Jump to content

Recommended Posts

Hello and welome,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

 

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

 


Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7/8, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
If the tool does not run from any of the links provided, please let me know.

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

When the scan is completed from the main GUI click on History > Application Logs. Find your Scan log, the date when run will identify it. Checkmark "select" box > then hit the "view" button. The history log window will open. At the bottom of that window are two options, "Copy to clipboard" and "Export"

Select > "Copy to clipboard" that copies the full log to the windows clipboard, so at your reply you right click into the text field and select "Paste" the log is pasted (copied) to  your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

 

notepad c:\windows\debug\mrt.log

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Post those logs, also let me know if any remaining issues or concerns...

 

Thank you,

 

Kevin..

Link to post
Share on other sites

Holy crap! I think it worked! Thank you so much!!!!! All of the logs are below. I don't see a button for attachments so I'm going to just post the Addition log last.

 

Ok. Here is the log from RKill:

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)


Copyright 2008-2015 BleepingComputer.com

More Information about Rkill can be found at this link:


 

Program started at: 02/03/2015 06:32:49 PM in x64 mode.

Windows Version: Windows 8.1 Enterprise 

 

Checking for Windows services to stop:

 

 * No malware services found to stop.

 

Checking for processes to terminate:

 

 * No malware processes found to kill.

 

Checking Registry for malware related settings:

 

 * No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

 * Windows Defender Disabled

 

   [HKLM\SOFTWARE\Microsoft\Windows Defender]

   "DisableAntiSpyware" = dword:00000001

 

 * Windows Firewall Disabled

 

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

   "EnableFirewall" = dword:00000000

 

Checking Windows Service Integrity: 

 

 * No issues found.

 

Searching for Missing Digital Signatures: 

 

 * No issues found.

 

Checking HOSTS File: 

 

 * HOSTS file entries found: 

 

  127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com

  127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com

  127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com

  127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com

  127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com

  127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

 

Program finished at: 02/03/2015 06:33:13 PM

Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)

 

Here is my MBAM log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 2/3/2015

Scan Time: 6:39:38 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2015.02.03.09

Rootkit Database: v2015.02.03.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Gurren

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 336544

Time Elapsed: 14 min, 32 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 1

PUP.Optional.OpenCandy, C:\Users\Gurren\Desktop\ToolBox\Daemon Tools Pro.rar, Quarantined, [b55de337167464d26db0479056afe61a], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

It won't let me post it all at once so bear with me.

 

Here's the log from AdwCleaner:

 

# AdwCleaner v4.109 - Report created 03/02/2015 at 19:04:14

# Updated 24/01/2015 by Xplode

# Database : 2015-02-03.1 [Live]

# Operating System : Windows 8.1 Enterprise  (64 bits)

# Username : Gurren - LAGANN

# Running from : C:\Users\Gurren\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\7591268967025026533

Folder Deleted : C:\Users\Gurren\AppData\Roaming\registry mechanic

Folder Deleted : C:\Users\Gurren\AppData\Roaming\IHlpr

Folder Deleted : C:\ProgramData\lacmolefbplkmejlckpinfnaangchljo

File Deleted : C:\Windows\System32\roboot64.exe

File Deleted : C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage

File Deleted : C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal

File Deleted : C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage

File Deleted : C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal

File Deleted : C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\systweak

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16518

 

 

-\\ Mozilla Firefox v

 

 

-\\ Google Chrome v40.0.2214.94

 

 

*************************

 

AdwCleaner[R0].txt - [2434 octets] - [03/02/2015 19:00:57]

AdwCleaner[s0].txt - [2381 octets] - [03/02/2015 19:04:14]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2441 octets] ##########

 

Here's JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.2 (02.02.2015:1)

OS: Windows 8.1 Enterprise x64

Ran by Gurren on Tue 02/03/2015 at 19:16:02.85

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 02/03/2015 at 19:18:13.01

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Here's the Windows scan log:

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sat Jan 31 12:17:12 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Sat Jan 31 12:23:36 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sat Jan 31 16:12:00 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Jan 31 16:12:28 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sat Jan 31 17:07:11 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Jan 31 17:07:14 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sat Jan 31 21:18:48 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Sat Jan 31 21:19:59 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sun Feb 01 04:58:33 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 01 05:00:00 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Sun Feb 01 10:05:38 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Sun Feb 01 10:05:41 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Mon Feb 02 02:52:17 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 02 02:57:06 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Mon Feb 02 06:48:27 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Mon Feb 02 06:48:31 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Tue Feb 03 04:00:49 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 03 04:08:03 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Tue Feb 03 08:42:06 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 03 08:42:15 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Tue Feb 03 17:28:25 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 03 17:28:28 2015

 

 

Return code: 0 (0x0)

 

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)

Started On Tue Feb 03 19:23:41 2015

 

Engine: 1.1.11302.0

Signatures: 1.191.1276.0

 

Results Summary:

----------------

No infection found.

Microsoft Windows Malicious Software Removal Tool Finished On Tue Feb 03 19:31:47 2015

 

 

Return code: 0 (0x0)

Link to post
Share on other sites

No edit button?

 

Here's the FRS log:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Gurren (administrator) on LAGANN on 03-02-2015 19:35:13
Running from C:\Users\Gurren\Desktop
Loaded Profiles: Gurren (Available profiles: Gurren)
Platform: Windows 8.1 Enterprise (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1686480 2014-12-17] (Bitdefender)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [sSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools)
HKLM-x32\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [815512 2012-01-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [DocFetcher-Daemon] => C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe [563621 2015-01-14] ()
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\Run: [Google Update] => C:\Users\Gurren\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-19] (Google Inc.)
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\Run: [bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2014-11-25] (Bitdefender)
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\Run: [GoogleChromeAutoLaunch_CA3CBF14CCD6D2C52ACD7CBB3DBB1790] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-26] (Google Inc.)
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\MountPoints2: E - "E:\SETUP.EXE" 
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\MountPoints2: G - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\MountPoints2: {67961b09-87a7-11e4-8252-e0cb4e0e18d1} - "G:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\MountPoints2: {bf0095c7-873f-11e4-824b-806e6f6e6963} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\MountPoints2: {f55ebffe-8fbe-11e4-825a-e0cb4e0e18d1} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1253486062-2934959092-727184170-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll (Nuance Communications, Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Gurren\AppData\Roaming\Mozilla\Firefox\Profiles\8sh7vrjh.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll (Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-1253486062-2934959092-727184170-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Gurren\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1253486062-2934959092-727184170-1001: @talk.google.com/O1DPlugin -> C:\Users\Gurren\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1253486062-2934959092-727184170-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Gurren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1253486062-2934959092-727184170-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Gurren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Gurren\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Gurren\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Google Voice - C:\Users\Gurren\AppData\Roaming\Mozilla\Firefox\Profiles\8sh7vrjh.default\Extensions\gvoice@elijahclark.com.xpi [2014-12-23]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-02-02]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-18]
CHR Extension: (Google Drive) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-18]
CHR Extension: (No Name) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnaibnehbbinoohhjafknihmlopdhhip [2015-02-03]
CHR Extension: (Google Search) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-02-02]
CHR Extension: (Google Sheets) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-18]
CHR Extension: (Google Wallet) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (Gmail) - C:\Users\Gurren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-18]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-12] (Nuance Communications, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2014-12-15] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-09-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-10-03] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-12-02] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-12-18] (DT Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2015-01-27] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 TVICPORT; \??\C:\Windows\system32\DRIVERS\TVICPORT.SYS [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-03 19:35 - 2015-02-03 19:35 - 00023084 _____ () C:\Users\Gurren\Desktop\FRST.txt
2015-02-03 19:34 - 2015-02-03 19:35 - 00000000 ____D () C:\FRST
2015-02-03 19:34 - 2015-02-03 19:34 - 02131456 _____ (Farbar) C:\Users\Gurren\Desktop\FRST64.exe
2015-02-03 19:22 - 2015-02-03 19:23 - 37987520 _____ (Microsoft Corporation) C:\Users\Gurren\Desktop\Windows-KB890830-x64-V5.20.exe
2015-02-03 19:13 - 2015-02-03 19:13 - 01388274 _____ (Thisisu) C:\Users\Gurren\Desktop\JRT.exe
2015-02-03 19:04 - 2015-02-03 19:04 - 00000000 ____D () C:\support
2015-02-03 18:44 - 2015-02-03 19:04 - 00000000 ____D () C:\AdwCleaner
2015-02-03 18:43 - 2015-02-03 18:44 - 02194432 _____ () C:\Users\Gurren\Desktop\AdwCleaner.exe
2015-02-03 18:32 - 2015-02-03 18:33 - 00004566 _____ () C:\Users\Gurren\Desktop\Rkill.txt
2015-02-03 18:31 - 2015-02-03 18:31 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Gurren\Desktop\rkill.exe
2015-02-03 18:31 - 2015-02-03 18:31 - 01063160 _____ (Bleeping Computer, LLC) C:\Users\Gurren\Desktop\rkill64.exe
2015-02-03 18:13 - 2015-02-03 19:02 - 00030208 ____H () C:\Users\Gurren\Desktop\~WRL0001.tmp
2015-02-02 22:45 - 2015-02-03 19:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 22:44 - 2015-02-02 22:44 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-02 22:44 - 2015-02-02 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-02 22:44 - 2015-02-02 22:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-02 22:44 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 22:44 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 22:44 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 22:42 - 2015-02-02 22:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gurren\Desktop\HijackThis.exe
2015-02-02 22:30 - 2015-02-02 22:30 - 00000020 _____ () C:\Users\Gurren\Desktop\Bitdefender Total Security 2015 18.17.0.1227.rar
2015-02-02 22:27 - 2015-02-02 22:04 - 382004968 _____ () C:\Users\Gurren\Desktop\bitdefender_ts_18_64b.exe
2015-02-02 22:21 - 2015-02-02 22:21 - 00744210 _____ () C:\ProgramData\1422943925.bdinstall.bin
2015-02-02 22:21 - 2015-02-02 22:21 - 00000684 ____H () C:\bdr-cf01
2015-02-02 22:20 - 2015-02-02 22:20 - 00002223 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-02-02 22:20 - 2015-02-02 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-02-02 22:20 - 2014-12-02 16:40 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-02-02 22:20 - 2014-10-03 20:11 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-02-02 22:20 - 2014-09-25 15:57 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-02-02 22:20 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-02-02 22:20 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-02-02 22:20 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-02-02 22:20 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-02-02 22:16 - 2015-02-02 22:26 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Bitdefender
2015-02-02 22:16 - 2015-02-02 22:21 - 00253404 ____H () C:\bdr-ld01
2015-02-02 22:16 - 2015-02-02 22:21 - 00009216 ____H () C:\bdr-ld01.mbr
2015-02-02 22:16 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-02-02 22:16 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-02-02 22:12 - 2015-02-02 22:21 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-02-02 22:12 - 2014-10-22 09:29 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-02-02 22:12 - 2014-10-15 16:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-02-02 21:52 - 2015-02-02 21:52 - 00014549 _____ () C:\Users\Gurren\Desktop\[kickass.so]bitdefender.total.security.2015.18.17.0.1227.torrent
2015-02-02 21:47 - 2015-02-02 21:47 - 00000410 _____ () C:\Windows\system32\checkdnsid.xml
2015-02-02 21:41 - 2015-02-02 21:41 - 00263032 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys.upd
2015-02-02 21:41 - 2015-02-02 21:41 - 00155912 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys.upd
2015-02-02 21:41 - 2015-02-02 21:41 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-02-02 21:40 - 2015-02-02 21:40 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll.upd
2015-02-02 21:40 - 2015-02-02 21:40 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll.upd
2015-02-02 21:39 - 2015-02-02 21:39 - 01288472 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys.upd
2015-02-02 21:39 - 2015-02-02 21:39 - 00647752 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys.upd
2015-02-02 21:39 - 2015-02-02 21:39 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys.upd
2015-02-02 21:39 - 2015-02-02 21:39 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys.upd
2015-02-02 21:29 - 2015-02-02 21:29 - 00000439 _____ () C:\Users\Gurren\AppData\Roaminguser_gensett.xml
2015-02-02 21:28 - 2015-02-02 21:28 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2015-02-02 21:27 - 2015-02-02 21:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-02-02 21:27 - 2015-02-02 21:27 - 00000000 ____D () C:\ProgramData\BDLogging
2015-02-02 21:27 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-02-02 21:27 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-02-02 21:24 - 2015-02-02 22:16 - 00000000 ____D () C:\Program Files\Bitdefender
2015-02-02 21:24 - 2015-02-02 22:12 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-02-02 21:24 - 2015-02-02 21:24 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\QuickScan
2015-02-02 21:24 - 2014-12-02 16:37 - 00084336 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-02-02 21:24 - 2014-12-02 13:37 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-02-02 21:19 - 2015-02-02 22:29 - 00000000 ____D () C:\Users\Gurren\Desktop\Crack 2
2015-02-02 21:19 - 2015-02-02 21:20 - 00000000 ____D () C:\Users\Gurren\Desktop\Crack 1
2015-02-02 21:11 - 2015-02-02 21:11 - 00075146 _____ () C:\Users\Gurren\Desktop\[kickass.so]bitdefender.2015.total.security.beta.x32.x64.license.keys.torrent
2015-02-02 20:42 - 2014-12-31 03:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-02 19:12 - 2015-02-02 19:42 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adblock Pro x64
2015-02-02 19:12 - 2015-02-02 19:42 - 00000000 ____D () C:\Program Files\Adblock Pro
2015-02-02 19:12 - 2015-02-02 19:12 - 00000874 _____ () C:\Users\Gurren\AppData\Roaming\Microsoft\Windows\Start Menu\Adblock Pro x64.lnk
2015-02-02 18:36 - 2015-01-24 12:20 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-02 18:36 - 2015-01-24 12:20 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-02 18:17 - 2015-02-02 18:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 17:53 - 2015-02-02 17:53 - 00001354 _____ () C:\Users\Gurren\AppData\Roaming\SAS7_000.DAT
2015-02-02 16:47 - 2015-02-02 16:47 - 00036283 _____ () C:\Users\Gurren\Desktop\[HorribleSubs] Absolute Duo - 05 [720p].mkv.torrent
2015-02-01 18:32 - 2015-02-01 18:32 - 00043411 _____ () C:\Users\Gurren\Desktop\[kickassunblock.eu]exiled.destiny.chrono.crusade.chrno.crusade.dual.audio.480p.torrent
2015-02-01 18:29 - 2015-02-01 18:29 - 00041593 _____ () C:\Users\Gurren\Desktop\[kickass.so]a.certain.scientific.railgun.s.part.2.episode.13.24.1080p.x264.flac.aac.dual.audio.eng.jap.chrisazter.torrent
2015-02-01 18:29 - 2015-02-01 18:29 - 00040830 _____ () C:\Users\Gurren\Desktop\[kickass.so]a.certain.scientific.railgun.s.part.1.episode.1.12.1080p.x264.flac.aac.dual.audio.eng.jap.chrisazter.torrent
2015-02-01 18:26 - 2015-02-01 18:26 - 00227616 _____ () C:\Users\Gurren\Desktop\[kickass.so]a.certain.magical.index.seasons.1.2.a.certain.scientific.railgun.seasons.1.2.dual.audio.1080p.chrisazter.torrent
2015-02-01 18:15 - 2015-02-01 18:15 - 00028560 _____ () C:\Users\Gurren\Desktop\[kickass.so]trinity.blood.complete.series.dual.audio.1280x720.bdrip.torrent
2015-02-01 16:17 - 2015-02-03 03:37 - 00000000 ____D () C:\ProgramData\{7be72db0-287c-5e35-7be7-72db0287b6c0}
2015-02-01 10:37 - 2015-02-01 13:11 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\DocFetcher
2015-02-01 10:37 - 2015-02-01 10:37 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocFetcher
2015-02-01 10:37 - 2015-02-01 10:37 - 00000000 ____D () C:\Program Files (x86)\DocFetcher
2015-02-01 10:36 - 2015-02-01 10:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-01 10:36 - 2015-02-01 10:36 - 00000000 ____D () C:\ProgramData\Sun
2015-02-01 10:36 - 2015-02-01 10:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 10:36 - 2015-02-01 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 10:36 - 2015-02-01 10:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 13:16 - 2013-12-10 23:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2015-01-31 13:15 - 2013-12-08 16:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-01-31 13:15 - 2013-12-08 16:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-01-31 13:15 - 2013-11-27 07:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-31 13:15 - 2013-11-27 07:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-01-31 13:15 - 2013-11-27 06:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-01-31 13:15 - 2013-11-27 05:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-31 13:15 - 2013-11-27 04:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2015-01-31 13:15 - 2013-11-27 02:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-31 13:15 - 2013-11-27 01:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-31 13:15 - 2013-11-27 01:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-01-31 13:15 - 2013-11-27 01:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-01-31 13:15 - 2013-11-27 01:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2015-01-31 13:15 - 2013-11-27 00:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-01-31 13:15 - 2013-11-27 00:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2015-01-31 13:15 - 2013-11-27 00:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-01-31 13:15 - 2013-11-26 05:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-01-31 13:15 - 2013-11-26 05:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-01-31 13:15 - 2013-11-26 03:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-01-31 13:15 - 2013-11-24 17:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-31 13:15 - 2013-11-24 17:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-31 13:15 - 2013-11-24 15:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-01-31 13:15 - 2013-11-24 15:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-31 13:15 - 2013-11-23 04:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2015-01-31 13:15 - 2013-11-22 23:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2015-01-31 13:15 - 2013-11-22 23:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2015-01-31 13:15 - 2013-11-22 23:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-31 13:15 - 2013-11-22 20:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-01-31 13:15 - 2013-11-22 19:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-31 13:15 - 2013-11-22 19:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-01-31 13:15 - 2013-11-20 22:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2015-01-31 13:15 - 2013-11-20 22:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-31 13:15 - 2013-11-15 06:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-01-31 13:15 - 2013-11-15 06:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-01-31 13:15 - 2013-11-15 06:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-01-31 13:15 - 2013-11-15 05:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-31 13:15 - 2013-10-30 16:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-31 13:15 - 2013-10-30 15:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-31 13:08 - 2013-11-10 18:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-01-31 13:08 - 2013-11-08 22:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2015-01-31 13:08 - 2013-11-08 21:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2015-01-31 13:08 - 2013-11-08 02:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-01-31 13:08 - 2013-11-07 21:23 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2015-01-31 13:08 - 2013-11-07 20:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-01-31 13:08 - 2013-11-07 20:42 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2015-01-31 13:08 - 2013-11-07 20:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-01-31 13:08 - 2013-11-07 20:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-01-31 13:08 - 2013-11-07 19:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-01-31 13:08 - 2013-11-07 19:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-01-31 13:08 - 2013-11-05 06:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-01-31 13:08 - 2013-11-05 05:17 - 00565248 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-01-31 13:08 - 2013-11-04 05:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-01-31 13:08 - 2013-11-04 02:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-01-31 13:08 - 2013-11-03 18:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-01-31 13:08 - 2013-11-01 03:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-01-31 13:08 - 2013-10-31 22:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2015-01-31 13:08 - 2013-10-31 21:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2015-01-31 13:08 - 2013-10-30 16:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-01-31 13:08 - 2013-10-30 16:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-31 13:08 - 2013-10-30 16:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-01-31 13:08 - 2013-10-30 16:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-31 13:08 - 2013-10-25 17:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2015-01-31 13:08 - 2013-10-24 01:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-01-31 13:08 - 2013-10-24 01:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-01-31 13:08 - 2013-10-17 03:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-01-31 13:08 - 2013-10-17 02:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-01-31 13:06 - 2014-01-07 17:46 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-01-31 13:06 - 2014-01-07 17:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-31 13:06 - 2014-01-07 17:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-01-31 13:06 - 2014-01-04 07:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2015-01-31 13:06 - 2014-01-04 07:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2015-01-31 13:06 - 2014-01-04 06:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-01-31 13:06 - 2014-01-04 05:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-01-31 13:06 - 2014-01-02 15:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-31 13:06 - 2014-01-02 15:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-31 13:06 - 2013-12-31 17:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-31 13:06 - 2013-12-31 17:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-01-31 13:06 - 2013-12-31 16:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-01-31 13:06 - 2013-12-31 16:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-01-31 13:06 - 2013-12-31 15:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-01-31 13:06 - 2013-12-31 15:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-31 13:06 - 2013-12-31 15:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-01-31 13:06 - 2013-12-30 15:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2015-01-31 13:06 - 2013-12-30 15:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-01-31 13:06 - 2013-12-30 15:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2015-01-31 13:06 - 2013-12-30 15:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-01-31 13:06 - 2013-12-30 15:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-01-31 13:06 - 2013-12-27 07:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-01-31 13:06 - 2013-12-27 00:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2015-01-31 13:06 - 2013-12-27 00:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-01-31 13:06 - 2013-12-27 00:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2015-01-31 13:06 - 2013-12-26 23:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2015-01-31 13:06 - 2013-12-26 23:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-01-31 13:06 - 2013-12-26 22:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2015-01-31 13:06 - 2013-12-20 23:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2015-01-31 13:06 - 2013-12-16 23:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-01-31 13:06 - 2013-12-13 22:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-01-31 13:06 - 2013-12-13 22:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-01-31 13:06 - 2013-12-13 02:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2015-01-31 13:06 - 2013-12-12 23:24 - 00121088 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-01-31 13:06 - 2013-12-12 22:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2015-01-31 13:06 - 2013-12-12 21:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2015-01-31 13:06 - 2013-11-04 03:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-01-31 13:06 - 2013-11-03 17:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-01-31 13:06 - 2013-10-05 06:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-31 13:06 - 2013-10-05 06:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-31 13:06 - 2013-10-05 04:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-31 13:06 - 2013-10-05 04:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-31 12:45 - 2014-05-07 23:14 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-31 12:45 - 2014-05-07 21:52 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-31 12:45 - 2014-05-07 20:57 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-31 12:45 - 2014-05-07 20:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-31 12:45 - 2013-12-20 02:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-01-31 12:45 - 2013-12-20 02:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-31 12:44 - 2014-02-28 20:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-31 12:44 - 2014-02-28 20:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-31 12:44 - 2014-02-28 19:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-31 12:44 - 2014-02-28 19:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-31 12:44 - 2014-02-28 19:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-31 12:44 - 2014-02-28 19:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-31 12:44 - 2014-02-28 19:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-31 12:44 - 2014-02-28 19:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-31 12:44 - 2014-02-28 19:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-31 12:44 - 2014-02-28 18:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-31 12:44 - 2014-02-28 18:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-31 12:44 - 2014-02-28 18:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-31 12:44 - 2014-02-28 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-31 12:44 - 2014-02-28 18:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-31 12:44 - 2014-02-28 18:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-31 12:44 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-31 12:44 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-31 12:44 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-31 12:44 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-31 12:44 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-31 12:44 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-31 12:44 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-31 12:44 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-31 12:44 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-31 12:44 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-31 12:44 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-31 12:44 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-31 12:44 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-31 12:44 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-31 12:44 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-31 12:44 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-31 12:44 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-31 12:44 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-31 12:44 - 2013-12-08 16:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-31 12:44 - 2013-12-08 16:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-31 12:44 - 2013-12-08 15:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-31 12:44 - 2013-12-08 15:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-31 12:44 - 2013-10-19 00:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-31 12:44 - 2013-10-18 23:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-31 12:43 - 2013-11-22 20:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-31 12:43 - 2013-11-22 20:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-31 12:42 - 2014-03-10 02:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-31 12:42 - 2014-03-10 02:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-01-31 12:42 - 2014-03-06 01:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-31 12:42 - 2014-03-06 01:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-31 12:42 - 2014-03-05 22:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-31 12:42 - 2014-03-05 22:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-01-31 12:42 - 2014-01-31 08:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-01-31 12:42 - 2014-01-31 08:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-31 12:42 - 2014-01-31 08:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-01-31 12:42 - 2014-01-31 05:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-01-31 12:42 - 2014-01-31 01:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-01-31 12:42 - 2014-01-29 00:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-31 12:42 - 2014-01-29 00:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-31 12:42 - 2014-01-29 00:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2015-01-31 12:42 - 2014-01-29 00:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-31 12:42 - 2014-01-28 23:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2015-01-31 12:42 - 2014-01-28 23:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-31 12:42 - 2014-01-28 23:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-31 12:42 - 2014-01-28 22:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2015-01-31 12:42 - 2014-01-28 16:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-01-31 12:42 - 2014-01-27 11:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-01-31 12:42 - 2014-01-27 11:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-31 12:42 - 2014-01-27 11:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2015-01-31 12:42 - 2014-01-27 10:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-01-31 12:42 - 2014-01-27 10:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-01-31 12:42 - 2014-01-27 10:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2015-01-31 12:42 - 2014-01-27 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-01-31 12:42 - 2014-01-27 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-01-31 12:42 - 2014-01-27 09:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-01-31 12:42 - 2014-01-27 09:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-01-31 12:42 - 2014-01-27 07:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-01-31 12:42 - 2014-01-27 07:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-31 12:42 - 2014-01-27 03:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-31 12:42 - 2014-01-17 15:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-01-31 12:42 - 2014-01-17 13:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-01-31 12:42 - 2014-01-06 21:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-31 12:42 - 2014-01-06 20:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-31 12:42 - 2014-01-04 12:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-01-31 12:42 - 2014-01-04 11:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-01-31 12:42 - 2014-01-04 06:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-01-31 12:42 - 2014-01-04 06:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-01-31 12:42 - 2014-01-04 06:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-01-31 12:42 - 2014-01-04 05:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-01-31 12:42 - 2014-01-04 05:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-01-31 12:42 - 2014-01-04 05:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-01-31 12:42 - 2014-01-04 05:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-01-31 12:42 - 2014-01-04 05:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-01-31 12:42 - 2013-12-21 06:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-01-31 12:42 - 2013-12-21 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-01-31 12:42 - 2013-12-20 18:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2015-01-31 12:42 - 2013-12-20 18:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2015-01-31 12:42 - 2013-11-27 07:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-01-31 12:42 - 2013-11-27 03:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-01-31 12:42 - 2013-11-27 00:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-31 12:42 - 2013-11-27 00:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-31 12:42 - 2013-11-27 00:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-01-31 12:42 - 2013-11-27 00:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-01-31 12:42 - 2013-11-20 22:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-31 12:42 - 2013-11-20 21:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-31 12:42 - 2013-10-30 16:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-01-31 12:42 - 2013-10-30 16:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-01-31 12:42 - 2013-10-30 16:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-01-31 12:41 - 2014-04-19 03:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-31 12:41 - 2014-04-18 22:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-01-31 12:40 - 2014-02-10 19:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-31 12:40 - 2014-02-10 18:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-31 12:40 - 2014-02-10 18:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-31 12:40 - 2014-01-06 23:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2015-01-31 12:40 - 2014-01-06 21:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2015-01-31 12:40 - 2013-12-08 18:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-31 12:40 - 2013-12-08 17:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-31 12:39 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-31 12:39 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-31 12:39 - 2013-12-08 16:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-01-31 12:39 - 2013-11-08 22:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-01-31 12:39 - 2013-11-08 22:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-01-31 12:39 - 2013-11-08 21:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-01-31 12:39 - 2013-10-15 00:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-31 12:39 - 2013-10-15 00:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-31 12:24 - 2015-01-31 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-31 12:17 - 2015-01-31 12:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-31 12:16 - 2015-01-31 12:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-01-31 12:16 - 2015-01-31 12:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-01-31 12:15 - 2015-01-31 12:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-01-31 11:23 - 2015-02-01 05:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-31 11:22 - 2015-01-31 11:22 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-01-31 11:21 - 2015-01-31 11:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-01-31 11:19 - 2015-01-31 11:21 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-01-31 11:19 - 2015-01-31 11:19 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-31 11:17 - 2015-01-31 11:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-31 11:17 - 2015-01-31 11:17 - 00000000 __RHD () C:\MSOCache
2015-01-31 11:17 - 2015-01-31 11:17 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-01-31 11:17 - 2015-01-31 11:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-31 11:17 - 2015-01-31 11:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-27 21:41 - 2015-01-27 21:41 - 00076384 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2015-01-27 21:41 - 2015-01-27 21:41 - 00052832 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusb0.sys
2015-01-27 21:41 - 2015-01-27 21:41 - 00001029 _____ () C:\Users\Gurren\Desktop\6-Axis Pair Tool.lnk
2015-01-27 21:41 - 2015-01-27 21:41 - 00000398 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 21:39 - 2015-01-27 21:41 - 00000000 ____D () C:\Program Files (x86)\SixaxisPairTool
2015-01-27 21:39 - 2015-01-27 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SixaxisPairTool
2015-01-27 21:39 - 2012-01-17 09:40 - 00067680 _____ (http://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2015-01-25 19:34 - 2015-01-25 19:34 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2015-01-24 12:17 - 2015-01-24 12:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-24 12:14 - 2014-12-12 16:11 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-24 12:14 - 2014-12-12 16:11 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-01-24 12:13 - 2015-01-09 14:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-24 12:12 - 2015-01-09 15:29 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-24 12:08 - 2015-01-10 00:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-24 12:08 - 2015-01-10 00:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-01-24 12:05 - 2015-01-24 12:05 - 00002515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-01-24 12:05 - 2015-01-24 12:05 - 00002501 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-01-24 12:05 - 2015-01-24 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-01-24 12:01 - 2015-01-24 12:05 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-24 12:01 - 2015-01-24 12:01 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-19 17:39 - 2015-01-19 17:39 - 00000000 _____ () C:\Users\Gurren\Sti_Trace.log
2015-01-19 17:36 - 2015-01-19 17:36 - 00000946 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-19 17:35 - 2015-02-03 19:35 - 00000933 _____ () C:\Windows\Tasks\EPSON XP-310 Series Update {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}.job
2015-01-19 17:35 - 2015-02-03 19:35 - 00000747 _____ () C:\Windows\Tasks\EPSON XP-310 Series Invitation {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}.job
2015-01-19 17:35 - 2015-01-19 17:35 - 00003964 _____ () C:\Windows\System32\Tasks\EPSON XP-310 Series Update {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}
2015-01-19 17:35 - 2015-01-19 17:35 - 00003778 _____ () C:\Windows\System32\Tasks\EPSON XP-310 Series Invitation {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}
2015-01-19 17:35 - 2013-04-17 03:03 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMBLBE.DLL
2015-01-19 17:35 - 2011-03-15 02:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ID4BLBE.DLL
2015-01-19 17:35 - 2007-04-10 00:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2015-01-17 18:27 - 2015-01-17 18:27 - 00003310 _____ () C:\Windows\System32\Tasks\{AEE43CC4-1D50-436F-BE4C-7290A0EBA079}
2015-01-17 18:26 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-01-17 13:20 - 2015-01-17 13:22 - 00000000 ____D () C:\Users\Gurren\Documents\AirDroid
2015-01-16 17:37 - 2015-01-16 17:37 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\NVIDIA
2015-01-16 17:25 - 2015-01-16 17:45 - 00000000 ____D () C:\Users\Gurren\AppData\Local\Genymobile
2015-01-16 17:25 - 2015-01-16 17:37 - 00000000 ____D () C:\Users\Gurren\.VirtualBox
2015-01-16 17:25 - 2013-04-12 11:41 - 00237840 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-01-16 17:25 - 2013-04-12 11:40 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-01-16 16:59 - 2015-01-16 17:05 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-01-07 18:54 - 2015-01-24 16:24 - 00077600 _____ () C:\Users\Gurren\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 18:53 - 2015-01-07 18:53 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-01-07 18:18 - 2015-01-07 18:18 - 00000712 _____ () C:\Users\Gurren\Documents\Desktop - Shortcut.lnk
Link to post
Share on other sites

Here's the last of it! Phew!

 

==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-03 19:35 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-03 19:32 - 2014-12-18 22:01 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DC86F9B4-AE4F-4739-B255-DC6955D35B25}
2015-02-03 19:29 - 2014-12-23 20:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 19:24 - 2014-12-18 21:52 - 01544889 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 19:07 - 2014-12-19 00:15 - 00000318 _____ () C:\Windows\Tasks\RMAutoUpdate.job
2015-02-03 19:07 - 2014-12-19 00:07 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-03 19:07 - 2014-12-18 22:32 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 19:06 - 2014-12-18 22:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-03 19:06 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 19:05 - 2014-12-18 21:27 - 00720016 _____ () C:\Windows\PFRO.log
2015-02-03 19:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-03 18:55 - 2014-12-18 22:25 - 00000000 ____D () C:\Users\Gurren\Desktop\ToolBox
2015-02-03 18:27 - 2014-12-18 23:32 - 00000000 ____D () C:\uTorrent Plus 3.4
2015-02-03 18:22 - 2014-12-18 21:57 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 18:15 - 2014-12-18 21:55 - 00000000 ____D () C:\Users\Gurren\AppData\Local\Packages
2015-02-03 11:49 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-03 00:25 - 2014-12-18 22:00 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1253486062-2934959092-727184170-1001
2015-02-02 22:36 - 2014-12-18 22:35 - 00000000 ____D () C:\Users\Gurren\Desktop\Blue Pegasus
2015-02-02 22:20 - 2013-08-22 06:46 - 00092001 _____ () C:\Windows\setupact.log
2015-02-02 21:37 - 2014-12-19 14:32 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001UA.job
2015-02-02 21:37 - 2014-12-18 22:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 21:29 - 2014-12-19 10:36 - 00000000 ____D () C:\Users\Gurren\AppData\Local\CrashDumps
2015-02-02 20:47 - 2014-12-18 23:28 - 00000000 ____D () C:\ProgramData\Norton
2015-02-02 20:43 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-02 18:45 - 2014-12-21 11:41 - 00000000 ____D () C:\Program Files (x86)\Ultra Street Fighter IV
2015-02-02 18:35 - 2013-08-22 06:44 - 00474232 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-02 18:34 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-02 18:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-02 18:32 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-02-02 18:32 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-02-02 14:37 - 2014-12-19 14:32 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001Core.job
2015-02-01 13:37 - 2014-12-19 10:13 - 01067520 ___SH () C:\Users\Gurren\Desktop\Thumbs.db
2015-02-01 11:15 - 2015-01-03 16:33 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\mIRC
2015-02-01 11:15 - 2015-01-03 16:33 - 00000000 ____D () C:\Program Files (x86)\mIRC
2015-02-01 05:34 - 2014-12-18 23:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-01 05:29 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-01 05:29 - 2013-08-22 05:25 - 00000167 _____ () C:\Windows\win.ini
2015-02-01 05:26 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-31 17:49 - 2014-12-20 12:17 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Wondershare
2015-01-31 11:17 - 2013-08-22 11:12 - 00000000 ____D () C:\Windows\ShellNew
2015-01-29 22:38 - 2014-12-18 22:19 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Mozilla
2015-01-28 13:32 - 2014-12-18 23:36 - 00000000 ____D () C:\Users\Gurren\AppData\Local\Microsoft Help
2015-01-27 21:40 - 2014-12-20 21:59 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-25 13:19 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-25 10:06 - 2014-12-19 00:14 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Epson
2015-01-24 15:29 - 2014-12-23 20:46 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 12:17 - 2014-12-23 20:46 - 00000000 ____D () C:\Users\Gurren\AppData\Local\Adobe
2015-01-24 12:17 - 2014-12-18 21:55 - 00000000 ____D () C:\Users\Gurren\AppData\Roaming\Adobe
2015-01-24 12:13 - 2014-12-19 15:37 - 00000000 ____D () C:\Temp
2015-01-24 12:13 - 2014-12-18 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-21 03:24 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-19 17:39 - 2014-12-18 21:55 - 00000000 ____D () C:\Users\Gurren
2015-01-19 17:37 - 2014-12-18 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-19 17:37 - 2014-12-18 23:44 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-17 14:46 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-16 17:19 - 2013-08-22 07:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-10 00:07 - 2014-12-18 22:10 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-10 00:07 - 2014-12-18 22:10 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-09 15:30 - 2014-12-18 22:11 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-09 15:30 - 2014-12-18 22:11 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-09 15:29 - 2014-12-18 22:11 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-09 15:29 - 2014-12-18 22:11 - 01097872 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-01-09 15:29 - 2014-12-18 22:11 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-09 15:29 - 2014-12-18 22:11 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-09 15:29 - 2014-12-18 22:11 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-01-09 11:47 - 2014-12-18 22:11 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-06 20:12 - 2015-01-01 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-01-05 15:16 - 2014-12-18 22:13 - 00000000 ____D () C:\Users\Gurren\AppData\Local\NVIDIA Corporation
2015-01-05 15:16 - 2014-12-18 22:12 - 00000000 ____D () C:\Users\Gurren\AppData\Local\NVIDIA
2015-01-04 13:06 - 2014-12-25 14:39 - 00000000 ___HD () C:\Users\Gurren\Desktop\Corel Auto-Preserve
 
==================== Files in the root of some directories =======
 
2015-02-02 17:53 - 2015-02-02 17:53 - 0001354 _____ () C:\Users\Gurren\AppData\Roaming\SAS7_000.DAT
2015-02-02 22:21 - 2015-02-02 22:21 - 0744210 _____ () C:\ProgramData\1422943925.bdinstall.bin
 
Some content of TEMP:
====================
C:\Users\Gurren\AppData\Local\Temp\Quarantine.exe
C:\Users\Gurren\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-03 04:00
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Gurren at 2015-02-03 19:36:04
Running from C:\Users\Gurren\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1253486062-2934959092-727184170-1001\...\uTorrent) (Version: 3.4.2.33023 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.2 - Adobe Systems)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
Corel PaintShop Pro X7  (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Corel WinDVD Pro 11 (HKLM-x32\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.5.1.3 - Corel Inc.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
DocFetcher (HKLM-x32\...\DocFetcher) (Version: 1.1.13 - )
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fighter Factory Ultimate (HKLM-x32\...\VirtuallTek Fighter Factory Ultimate_is1) (Version: 2.6.0.2010 - VirtuallTek Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
ICA (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
ICA (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPM (x32 Version: 11.5 - Corel Inc.) Hidden
IPM_PSP_COM64 (Version: 17.0.0.199 - Corel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 10.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools)
PSPPContent (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPro64 (Version: 17.0.0.199 - Corel Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Setup (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
Setup (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SixaxisPairTool 0.3.0 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.3.0 - Dancing Pixel Studios)
Software Updater (HKLM-x32\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION)
WinDVD (x32 Version: 11.5.1.3 - Corel Inc.) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wisdom-soft ScreenHunter 6.0 Pro (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Pro) (Version:  - Wisdom Software Inc.)
Wondershare MobileGo ( Version 6.2.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 6.2.0 - Wondershare)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1253486062-2934959092-727184170-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Gurren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1253486062-2934959092-727184170-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gurren\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
27-01-2015 21:40:01 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
27-01-2015 21:40:21 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
28-01-2015 21:13:43 Perfect
31-01-2015 11:12:53 Removed Microsoft Office PowerPoint Viewer 2007 (English)
31-01-2015 21:06:19 Perfect
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 05:25 - 2015-01-24 12:00 - 00001805 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09F7F74C-9015-4E7B-86E6-45DFF307B5F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {1BEF81BD-C1E2-4BB0-9787-2BD120836CAE} - System32\Tasks\{6EEC4BB3-7242-47A8-9B4D-B7727D150385} => pcalua.exe -a "C:\Users\Gurren\Desktop\Xbox360_64Eng (1).exe" -d C:\Users\Gurren\Desktop
Task: {29BFDF62-700E-49BC-AF98-66963646D3AE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {2E5B96FF-7942-49F3-A5E2-0C0CD7B12048} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18] (Google Inc.)
Task: {47C845B9-9320-4E0A-95C5-0603CFAFDA4C} - System32\Tasks\EPSON XP-310 Series Invitation {6C9D65AA-AD2E-4079-BF4A-147E5D99455F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2014-12-02] (SEIKO EPSON CORPORATION)
Task: {4CFC7A0A-D807-448E-A89F-B70ADD3C07AC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5C2D200A-0448-4A95-B9A6-B960FF06F074} - System32\Tasks\EPSON XP-310 Series Update {6C9D65AA-AD2E-4079-BF4A-147E5D99455F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2014-12-02] (SEIKO EPSON CORPORATION)
Task: {6280D3CE-C50C-42DD-9EAA-72084C8DCD5D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {697C7BE9-6C35-401A-BAD3-942BB7914F2F} - System32\Tasks\KMS Server OnLogon Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL)
Task: {7C1B3AB7-5618-4BA0-8F70-AF3FD5D13D99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {7DD7B388-B239-412B-B5A8-5D162C172266} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AB555480-CBCB-4738-B066-20643E9160E7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001Core => C:\Users\Gurren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {AD193FB2-6D64-485C-B8A9-2C3628AA41A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18] (Google Inc.)
Task: {B9517F0E-EC7A-4D12-A35F-E74AAD27EDD8} - System32\Tasks\{AEE43CC4-1D50-436F-BE4C-7290A0EBA079} => pcalua.exe -a "C:\Users\Gurren\Desktop\ToolBox\PS3 to Xbox Controller\ScpServer\bin\ScpService.exe" -d "C:\Users\Gurren\Desktop\ToolBox\PS3 to Xbox Controller\ScpServer\bin"
Task: {BB068D9D-AA5F-4B3F-AC5F-ABCA370B431F} - System32\Tasks\KMS Server Daily Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL)
Task: {BE247F2E-4C97-4BF4-8562-60E78DF7DB43} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E652D621-6F47-458C-BE46-08C30D02B683} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001UA => C:\Users\Gurren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-19] (Google Inc.)
Task: {F66FDDEB-DE69-4C0E-82FE-C27252F0D30C} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe [2012-08-21] (PC Tools)
Task: {FC785B36-8DE9-4405-8C0B-5170A89E2C0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-310 Series Invitation {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\Windows\Tasks\EPSON XP-310 Series Update {6C9D65AA-AD2E-4079-BF4A-147E5D99455F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001Core.job => C:\Users\Gurren\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1253486062-2934959092-727184170-1001UA.job => C:\Users\Gurren\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMAutoUpdate.job => C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\SULauncher.exe
 
==================== Loaded Modules (whitelisted) =============
 
2015-02-02 22:20 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-02-02 22:20 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-02-02 22:20 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-02-02 22:20 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-02-02 22:20 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl
2015-02-02 22:20 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl
2015-02-02 22:20 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl
2015-02-02 22:20 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl
2014-12-18 22:11 - 2015-01-09 15:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-01-14 13:54 - 2015-01-14 13:54 - 00563621 _____ () C:\Program Files (x86)\DocFetcher\docfetcher-daemon-windows.exe
2014-11-12 17:17 - 2014-11-12 17:17 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-12-20 12:17 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-12-20 12:17 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-12-18 23:09 - 2014-04-14 08:04 - 00107520 _____ () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
2015-01-29 17:41 - 2015-01-26 19:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-01-29 17:41 - 2015-01-26 19:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-01-29 17:41 - 2015-01-26 19:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
2014-11-12 17:17 - 2014-11-12 17:17 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Gurren\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Users\Gurren\Desktop\HijackThis.exe:BDU
AlternateDataStreams: C:\Users\Gurren\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Gurren\Desktop\rkill.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1253486062-2934959092-727184170-500 - Administrator - Disabled)
Guest (S-1-5-21-1253486062-2934959092-727184170-501 - Limited - Disabled)
Gurren (S-1-5-21-1253486062-2934959092-727184170-1001 - Administrator - Enabled) => C:\Users\Gurren
HomeGroupUser$ (S-1-5-21-1253486062-2934959092-727184170-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (02/03/2015 07:34:07 PM) (Source: DCOM) (EventID: 10010) (User: Lagann)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 07:33:37 PM) (Source: DCOM) (EventID: 10010) (User: Lagann)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 07:31:16 PM) (Source: DCOM) (EventID: 10010) (User: Lagann)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (02/03/2015 07:30:46 PM) (Source: DCOM) (EventID: 10010) (User: Lagann)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 44%
Total physical RAM: 4095.05 MB
Available physical RAM: 2292.21 MB
Total Pagefile: 4991.05 MB
Available Pagefile: 2664.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:698.63 GB) (Free:484.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: ADF4B5D7)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.