 

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

 

 

 

System File Check

For Windows XP:

  • Press the Windows- and the R-key simultanously.
  • Within the text box that jus opened, write cmd and hit Enter.


For Windows Vista/7:

  • Press the Windows key to open the start menu.
  • Don´t highlight anything, just write cmd.
  • The start menu will offer you an entry named cmd.
  • Right click it and select "run as administrator"




Within the opening window, write the following:

sfc /scannow
(See the blank within).


  • Hit enter. Your system will be checked for damaged system files.
  • Tell me the result of that scan in here (as the tool produces no log).

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.