Jump to content

Name Not Available in volume mixer; DOES NOT play ads


Recommended Posts

Hi, 

 

Please bear with me as I'am not computer savvy.

Name not Available has been popping up in my volume mixer (specifically when I open League of Legends). There can be 4, or 12 of them and it's very annoying. It does not play ads, it's just there. It only appears after opening League. I'm not sure if it's because of a virus, or if it's on League's end. I'd like to make sure. It disappears after I restart my laptop.  

 

 

post-188564-0-77665000-1434066622_thumb.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015

Ran by Jin (administrator) on COOL-PC on 12-06-2015 09:08:36

Running from C:\Users\Jin\Desktop

Loaded Profiles: Jin (Available Profiles: Jin)

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe

(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe

() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(ASUS) C:\Program Files\P4G\BatteryLife.exe

(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe

(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe

(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUS) C:\Windows\AsScrPro.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe

(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTNA.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe

() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe

(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe

(Razer, Inc.) C:\Users\Jin\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-06-02] (ELAN Microelectronics Corp.)

HKLM\...\Run: [WavXMgr] => C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [162184 2011-07-05] (Wave Systems Corp.)

HKLM\...\Run: [EmbassySecurityCheck] => C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [119176 2011-07-05] (Wave Systems Corp.)

HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-04] (Intel® Corporation)

HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-18] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-02-01] (Intel Corporation)

HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [47616 2011-05-20] (Windows ® Win 7 DDK provider)

HKLM-x32\...\Run: [iFXSPMGT] => C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1161080 2011-04-19] (Infineon Technologies AG)

HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)

HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)

HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)

HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)

HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-02-02] (Razer Inc)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3591376011-4221855182-589825556-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

AppInit_DLLs-x32: wxvault.dll => "C:\Windows\SysWOW64\wxvault.dll" File not found

Lsa: [Authentication Packages] msv1_0 wvauth

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-02-18]

ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2015-03-25]

ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-3591376011-4221855182-589825556-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3591376011-4221855182-589825556-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Jin\AppData\Roaming\Mozilla\Firefox\Profiles\mrscoc56.default

FF DefaultSearchEngine: Secure Search

FF DefaultSearchEngine.US: Secure Search

FF SearchEngineOrder.1: Secure Search

FF SelectedSearchEngine: Secure Search


FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)

FF Extension: Adblock Plus - C:\Users\Jin\AppData\Roaming\Mozilla\Firefox\Profiles\mrscoc56.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-26]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

 

Chrome: 

=======

CHR Profile: C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]

CHR Extension: (Google Docs) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]

CHR Extension: (Google Drive) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]

CHR Extension: (YouTube) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]

CHR Extension: (Google Search) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]

CHR Extension: (Google Sheets) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]

CHR Extension: (AdBlock) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-07]

CHR Extension: (Bookmark Manager) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]

CHR Extension: (Google Wallet) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]

CHR Extension: (Gmail) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]

CHR Profile: C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Docs) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]

CHR Extension: (Google Drive) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-25]

CHR Extension: (YouTube) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-25]

CHR Extension: (Google Search) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-25]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]

CHR Extension: (Google Wallet) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]

CHR Extension: (Gmail) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-25]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1161080 2011-04-19] (Infineon Technologies AG)

R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [992544 2010-02-23] (Infineon Technologies AG)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2010-02-23] (Infineon Technologies AG)

R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()

S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2010-03-30] (Wave Systems Corp.) [File not signed]

R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2010-03-08] (Wacom Technology, Corp.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)

R3 diskperf64; C:\Windows\System32\DRIVERS\diskperf64.sys [17512 2010-11-11] (Realtek Semiconductor Corp.)

R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [57344 2011-05-24] (Fresco Logic)

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-25] (Infineon Technologies AG)

R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)

R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)

R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [40448 2011-03-12] (Generic)

R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [307496 2011-04-07] (Wave Systems Corp.)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-12 09:08 - 2015-06-12 09:09 - 00020985 _____ C:\Users\Jin\Desktop\FRST.txt

2015-06-12 09:08 - 2015-06-12 09:08 - 00000000 ____D C:\FRST

2015-06-12 09:08 - 2015-06-12 09:07 - 02108928 _____ (Farbar) C:\Users\Jin\Desktop\FRST64.exe

2015-06-12 09:07 - 2015-06-12 09:07 - 02108928 _____ (Farbar) C:\Users\Jin\Downloads\FRST64.exe

2015-06-11 20:04 - 2015-06-11 20:04 - 27864920 _____ (Riot Games) C:\Users\Jin\Downloads\LeagueofLegends_NA_Installer_9_15_2014.exe

2015-06-11 20:04 - 2015-06-11 20:04 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk

2015-06-11 20:04 - 2015-06-11 20:04 - 00000000 ____D C:\Riot Games

2015-06-11 06:13 - 2015-06-11 06:13 - 00000000 ____D C:\Users\Jin\AppData\Roaming\library_dir

2015-06-11 06:13 - 2015-06-11 06:13 - 00000000 ____D C:\ProgramData\ATI

2015-06-11 06:12 - 2015-06-11 06:40 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Raptr

2015-06-11 06:12 - 2015-06-11 06:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\ProgramData\AMD

2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\Program Files (x86)\AMD

2015-06-06 19:31 - 2015-06-06 19:31 - 00000040 ____H C:\F66FC04B73D9

2015-06-06 10:32 - 2015-06-08 14:26 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1

2015-06-06 10:32 - 2015-06-06 10:32 - 00004104 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly

2015-06-06 10:32 - 2015-06-06 10:32 - 00003424 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily

2015-06-06 10:32 - 2015-06-06 10:32 - 00000865 _____ C:\Users\Public\Desktop\MyDefrag.lnk

2015-06-06 10:32 - 2015-06-06 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1

2015-06-06 10:31 - 2015-06-06 10:31 - 02082630 _____ (J.C. Kessels ) C:\Users\Jin\Downloads\MyDefrag-v4.3.1.exe

2015-06-03 23:43 - 2015-06-03 23:44 - 00000000 ____D C:\Users\Jin\AppData\Local\{0DF9B1CD-FDA2-4469-B8DF-6F8D8C36A074}

2015-06-03 22:17 - 2015-06-03 22:17 - 00001454 _____ C:\Users\Jin\Desktop\Adobe photoshop cS6 luisarmandotutoriales (1) - Shortcut.lnk

2015-06-03 22:17 - 2015-06-03 22:17 - 00000000 ____D C:\Users\Jin\Desktop\Adobe photoshop cs6 multilenguaje portable

2015-05-31 19:46 - 2015-05-31 19:46 - 00007597 _____ C:\Users\Jin\AppData\Local\Resmon.ResmonCfg

2015-05-30 02:48 - 2015-05-30 02:52 - 00001127 _____ C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk

2015-05-30 02:48 - 2015-05-30 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II

2015-05-30 02:47 - 2015-05-30 02:47 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-05-30 02:09 - 2015-06-01 17:46 - 00000000 ____D C:\Program Files (x86)\Diablo II

2015-05-25 20:06 - 2015-05-25 20:06 - 00001032 _____ C:\Users\Jin\Desktop\Playtrickster.lnk

2015-05-25 20:06 - 2015-05-25 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playtrickster

2015-05-25 19:49 - 2015-05-25 20:01 - 1487470714 _____ (Privatia co.,ltd.) C:\Users\Jin\Downloads\Playtrickster_Setup.exe

2015-05-24 00:18 - 2015-05-24 00:18 - 00003086 _____ C:\Windows\System32\Tasks\{70221115-8601-4A09-B9AA-D03AE4C6C10E}

2015-05-23 23:59 - 2015-05-23 23:59 - 00000000 ____D C:\Users\Jin\AppData\Local\Wacom Help

2015-05-23 23:53 - 2015-06-12 08:36 - 00000000 ____D C:\Users\Jin\AppData\Roaming\WTablet

2015-05-23 23:40 - 2015-05-24 00:09 - 00000000 ____D C:\Program Files\Tablet

2015-05-23 00:23 - 2015-05-23 00:23 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled

2015-05-22 15:08 - 2015-05-24 00:09 - 00000000 ____D C:\ProgramData\ProductData

2015-05-22 15:08 - 2015-05-24 00:09 - 00000000 ____D C:\ProgramData\IObit

2015-05-22 15:08 - 2015-05-22 15:08 - 00000000 ____D C:\Users\Jin\AppData\Roaming\IObit

2015-05-22 14:21 - 2015-05-22 14:21 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playtrickster

2015-05-22 14:16 - 2015-05-25 20:06 - 00000000 ____D C:\Program Files (x86)\Playtrickster

2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieUserList

2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieSiteList

2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieBrowserModeList

2015-05-21 17:41 - 2015-06-11 06:37 - 00000000 ____D C:\Program Files\AMD

2015-05-21 17:39 - 2015-06-11 06:00 - 00000000 ____D C:\AMD

2015-05-20 20:20 - 2015-05-20 20:22 - 173649390 _____ C:\Users\Jin\Downloads\Adobe photoshop cS6 luisarmandotutoriales (1).zip

2015-05-18 17:27 - 2015-05-18 17:27 - 00000000 ____D C:\Users\Jin\AppData\Local\{7E88FC18-349F-422D-99B3-FBF18EFDEDA5}

2015-05-16 17:42 - 2015-05-16 17:47 - 00000029 _____ C:\Users\Jin\Documents\AutoHotkey.ahk

2015-05-16 17:42 - 2015-05-16 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey

2015-05-16 17:42 - 2015-05-16 17:42 - 00000800 _____ C:\Users\Jin\Desktop\AutoHotkey.lnk

2015-05-16 17:42 - 2015-05-16 17:42 - 00000000 ____D C:\Program Files\AutoHotkey

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-06-12 08:55 - 2015-03-30 23:01 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-12 08:48 - 2015-03-25 22:00 - 01424027 _____ C:\Windows\WindowsUpdate.log

2015-06-12 08:37 - 2015-03-26 02:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-06-12 08:36 - 2015-03-25 19:50 - 00000000 _____ C:\Users\Jin\AppData\Local\WavXMapDrive.bat

2015-06-12 08:36 - 2015-03-25 19:47 - 00000000 ___HD C:\ASUS.DAT

2015-06-12 08:36 - 2012-02-18 06:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-12 08:33 - 2012-02-18 06:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-11 21:24 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-11 21:24 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-11 21:16 - 2012-02-18 05:48 - 00093278 _____ C:\Windows\PFRO.log

2015-06-11 21:16 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-06-11 21:16 - 2009-07-14 00:51 - 00063934 _____ C:\Windows\setupact.log

2015-06-11 20:05 - 2015-03-25 19:19 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Riot Games

2015-06-11 08:37 - 2015-03-26 02:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-06-11 08:37 - 2015-03-26 02:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-11 08:37 - 2015-03-26 02:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-06-11 07:11 - 2015-03-25 19:47 - 00000000 ____D C:\Users\Jin

2015-06-11 06:50 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI

2015-06-11 06:41 - 2015-04-09 08:49 - 00000000 ___SD C:\Windows\system32\GWX

2015-06-11 06:41 - 2015-03-26 02:21 - 00000000 ____D C:\Windows\system32\Macromed

2015-06-11 06:40 - 2015-03-25 22:20 - 00000000 ____D C:\ProgramData\P4G

2015-06-11 06:40 - 2015-03-25 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center

2015-06-11 06:40 - 2015-03-25 22:04 - 00000000 ____D C:\Program Files (x86)\ATI Technologies

2015-06-11 06:40 - 2012-02-18 06:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-06-11 06:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration

2015-06-11 06:37 - 2015-03-26 00:23 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Skype

2015-06-11 06:37 - 2015-03-25 22:04 - 00000000 ____D C:\Program Files\ATI

2015-06-11 06:37 - 2015-03-25 18:59 - 00000000 ____D C:\Program Files (x86)\Steam

2015-06-08 22:56 - 2015-03-25 22:22 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe

2015-06-08 15:00 - 2015-04-02 21:42 - 00000000 ____D C:\Users\Jin\Desktop\Skyrim Saves

2015-06-06 10:22 - 2012-02-18 06:10 - 00000000 ____D C:\ProgramData\Adobe

2015-06-06 10:21 - 2015-04-28 21:15 - 00000000 ____D C:\Windows\system32\appmgmt

2015-06-05 00:07 - 2015-03-26 00:22 - 00000000 ____D C:\ProgramData\Skype

2015-05-30 12:17 - 2015-03-25 19:47 - 00000000 ____D C:\Users\Jin\AppData\Local\VirtualStore

2015-05-30 12:13 - 2015-03-25 19:47 - 00061192 _____ C:\Users\Jin\AppData\Local\GDIPFONTCACHEV1.DAT

2015-05-30 12:11 - 2009-07-14 00:45 - 00269432 _____ C:\Windows\system32\FNTCACHE.DAT

2015-05-30 12:09 - 2015-03-25 21:34 - 00001943 _____ C:\Users\Jin\Desktop\Razer Synapse.lnk

2015-05-28 22:56 - 2015-04-14 20:56 - 00000000 ____D C:\Users\Jin\Desktop\terraria-server-1241

2015-05-28 16:09 - 2015-04-09 01:39 - 00000000 ____D C:\Users\Jin\AppData\Local\Windows Live

2015-05-25 03:12 - 2015-03-25 18:56 - 00002257 _____ C:\Users\Jin\Desktop\Google Chrome.lnk

2015-05-24 00:11 - 2015-05-07 19:50 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-05-24 00:10 - 2015-04-09 08:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-05-24 00:10 - 2015-04-07 03:46 - 00000000 ____D C:\Windows\system32\WTablet

2015-05-24 00:10 - 2009-07-14 03:47 - 00000000 ____D C:\Program Files\Windows Journal

2015-05-24 00:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache

2015-05-24 00:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-05-24 00:09 - 2015-05-04 23:29 - 00000000 ____D C:\Users\Jin\AppData\Local\FluxSoftware

2015-05-24 00:09 - 2015-05-03 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

2015-05-24 00:09 - 2015-05-03 15:00 - 00000000 ____D C:\Program Files\Microsoft Security Client

2015-05-24 00:09 - 2015-04-09 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-24 00:09 - 2015-04-09 03:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-24 00:09 - 2015-04-09 03:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-24 00:09 - 2015-04-07 04:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet

2015-05-24 00:09 - 2015-04-07 03:46 - 00000000 ____D C:\Program Files (x86)\TabletPlugins

2015-05-24 00:09 - 2015-04-07 03:45 - 00000000 ____D C:\Program Files (x86)\Tablet

2015-05-24 00:09 - 2015-03-25 22:08 - 00000000 ____D C:\ProgramData\SZCCID

2015-05-24 00:09 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-05-21 17:40 - 2015-04-05 14:13 - 00000000 ____D C:\Windows\system32\MRT

2015-05-17 18:53 - 2015-03-26 09:04 - 00000000 ____D C:\Users\Jin\Documents\my games

2015-05-17 16:08 - 2012-02-18 06:11 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-17 16:08 - 2012-02-18 06:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-16 17:42 - 2009-07-14 03:46 - 00000000 ____D C:\Windows\ShellNew

2015-05-13 20:32 - 2015-04-18 23:18 - 00000000 ____D C:\Users\Jin\Documents\ArcheAge

 

==================== Files in the root of some directories =======

 

2015-04-05 20:16 - 2015-04-18 03:04 - 0002166 _____ () C:\Users\Jin\AppData\Roaming\SpeedRunnersLog.txt

2015-05-31 19:46 - 2015-05-31 19:46 - 0007597 _____ () C:\Users\Jin\AppData\Local\Resmon.ResmonCfg

2015-03-25 19:50 - 2015-06-12 08:36 - 0000000 _____ () C:\Users\Jin\AppData\Local\WavXMapDrive.bat

2015-03-25 22:26 - 2015-03-25 22:26 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

2015-03-25 22:25 - 2015-03-25 22:26 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2015-03-25 22:25 - 2015-03-25 22:25 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

 

Some files in TEMP:

====================

C:\Users\Jin\AppData\Local\Temp\0Kraken71ChromaDevProps.dll

C:\Users\Jin\AppData\Local\Temp\sqeygabt.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-06-03 16:37

 

==================== End of log ============================

Link to post
Share on other sites

This is the Addition: 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Jin at 2015-06-12 09:09:15
Running from C:\Users\Jin\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3591376011-4221855182-589825556-500 - Administrator - Disabled)
Guest (S-1-5-21-3591376011-4221855182-589825556-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3591376011-4221855182-589825556-1002 - Limited - Enabled)
Jin (S-1-5-21-3591376011-4221855182-589825556-1000 - Administrator - Enabled) => C:\Users\Jin
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.18.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.18.0 - Alcor Micro Corp.) Hidden
ArcheAge (HKLM-x32\...\Steam App 304030) (Version:  - XLGAMES)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
Asus Commercial Series (HKLM-x32\...\Asus Commercial Series) (Version: 1.0.0001 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0007 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.3 - AsusTek Computer Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
ATI AVIVO64 Codecs (Version: 11.6.0.10328 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{B595A585-C3A9-5855-35D0-FDD765D2B6BC}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
AutoHotkey 1.1.22.00 (HKLM\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Document Manager Lite (Version: 07.00.00.066 - Wave Systems Corp.) Hidden
Document Manager Lite (x32 Version:  - ) Hidden
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dragon Nest (HKLM-x32\...\Steam App 11610) (Version:  - Eyedentity Games Inc.)
EMBASSY Security Center Lite (Version: 04.01.00.069 - Wave Systems Corp) Hidden
EMBASSY Security Center Lite (x32 Version:  - ) Hidden
EMBASSY Security Setup (Version: 04.01.00.067 - Wave Systems Corp) Hidden
EMBASSY Security Setup (x32 Version:  - ) Hidden
Embassy Trust Suite - Asus Edition (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 02.06.02.002 - Wave Systems Corp)
ESC Home Page Plugin (Version: 04.01.00.015 - Wave Systems Corp) Hidden
ESC Home Page Plugin (x32 Version:  - ) Hidden
ETDWare PS/2-X64 8.0.5.4_WHQL (HKLM\...\Elantech) (Version: 8.0.5.4 - ELAN Microelectronic Corp.)
F200 (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Fresco Logic USB3.0 Host Controller (HKLM\...\{CFE2E2E1-7CC9-4B15-99AF-37E78EA1D216}) (Version: 3.3.14.0 - Fresco Logic Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.79 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Infineon TPM Professional Package (HKLM\...\{127D5F95-D83A-40FC-AB4E-109A0B33F296}) (Version: 3.7.000 - Infineon Technologies AG)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0142 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Offworld Trading Company (HKLM-x32\...\Steam App 271240) (Version:  - Mohawk Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Playtrickster (HKU\S-1-5-21-3591376011-4221855182-589825556-1000\...\Playtrickster) (Version: 00.01.00.00 - Privatia co.,ltd.)
Preboot Manager (Version: 03.01.00.169 - Wave Systems Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.8 - ASUS)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Validity Sensors PBA DDK (HKLM\...\{1858AED4-8D6A-40D2-BAC5-BA6F10DFE056}) (Version: 4.1.316.0 - Validity Sensors, Inc.)
Vindictus (HKLM-x32\...\Steam App 212160) (Version:  - Nexon)
Wacom Tablet (HKLM-x32\...\Wacom Tablet Driver) (Version:  - Wacom Technology Corp.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Wave Infrastructure Installer (Version: 07.65.44.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.11.00.053 - Wave Systems Corp) Hidden
Wave Support Software (x32 Version:  - ) Hidden
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
11-06-2015 06:33:55 Restore Operation
11-06-2015 06:55:20 Windows Update
11-06-2015 19:40:21 Before
11-06-2015 20:00:32 Removed League of Legends
11-06-2015 20:04:50 Installed League of Legends
11-06-2015 20:05:09 Installed DirectX
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1271DE15-2F2D-43D0-A40F-840C969575ED} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {19EF6AA5-CEAF-449D-ABBB-2E5F0D93275B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2A148EBF-EFD3-4DC8-8036-B83570C4C8E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {2DE5301C-CAA8-415C-A6DB-5551BC22C0AC} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2011-05-10] (ASUSTek Computer Inc.)
Task: {3327A2B4-38C4-4BEC-A5C6-F4759823BE2C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {3B9B3B5C-3E37-4459-A243-B08B079B03FF} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {3F2EF01C-3B8A-4F89-BDAD-CCF4ED566A7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {48401751-6939-41A6-B526-B0ECE01F506C} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {54ECCA4B-1B19-4BF6-A698-625F12E01615} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {58AA1F19-B8E6-4FB3-BE99-BE83FA102885} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {5C1C11D4-3C29-451B-8E16-2F26DCEE93B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {7AAE3058-625F-4BB6-871B-9786123B894B} - System32\Tasks\{70221115-8601-4A09-B9AA-D03AE4C6C10E} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {91FB96E2-D775-4134-AEBB-B93B9203EC58} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: {A74BD314-DD20-4B42-8817-A44E1FFDFF0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated)
Task: {A89A418D-6124-4208-9253-AF06FCE7ACD8} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-01-24] ()
Task: {B10E4840-A555-4981-AEA8-B5045285F623} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {B8143598-2559-4A43-9092-FCA9944C0624} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {CEA6F4A5-60D0-4D2F-9025-542F90F0A7E2} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-09] (Microsoft Corporation)
Task: {EB4B4385-B3C1-4274-A602-389BDD0FF941} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-06-29] (ASUSTek Computer Inc.)
Task: {FDCBAC64-D16E-4DC6-9F0F-23944ED8F5C2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-02-04 18:42 - 2011-02-04 18:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-02-04 19:24 - 2015-02-04 19:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-01-24 13:55 - 2011-01-24 13:55 - 00541696 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2015-03-25 22:20 - 2007-11-30 14:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2015-03-25 22:04 - 2011-03-25 05:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-07 03:02 - 2011-04-07 03:02 - 00278016 _____ () C:\Windows\system32\wxvault.dll
2011-02-04 18:42 - 2011-02-04 18:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-09-23 19:53 - 2010-09-23 19:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2011-03-14 17:21 - 2011-03-14 17:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-28 14:44 - 2011-03-28 14:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-03-14 01:49 - 2015-03-14 01:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2011-05-30 16:48 - 2011-05-30 16:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-03-25 19:17 - 2015-06-12 08:36 - 00619840 _____ () C:\Users\Jin\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2015-05-19 22:29 - 2015-05-19 22:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2010-08-20 12:57 - 2010-08-20 12:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 12:57 - 2010-08-20 12:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-03-25 21:34 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-03-25 21:34 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-03-25 21:34 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-06-11 12:14 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-11 12:14 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{AFA4DB8E-413A-4E2E-9F4B-4E445782B818}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A02084F5-8BCE-42AC-85EA-1A397230AA7B}] => (Allow) LPort=2869
FirewallRules: [{B3141292-99A2-47EE-AD02-177B05E253EF}] => (Allow) LPort=1900
FirewallRules: [{2AD397EB-EA9D-4FF5-9940-C79DE2D1CF1C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1189E204-6188-4188-91AE-96B78E697EAF}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{02D9C6CA-EA26-4894-AD0D-21684C3D5CC6}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9F268794-19BD-479A-8DE7-970106A782CB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{459047F6-F07C-4667-9C0A-49A82F84BB0D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{28F77632-4CE4-46CC-82B2-BA4EB745D272}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0629F047-41AA-4ED2-82BD-D2C9958BDE2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C48ED91-5712-4317-B9D9-0BB1F05F2D18}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCA13553-B45C-4C81-8BBD-2C03E39A0DB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{15FB15CE-4B0B-41B5-ABB7-DE1E4C94F0E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{83F56D98-5420-4265-8515-46A68610EBA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6204F6C9-54C7-4F9B-9A50-24FB51CFF703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{8DFB498E-A29C-4044-A0D7-3A0EED9F9CE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{A5AD869A-FD6D-4491-8341-1AE6F4979E3A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D9BEB02F-EC52-4360-A43C-13B2AF3BA88C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0EF4C3BF-3160-4B59-B0A8-E1D729BCA5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E0C1E4A9-CA49-4305-8F1A-E88E40D794BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{7AA461FD-E4C9-4B52-A408-BAA32CCE2392}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{CE77CFE1-53DF-4469-898A-571E1B51BD19}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F43B16C1-7A71-4042-9432-B74AD29FF61B}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{6CE67602-AD7C-45E3-B9A9-89E6DECB9114}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [uDP Query User{AC8CD865-FA0C-42DB-9288-A459CB52BF78}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{972C20A2-E323-4873-861A-CF78390856AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8425BACF-D1A9-42BC-B71C-FE97911AE1F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{91396222-0A41-487E-BAA3-767ED5F39302}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [uDP Query User{4372D16F-A912-474A-AC48-F252EA6904BF}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{868FD230-69A8-4136-8894-E36FB29A5D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{616ADEB7-48B6-4986-9D56-0BFA8472B77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{52420B98-D22D-4A93-9ED2-E83CB00F66FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6711B20E-17A6-444C-BEB9-A411FB1DAC6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{298601ED-50C9-401F-B717-65D7AC8EDE7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{68A20E80-2254-4467-842B-7239A68787E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{53D89285-C22F-4613-AB48-E344D48AEDD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CB1787F1-3D69-46EB-81FF-2595ACA5B6F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B7A59AFA-7071-4F7D-949D-FCED496C27BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F31E43FF-F659-4D8C-BD8E-E1DDD70A1595}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{5EB66ED0-F467-4D40-ABA7-327E6982C146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{9AD55DEE-6A17-4578-A89A-60521B9DF531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{83A3526E-EB74-4CF0-AD4E-580AE2807827}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe
FirewallRules: [uDP Query User{1E54E309-2FAC-468C-BA36-6DD43A730A5A}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe
FirewallRules: [TCP Query User{B49318E7-82CF-44B7-8FEA-E395CD2360B2}C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe] => (Allow) C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe
FirewallRules: [uDP Query User{6B2461F3-A97C-46E1-9F0D-AF45BCCEC72C}C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe] => (Allow) C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe
FirewallRules: [{5479C730-7113-4E61-9863-8028BEB4CCC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{17704D7E-31CA-45C5-B166-A0CF8511C62A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [TCP Query User{FC7BFE05-77D2-4EE2-8239-4C8930A3564E}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [uDP Query User{CEC7E20E-CF88-4A92-8EEC-D0BB5764D98C}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{E01D54F6-EEBD-4600-99A5-954A3674B735}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{7766841C-9C1B-4027-B182-68DE11D74587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{024775AD-63A6-4428-AFBB-FFCB86E1A4B9}C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [uDP Query User{3EDF98E7-32A4-4020-A5F9-2E69DBCEA988}C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [TCP Query User{D2F7F024-A010-433C-944E-EA09237ED19D}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [uDP Query User{AD04013D-EF8C-42BA-AD69-AE452797C3C0}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{5F391C6A-BB62-4C3B-933F-F59C0C813BFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\nxsteam.exe
FirewallRules: [{9E440301-6FFB-4601-80CE-8B494D73AEC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\nxsteam.exe
FirewallRules: [{81375844-4225-4A22-BEDE-271C3DC0B919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{310370B4-B246-474D-9978-2A6BCFB337D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{02D6A731-4D74-4ABA-81CF-B199596B923B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\Offworld.exe
FirewallRules: [{0EF98F5D-2F13-4267-B55F-0C6CCCD5BE06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\Offworld.exe
FirewallRules: [{4BDFCE8D-E322-46F0-BD5E-D4612AD44394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{EE5F275B-6959-46EF-AD87-D227567A4135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{C9F4528A-0D0B-4635-9EB1-2119B61CBB6C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{229C8616-D40D-4ADD-BD25-9553417BD98D}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D57F3917-C3C7-4566-A086-A3A6150E6D72}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{B913C5DF-8B3E-4B9F-A1E5-DE95EB8FC1F6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{6E04DD6B-D455-47B3-BAC1-1721730FCBC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{2B868E6B-6019-483B-BB6B-13B3FE944443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{C1C6F2B4-ADBE-4BA6-A714-A6F1D1BE7DCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/11/2015 08:06:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rads_user_kernel.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 261c
 
Start Time: 01d0a4a388eb9301
 
Termination Time: 13
 
Application Path: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
 
Report Id: caf0e997-1096-11e5-8365-88532e50a879
 
Error: (06/11/2015 06:50:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (06/11/2015 06:50:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (06/11/2015 06:37:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (06/11/2015 06:37:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: Unloading the performance counter strings for service Windows Workflow Foundation 4.0.0.0 (Windows Workflow Foundation 4.0.0.0) failed. The first DWORD in the Data section contains the error code.
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: Cool-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: Unloading the performance counter strings for service Windows Workflow Foundation 4.0.0.0 (Windows Workflow Foundation 4.0.0.0) failed. The first DWORD in the Data section contains the error code.
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: Cool-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (06/11/2015 06:04:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.
 
 
System errors:
=============
Error: (06/12/2015 08:33:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (06/11/2015 09:16:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/11/2015 06:42:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/11/2015 06:42:38 AM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
 
Signatures Attempted: %24
 
Error Code: 0x80070002
 
Error description: The system cannot find the file specified. 
 
Signature version: 0.0.0.0;0.0.0.0
 
Engine version: %600
 
Error: (06/11/2015 06:30:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/10/2015 04:55:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/10/2015 00:48:35 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (06/09/2015 10:26:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (06/09/2015 08:56:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
Error: (06/09/2015 07:30:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
Error: (06/11/2015 08:06:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rads_user_kernel.exe0.0.0.0261c01d0a4a388eb930113C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.execaf0e997-1096-11e5-8365-88532e50a879
 
Error: (06/11/2015 06:50:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (06/11/2015 06:50:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (06/11/2015 06:37:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (06/11/2015 06:37:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: Windows Workflow Foundation 4.0.0.0Windows Workflow Foundation 4.0.0.08F20300004D070000
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: Cool-PC)
Description: Performance1637070000000000000000000009030000
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: Windows Workflow Foundation 4.0.0.0Windows Workflow Foundation 4.0.0.08F20300004D070000
 
Error: (06/11/2015 06:04:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: Cool-PC)
Description: Performance1637070000000000000000000009030000
 
Error: (06/11/2015 06:04:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: Cool-PC)
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 48%
Total physical RAM: 3979 MB
Available physical RAM: 2060.23 MB
Total Pagefile: 7956.2 MB
Available Pagefile: 5238.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:440.76 GB) (Free:282.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C968D7DA)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=440.8 GB) - (Type=07 NTFS)
 
==================== End of log ============================
Link to post
Share on other sites

  • Root Admin

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows XP the disk check log is in the Event Logs under Application with a heading source of  Winlogon
On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit
On Windows 8 the disk check log is in the Event Logs under Application with a heading source of  Chkdsk



How to Run Disk Check in Windows 7

How to Run Check Disk at Startup in Vista or Windows 7


How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8
 

You want to run the Full disk check that has 5 stages not the quick one with 3 stages.

 

Once that's done then copy/paste back the results of the disk check please.

 

Link to post
Share on other sites

Checking file system on C:

The type of the file system is NTFS.

Volume label is OS.

 

A disk check has been scheduled.

Windows will now check the disk.                         

 

CHKDSK is verifying files (stage 1 of 5)...

  374016 file records processed.                                          File verification completed.

  776 large file records processed.                                      0 bad file records processed.                                        2 EA records processed.                                              46 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...

  527804 index entries processed.                                         Index verification completed.

  0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...

  374016 file SDs/SIDs processed.                                         Cleaning up 6 unused index entries from index $SII of file 0x9.

Cleaning up 6 unused index entries from index $SDH of file 0x9.

Cleaning up 6 unused security descriptors.

Security descriptor verification completed.

  76895 data files processed.                                            CHKDSK is verifying Usn Journal...

  35344240 USN bytes processed.                                             Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

  374000 files processed.                                                 File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

  73798689 free clusters processed.                                         Free space verification is complete.

Windows has checked the file system and found no problems.

 

 462170111 KB total disk space.

 166322440 KB in 208682 files.

    163056 KB in 76896 indexes.

         0 KB in bad sectors.

    489859 KB in use by the system.

     65536 KB occupied by the log file.

 295194756 KB available on disk.

 

      4096 bytes in each allocation unit.

 115542527 total allocation units on disk.

  73798689 allocation units available on disk.

 

Internal Info:

00 b5 05 00 95 5b 04 00 b7 a3 07 00 00 00 00 00  .....[..........

68 01 00 00 2e 00 00 00 00 00 00 00 00 00 00 00  h...............

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

 

Windows has finished checking your disk.

Please wait while your computer restarts.
Link to post
Share on other sites

  • Root Admin

Please try going here and choosing to run a few of the top solutions for Windows fixes. Then restart the computer and let me know how it's running now and if that helped any or not.

 

https://support2.microsoft.com/fixit/

 

Then run a new FRST scan and make sure you place a check mark in the Additions.txt check box and post back both new logs

Link to post
Share on other sites

All it really said was for me to do Windows Update. Here are the Logs though. FRST: 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jin (administrator) on COOL-PC on 14-06-2015 18:31:07
Running from C:\Users\Jin\Desktop
Loaded Profiles: Jin (Available Profiles: Jin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTNA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Jin\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-06-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EmbassySecurityCheck] => C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [119176 2011-07-05] (Wave Systems Corp.)
HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-04] (Intel® Corporation)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [intelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-02-01] (Intel Corporation)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [47616 2011-05-20] (Windows ® Win 7 DDK provider)
HKLM-x32\...\Run: [iFXSPMGT] => C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1161080 2011-04-19] (Infineon Technologies AG)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-02-02] (Razer Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs-x32: wxvault.dll => "C:\Windows\SysWOW64\wxvault.dll" File not found
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-02-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3591376011-4221855182-589825556-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3591376011-4221855182-589825556-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jin\AppData\Roaming\Mozilla\Firefox\Profiles\mrscoc56.default
FF DefaultSearchEngine: Secure Search
FF DefaultSearchEngine.US: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.)
FF Extension: Adblock Plus - C:\Users\Jin\AppData\Roaming\Mozilla\Firefox\Profiles\mrscoc56.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (AdBlock) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-07]
CHR Extension: (Bookmark Manager) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Google Drive) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-25]
CHR Extension: (YouTube) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-25]
CHR Extension: (Google Search) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\Jin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1161080 2011-04-19] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [992544 2010-02-23] (Infineon Technologies AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-04] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2010-02-23] (Infineon Technologies AG)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2010-03-30] (Wave Systems Corp.) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2010-03-08] (Wacom Technology, Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R3 diskperf64; C:\Windows\System32\DRIVERS\diskperf64.sys [17512 2010-11-11] (Realtek Semiconductor Corp.)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [57344 2011-05-24] (Fresco Logic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-25] (Infineon Technologies AG)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 SzCCID; C:\Windows\System32\DRIVERS\SzCCID.sys [40448 2011-03-12] (Generic)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [307496 2011-04-07] (Wave Systems Corp.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-14 18:31 - 2015-06-14 18:31 - 00020257 _____ C:\Users\Jin\Desktop\FRST.txt
2015-06-14 18:30 - 2015-06-14 18:30 - 00000000 ____D C:\Users\Jin\Desktop\FRST-OlderVersion
2015-06-14 15:14 - 2015-06-14 15:14 - 00000000 ____D C:\Users\Jin\AppData\Local\Risk_of_Rain
2015-06-14 13:15 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-14 13:15 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-14 13:12 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-14 13:12 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-14 13:12 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-14 13:12 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-14 13:12 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-14 13:12 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-14 13:12 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-14 13:12 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-14 13:12 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-14 13:12 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-14 13:12 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-14 13:12 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-14 13:12 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-14 13:12 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-14 13:12 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-14 13:12 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-14 13:12 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-14 13:12 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-14 13:12 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-14 13:12 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-14 13:12 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-14 13:12 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-14 13:12 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-14 13:12 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-14 13:12 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-14 13:12 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-14 13:12 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-14 13:12 - 2015-05-22 14:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-14 13:12 - 2015-05-22 14:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-14 13:12 - 2015-05-21 09:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-14 13:12 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-14 13:12 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-14 13:12 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-14 13:12 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-06-14 13:12 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-06-14 13:12 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-14 13:12 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-06-14 13:12 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-14 13:12 - 2014-12-11 13:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-14 13:11 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-14 13:11 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-14 13:11 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-14 13:11 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-14 13:11 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-14 13:11 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-14 13:11 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-14 13:11 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-14 13:11 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-14 13:11 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-14 13:11 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-14 13:11 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-14 13:11 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-14 13:11 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-14 13:11 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-14 13:11 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-14 13:11 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-14 13:11 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-14 13:11 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-14 13:11 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-14 13:11 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-14 13:11 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-14 13:11 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-14 13:11 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-14 13:11 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-14 13:11 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-14 13:11 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-14 13:11 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-14 13:11 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-14 13:11 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-14 13:11 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-14 13:11 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-14 13:11 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-14 13:11 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-14 13:11 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-14 13:11 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-14 13:11 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-14 13:11 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-14 13:11 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-14 13:11 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-14 13:11 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-14 13:11 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-14 13:11 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-14 13:11 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-14 13:11 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-14 13:11 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-14 13:11 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-14 13:11 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-14 13:11 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-14 13:11 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-14 13:11 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-14 13:11 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-14 13:11 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-14 13:11 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-14 13:11 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-14 13:11 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-14 13:11 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-14 13:11 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-14 13:11 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-14 13:11 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-14 13:11 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-14 13:11 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-14 13:11 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-14 13:11 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-14 13:11 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-14 13:11 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-14 13:11 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-14 13:11 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-14 13:11 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-14 13:11 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-14 13:11 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-14 13:11 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-14 13:11 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-14 13:11 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-14 13:11 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-14 13:11 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-14 13:11 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-06-14 13:11 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-06-14 13:10 - 2015-06-14 13:10 - 00000000 ____D C:\Windows\pss
2015-06-14 13:07 - 2014-09-04 22:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-14 13:07 - 2014-09-04 21:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-12 09:13 - 2015-06-12 09:13 - 00045475 _____ C:\Users\Jin\Documents\CheckResults.txt
2015-06-12 09:12 - 2015-06-12 09:12 - 01682416 _____ (Malwarebytes Corporation) C:\Users\Jin\Desktop\mbam-check-2.1.1.1001.exe
2015-06-12 09:08 - 2015-06-14 18:31 - 00000000 ____D C:\FRST
2015-06-12 09:08 - 2015-06-14 18:30 - 02109952 _____ (Farbar) C:\Users\Jin\Desktop\FRST64.exe
2015-06-11 20:04 - 2015-06-11 20:04 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-06-11 20:04 - 2015-06-11 20:04 - 00000000 ____D C:\Riot Games
2015-06-11 06:13 - 2015-06-11 06:13 - 00000000 ____D C:\Users\Jin\AppData\Roaming\library_dir
2015-06-11 06:13 - 2015-06-11 06:13 - 00000000 ____D C:\ProgramData\ATI
2015-06-11 06:12 - 2015-06-11 06:40 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Raptr
2015-06-11 06:12 - 2015-06-11 06:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\ProgramData\AMD
2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-06-11 06:12 - 2015-06-11 06:12 - 00000000 ____D C:\Program Files (x86)\AMD
2015-06-06 19:31 - 2015-06-06 19:31 - 00000040 ____H C:\F66FC04B73D9
2015-06-06 10:32 - 2015-06-08 14:26 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1
2015-06-06 10:32 - 2015-06-06 10:32 - 00004104 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly
2015-06-06 10:32 - 2015-06-06 10:32 - 00003424 _____ C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily
2015-06-06 10:32 - 2015-06-06 10:32 - 00000865 _____ C:\Users\Public\Desktop\MyDefrag.lnk
2015-06-06 10:32 - 2015-06-06 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
2015-06-03 23:43 - 2015-06-03 23:44 - 00000000 ____D C:\Users\Jin\AppData\Local\{0DF9B1CD-FDA2-4469-B8DF-6F8D8C36A074}
2015-06-03 22:17 - 2015-06-03 22:17 - 00001454 _____ C:\Users\Jin\Desktop\Adobe photoshop cS6 luisarmandotutoriales (1) - Shortcut.lnk
2015-06-03 22:17 - 2015-06-03 22:17 - 00000000 ____D C:\Users\Jin\Desktop\Adobe photoshop cs6 multilenguaje portable
2015-05-31 19:46 - 2015-05-31 19:46 - 00007597 _____ C:\Users\Jin\AppData\Local\Resmon.ResmonCfg
2015-05-30 02:48 - 2015-05-30 02:52 - 00001127 _____ C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
2015-05-30 02:48 - 2015-05-30 02:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2015-05-30 02:47 - 2015-05-30 02:47 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-30 02:09 - 2015-06-01 17:46 - 00000000 ____D C:\Program Files (x86)\Diablo II
2015-05-25 20:06 - 2015-05-25 20:06 - 00001032 _____ C:\Users\Jin\Desktop\Playtrickster.lnk
2015-05-25 20:06 - 2015-05-25 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playtrickster
2015-05-24 00:18 - 2015-05-24 00:18 - 00003086 _____ C:\Windows\System32\Tasks\{70221115-8601-4A09-B9AA-D03AE4C6C10E}
2015-05-23 23:59 - 2015-05-23 23:59 - 00000000 ____D C:\Users\Jin\AppData\Local\Wacom Help
2015-05-23 23:53 - 2015-06-14 14:55 - 00000000 ____D C:\Users\Jin\AppData\Roaming\WTablet
2015-05-23 23:40 - 2015-05-24 00:09 - 00000000 ____D C:\Program Files\Tablet
2015-05-23 00:23 - 2015-05-23 00:23 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2015-05-22 15:08 - 2015-05-24 00:09 - 00000000 ____D C:\ProgramData\ProductData
2015-05-22 15:08 - 2015-05-24 00:09 - 00000000 ____D C:\ProgramData\IObit
2015-05-22 15:08 - 2015-05-22 15:08 - 00000000 ____D C:\Users\Jin\AppData\Roaming\IObit
2015-05-22 14:21 - 2015-05-22 14:21 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Playtrickster
2015-05-22 14:16 - 2015-05-25 20:06 - 00000000 ____D C:\Program Files (x86)\Playtrickster
2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieUserList
2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieSiteList
2015-05-21 17:42 - 2015-05-21 17:42 - 00000000 __SHD C:\Users\Jin\AppData\Local\EmieBrowserModeList
2015-05-21 17:41 - 2015-06-11 06:37 - 00000000 ____D C:\Program Files\AMD
2015-05-21 17:39 - 2015-06-11 06:00 - 00000000 ____D C:\AMD
2015-05-18 17:27 - 2015-05-18 17:27 - 00000000 ____D C:\Users\Jin\AppData\Local\{7E88FC18-349F-422D-99B3-FBF18EFDEDA5}
2015-05-16 17:42 - 2015-05-16 17:47 - 00000029 _____ C:\Users\Jin\Documents\AutoHotkey.ahk
2015-05-16 17:42 - 2015-05-16 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-05-16 17:42 - 2015-05-16 17:42 - 00000800 _____ C:\Users\Jin\Desktop\AutoHotkey.lnk
2015-05-16 17:42 - 2015-05-16 17:42 - 00000000 ____D C:\Program Files\AutoHotkey
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-14 18:13 - 2012-02-18 06:11 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 17:50 - 2015-03-25 22:00 - 01950806 _____ C:\Windows\WindowsUpdate.log
2015-06-14 17:37 - 2015-03-26 02:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 16:13 - 2012-02-18 06:11 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-14 15:35 - 2015-03-30 23:01 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 15:26 - 2015-03-25 18:59 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-14 15:25 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 15:25 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 15:20 - 2009-07-14 01:13 - 00006166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 15:16 - 2015-03-25 22:22 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-06-14 15:16 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-14 15:16 - 2009-07-14 00:51 - 00064326 _____ C:\Windows\setupact.log
2015-06-14 14:20 - 2009-07-14 00:45 - 00269432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-14 14:18 - 2015-04-15 16:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-14 14:18 - 2015-04-15 16:08 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-14 14:18 - 2015-04-09 08:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-14 14:18 - 2015-04-09 08:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-14 14:18 - 2009-07-14 03:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-14 14:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-14 13:27 - 2015-05-03 15:38 - 00002154 _____ C:\Windows\epplauncher.mif
2015-06-14 13:27 - 2015-05-03 15:01 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-14 13:26 - 2015-05-03 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-14 13:26 - 2015-05-03 15:00 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-14 13:23 - 2015-04-05 14:13 - 00000000 ____D C:\Windows\system32\MRT
2015-06-14 13:15 - 2015-04-09 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-14 13:14 - 2015-04-09 03:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-14 13:14 - 2015-04-09 03:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-14 00:57 - 2015-03-26 00:23 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Skype
2015-06-13 18:53 - 2015-03-25 19:50 - 00000000 _____ C:\Users\Jin\AppData\Local\WavXMapDrive.bat
2015-06-13 18:53 - 2015-03-25 19:47 - 00000000 ___HD C:\ASUS.DAT
2015-06-13 12:42 - 2012-02-18 05:48 - 00096716 _____ C:\Windows\PFRO.log
2015-06-11 20:05 - 2015-03-25 19:19 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Riot Games
2015-06-11 08:37 - 2015-03-26 02:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 08:37 - 2015-03-26 02:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-11 08:37 - 2015-03-26 02:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 07:11 - 2015-03-25 19:47 - 00000000 ____D C:\Users\Jin
2015-06-11 06:41 - 2015-03-26 02:21 - 00000000 ____D C:\Windows\system32\Macromed
2015-06-11 06:40 - 2015-03-25 22:20 - 00000000 ____D C:\ProgramData\P4G
2015-06-11 06:40 - 2015-03-25 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-06-11 06:40 - 2015-03-25 22:04 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-11 06:40 - 2012-02-18 06:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-11 06:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-06-11 06:37 - 2015-03-25 22:04 - 00000000 ____D C:\Program Files\ATI
2015-06-08 15:00 - 2015-04-02 21:42 - 00000000 ____D C:\Users\Jin\Desktop\Skyrim Saves
2015-06-06 10:22 - 2012-02-18 06:10 - 00000000 ____D C:\ProgramData\Adobe
2015-06-06 10:21 - 2015-04-28 21:15 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-05 00:07 - 2015-03-26 00:22 - 00000000 ____D C:\ProgramData\Skype
2015-05-30 12:17 - 2015-03-25 19:47 - 00000000 ____D C:\Users\Jin\AppData\Local\VirtualStore
2015-05-30 12:13 - 2015-03-25 19:47 - 00061192 _____ C:\Users\Jin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-30 12:09 - 2015-03-25 21:34 - 00001943 _____ C:\Users\Jin\Desktop\Razer Synapse.lnk
2015-05-28 22:56 - 2015-04-14 20:56 - 00000000 ____D C:\Users\Jin\Desktop\terraria-server-1241
2015-05-28 16:09 - 2015-04-09 01:39 - 00000000 ____D C:\Users\Jin\AppData\Local\Windows Live
2015-05-27 00:04 - 2015-04-05 14:13 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-25 03:12 - 2015-03-25 18:56 - 00002257 _____ C:\Users\Jin\Desktop\Google Chrome.lnk
2015-05-24 00:11 - 2015-05-07 19:50 - 00000000 ____D C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-05-24 00:10 - 2015-04-07 03:46 - 00000000 ____D C:\Windows\system32\WTablet
2015-05-24 00:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-05-24 00:09 - 2015-05-04 23:29 - 00000000 ____D C:\Users\Jin\AppData\Local\FluxSoftware
2015-05-24 00:09 - 2015-04-07 04:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2015-05-24 00:09 - 2015-04-07 03:46 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-05-24 00:09 - 2015-04-07 03:45 - 00000000 ____D C:\Program Files (x86)\Tablet
2015-05-24 00:09 - 2015-03-25 22:08 - 00000000 ____D C:\ProgramData\SZCCID
2015-05-24 00:09 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-05-17 18:53 - 2015-03-26 09:04 - 00000000 ____D C:\Users\Jin\Documents\my games
2015-05-17 16:08 - 2012-02-18 06:11 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 16:08 - 2012-02-18 06:11 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:42 - 2009-07-14 03:46 - 00000000 ____D C:\Windows\ShellNew
 
==================== Files in the root of some directories =======
 
2015-04-05 20:16 - 2015-04-18 03:04 - 0002166 _____ () C:\Users\Jin\AppData\Roaming\SpeedRunnersLog.txt
2015-05-31 19:46 - 2015-05-31 19:46 - 0007597 _____ () C:\Users\Jin\AppData\Local\Resmon.ResmonCfg
2015-03-25 19:50 - 2015-06-13 18:53 - 0000000 _____ () C:\Users\Jin\AppData\Local\WavXMapDrive.bat
2015-03-25 22:26 - 2015-03-25 22:26 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-03-25 22:25 - 2015-03-25 22:26 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-03-25 22:25 - 2015-03-25 22:25 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Some files in TEMP:
====================
C:\Users\Jin\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Jin\AppData\Local\Temp\sqeygabt.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-13 13:54
 
==================== End of log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015

Ran by Jin at 2015-06-14 18:31:52

Running from C:\Users\Jin\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-3591376011-4221855182-589825556-500 - Administrator - Disabled)

Guest (S-1-5-21-3591376011-4221855182-589825556-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3591376011-4221855182-589825556-1002 - Limited - Enabled)

Jin (S-1-5-21-3591376011-4221855182-589825556-1000 - Administrator - Enabled) => C:\Users\Jin

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)

Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.18.0 - Alcor Micro Corp.)

Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.18.0 - Alcor Micro Corp.) Hidden

ArcheAge (HKLM-x32\...\Steam App 304030) (Version:  - XLGAMES)

ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)

Asus Commercial Series (HKLM-x32\...\Asus Commercial Series) (Version: 1.0.0001 - ASUS)

ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)

ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)

ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0007 - ASUS)

ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.3 - AsusTek Computer Inc.)

ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)

ATI AVIVO64 Codecs (Version: 11.6.0.10328 - ATI Technologies Inc.) Hidden

ATI Catalyst Install Manager (HKLM\...\{B595A585-C3A9-5855-35D0-FDD765D2B6BC}) (Version: 3.0.820.0 - ATI Technologies, Inc.)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)

AutoHotkey 1.1.22.00 (HKLM\...\AutoHotkey) (Version: 1.1.22.00 - Lexikos)

Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)

Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)

CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)

CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)

CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)

Document Manager Lite (Version: 07.00.00.066 - Wave Systems Corp.) Hidden

Document Manager Lite (x32 Version:  - ) Hidden

Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)

Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)

Dragon Nest (HKLM-x32\...\Steam App 11610) (Version:  - Eyedentity Games Inc.)

EMBASSY Security Center Lite (Version: 04.01.00.069 - Wave Systems Corp) Hidden

EMBASSY Security Center Lite (x32 Version:  - ) Hidden

EMBASSY Security Setup (Version: 04.01.00.067 - Wave Systems Corp) Hidden

EMBASSY Security Setup (x32 Version:  - ) Hidden

Embassy Trust Suite - Asus Edition (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 02.06.02.002 - Wave Systems Corp)

ESC Home Page Plugin (Version: 04.01.00.015 - Wave Systems Corp) Hidden

ESC Home Page Plugin (x32 Version:  - ) Hidden

ETDWare PS/2-X64 8.0.5.4_WHQL (HKLM\...\Elantech) (Version: 8.0.5.4 - ELAN Microelectronic Corp.)

F200 (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version:  - )

Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)

Fresco Logic USB3.0 Host Controller (HKLM\...\{CFE2E2E1-7CC9-4B15-99AF-37E78EA1D216}) (Version: 3.3.14.0 - Fresco Logic Inc.)

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)

Google Update Helper (x32 Version: 1.3.21.79 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Infineon TPM Professional Package (HKLM\...\{127D5F95-D83A-40FC-AB4E-109A0B33F296}) (Version: 3.7.000 - Infineon Technologies AG)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)

Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0142 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{794E5C90-96E5-4413-B3F5-C803205AE30C}) (Version: 14.0.3000 - Intel Corporation)

Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)

Offworld Trading Company (HKLM-x32\...\Steam App 271240) (Version:  - Mohawk Games)

Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)

Playtrickster (HKU\S-1-5-21-3591376011-4221855182-589825556-1000\...\Playtrickster) (Version: 00.01.00.00 - Privatia co.,ltd.)

Preboot Manager (Version: 03.01.00.169 - Wave Systems Corp.) Hidden

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)

Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )

SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.8 - ASUS)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)

Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

Validity Sensors PBA DDK (HKLM\...\{1858AED4-8D6A-40D2-BAC5-BA6F10DFE056}) (Version: 4.1.316.0 - Validity Sensors, Inc.)

Vindictus (HKLM-x32\...\Steam App 212160) (Version:  - Nexon)

Wacom Tablet (HKLM-x32\...\Wacom Tablet Driver) (Version:  - Wacom Technology Corp.)

Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)

Wave Infrastructure Installer (Version: 07.65.44.0000 - Wave Systems Corp) Hidden

Wave Support Software (Version: 05.11.00.053 - Wave Systems Corp) Hidden

Wave Support Software (x32 Version:  - ) Hidden

WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)

WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)

Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)

用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)

適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== Restore Points =========================

 

11-06-2015 19:40:21 Before

11-06-2015 20:00:32 Removed League of Legends

11-06-2015 20:04:50 Installed League of Legends

11-06-2015 20:05:09 Installed DirectX

14-06-2015 12:58:39 Windows Update

14-06-2015 13:13:17 Windows Update

14-06-2015 13:17:12 6/14 1:17

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {04DF36ED-14E0-43F4-96EA-CD2219CDDD63} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)

Task: {1271DE15-2F2D-43D0-A40F-840C969575ED} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {2A148EBF-EFD3-4DC8-8036-B83570C4C8E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)

Task: {2DE5301C-CAA8-415C-A6DB-5551BC22C0AC} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2011-05-10] (ASUSTek Computer Inc.)

Task: {3B9B3B5C-3E37-4459-A243-B08B079B03FF} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)

Task: {3F2EF01C-3B8A-4F89-BDAD-CCF4ED566A7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)

Task: {48401751-6939-41A6-B526-B0ECE01F506C} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()

Task: {58AA1F19-B8E6-4FB3-BE99-BE83FA102885} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)

Task: {722276A5-267D-442A-BDEF-EE60AD336AAB} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)

Task: {7AAE3058-625F-4BB6-871B-9786123B894B} - System32\Tasks\{70221115-8601-4A09-B9AA-D03AE4C6C10E} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

Task: {91FB96E2-D775-4134-AEBB-B93B9203EC58} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)

Task: {A74BD314-DD20-4B42-8817-A44E1FFDFF0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated)

Task: {A89A418D-6124-4208-9253-AF06FCE7ACD8} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-01-24] ()

Task: {B10E4840-A555-4981-AEA8-B5045285F623} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()

Task: {B8143598-2559-4A43-9092-FCA9944C0624} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()

Task: {CEA6F4A5-60D0-4D2F-9025-542F90F0A7E2} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-09] (Microsoft Corporation)

Task: {D6602F45-3D43-4419-AB86-C969D316EB4A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)

Task: {EB4B4385-B3C1-4274-A602-389BDD0FF941} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-06-29] (ASUSTek Computer Inc.)

Task: {FDCBAC64-D16E-4DC6-9F0F-23944ED8F5C2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (Whitelisted) ==============

 

2011-02-04 18:42 - 2011-02-04 18:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll

2015-03-25 22:20 - 2007-11-30 14:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

2011-01-24 13:55 - 2011-01-24 13:55 - 00541696 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

2015-02-04 19:24 - 2015-02-04 19:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

2015-03-25 22:04 - 2011-03-25 05:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-02-04 18:42 - 2011-02-04 18:42 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2010-09-23 19:53 - 2010-09-23 19:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

2011-03-14 17:21 - 2011-03-14 17:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-03-28 14:44 - 2011-03-28 14:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2015-03-14 01:49 - 2015-03-14 01:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe

2011-05-30 16:48 - 2011-05-30 16:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

2010-08-20 12:57 - 2010-08-20 12:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2010-08-20 12:57 - 2010-08-20 12:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2015-03-25 19:17 - 2015-06-14 15:17 - 00619840 _____ () C:\Users\Jin\AppData\Local\Temp\0Kraken71ChromaDevProps.dll

2015-05-19 22:29 - 2015-05-19 22:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

2015-03-25 21:34 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll

2015-03-25 21:34 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll

2015-03-25 21:34 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\Jin\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

2015-03-25 19:01 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-03-25 19:01 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-03-25 19:01 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-03-25 19:01 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-03-25 19:01 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll

2015-03-25 19:01 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-03-25 19:01 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-03-25 19:01 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-03-25 19:01 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-03-25 19:01 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-03-25 19:01 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-03-25 19:01 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2015-05-15 17:10 - 2015-05-11 15:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll

2015-06-11 12:14 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll

2015-06-11 12:14 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3591376011-4221855182-589825556-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.1

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe

MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

MSCONFIG\startupreg: WavXMgr => "C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{AFA4DB8E-413A-4E2E-9F4B-4E445782B818}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{A02084F5-8BCE-42AC-85EA-1A397230AA7B}] => (Allow) LPort=2869

FirewallRules: [{B3141292-99A2-47EE-AD02-177B05E253EF}] => (Allow) LPort=1900

FirewallRules: [{2AD397EB-EA9D-4FF5-9940-C79DE2D1CF1C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{1189E204-6188-4188-91AE-96B78E697EAF}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{02D9C6CA-EA26-4894-AD0D-21684C3D5CC6}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{9F268794-19BD-479A-8DE7-970106A782CB}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{459047F6-F07C-4667-9C0A-49A82F84BB0D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{28F77632-4CE4-46CC-82B2-BA4EB745D272}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{0629F047-41AA-4ED2-82BD-D2C9958BDE2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{2C48ED91-5712-4317-B9D9-0BB1F05F2D18}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{DCA13553-B45C-4C81-8BBD-2C03E39A0DB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{15FB15CE-4B0B-41B5-ABB7-DE1E4C94F0E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{83F56D98-5420-4265-8515-46A68610EBA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{6204F6C9-54C7-4F9B-9A50-24FB51CFF703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe

FirewallRules: [{8DFB498E-A29C-4044-A0D7-3A0EED9F9CE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe

FirewallRules: [{A5AD869A-FD6D-4491-8341-1AE6F4979E3A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{D9BEB02F-EC52-4360-A43C-13B2AF3BA88C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{0EF4C3BF-3160-4B59-B0A8-E1D729BCA5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{E0C1E4A9-CA49-4305-8F1A-E88E40D794BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe

FirewallRules: [{7AA461FD-E4C9-4B52-A408-BAA32CCE2392}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe

FirewallRules: [{CE77CFE1-53DF-4469-898A-571E1B51BD19}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [{F43B16C1-7A71-4042-9432-B74AD29FF61B}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [TCP Query User{6CE67602-AD7C-45E3-B9A9-89E6DECB9114}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [uDP Query User{AC8CD865-FA0C-42DB-9288-A459CB52BF78}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [{972C20A2-E323-4873-861A-CF78390856AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe

FirewallRules: [{8425BACF-D1A9-42BC-B71C-FE97911AE1F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe

FirewallRules: [TCP Query User{91396222-0A41-487E-BAA3-767ED5F39302}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [uDP Query User{4372D16F-A912-474A-AC48-F252EA6904BF}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe

FirewallRules: [{868FD230-69A8-4136-8894-E36FB29A5D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe

FirewallRules: [{616ADEB7-48B6-4986-9D56-0BFA8472B77F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe

FirewallRules: [{52420B98-D22D-4A93-9ED2-E83CB00F66FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe

FirewallRules: [{6711B20E-17A6-444C-BEB9-A411FB1DAC6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe

FirewallRules: [{298601ED-50C9-401F-B717-65D7AC8EDE7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe

FirewallRules: [{68A20E80-2254-4467-842B-7239A68787E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

FirewallRules: [{53D89285-C22F-4613-AB48-E344D48AEDD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe

FirewallRules: [{CB1787F1-3D69-46EB-81FF-2595ACA5B6F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe

FirewallRules: [{B7A59AFA-7071-4F7D-949D-FCED496C27BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe

FirewallRules: [{F31E43FF-F659-4D8C-BD8E-E1DDD70A1595}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe

FirewallRules: [{5EB66ED0-F467-4D40-ABA7-327E6982C146}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe

FirewallRules: [{9AD55DEE-6A17-4578-A89A-60521B9DF531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

FirewallRules: [TCP Query User{83A3526E-EB74-4CF0-AD4E-580AE2807827}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe

FirewallRules: [uDP Query User{1E54E309-2FAC-468C-BA36-6DD43A730A5A}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe

FirewallRules: [TCP Query User{B49318E7-82CF-44B7-8FEA-E395CD2360B2}C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe] => (Allow) C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe

FirewallRules: [uDP Query User{6B2461F3-A97C-46E1-9F0D-AF45BCCEC72C}C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe] => (Allow) C:\users\jin\desktop\terraria-server-1241\terrariaserver.exe

FirewallRules: [{5479C730-7113-4E61-9863-8028BEB4CCC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe

FirewallRules: [{17704D7E-31CA-45C5-B166-A0CF8511C62A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe

FirewallRules: [TCP Query User{FC7BFE05-77D2-4EE2-8239-4C8930A3564E}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe

FirewallRules: [uDP Query User{CEC7E20E-CF88-4A92-8EEC-D0BB5764D98C}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe

FirewallRules: [{E01D54F6-EEBD-4600-99A5-954A3674B735}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{7766841C-9C1B-4027-B182-68DE11D74587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [TCP Query User{024775AD-63A6-4428-AFBB-FFCB86E1A4B9}C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe

FirewallRules: [uDP Query User{3EDF98E7-32A4-4020-A5F9-2E69DBCEA988}C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trine 3\trine3_64bit.exe

FirewallRules: [TCP Query User{D2F7F024-A010-433C-944E-EA09237ED19D}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [uDP Query User{AD04013D-EF8C-42BA-AD69-AE452797C3C0}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe

FirewallRules: [{5F391C6A-BB62-4C3B-933F-F59C0C813BFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\nxsteam.exe

FirewallRules: [{9E440301-6FFB-4601-80CE-8B494D73AEC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\nxsteam.exe

FirewallRules: [{81375844-4225-4A22-BEDE-271C3DC0B919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe

FirewallRules: [{310370B4-B246-474D-9978-2A6BCFB337D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe

FirewallRules: [{02D6A731-4D74-4ABA-81CF-B199596B923B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\Offworld.exe

FirewallRules: [{0EF98F5D-2F13-4267-B55F-0C6CCCD5BE06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\Offworld.exe

FirewallRules: [{4BDFCE8D-E322-46F0-BD5E-D4612AD44394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe

FirewallRules: [{EE5F275B-6959-46EF-AD87-D227567A4135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe

FirewallRules: [{C9F4528A-0D0B-4635-9EB1-2119B61CBB6C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe

FirewallRules: [{229C8616-D40D-4ADD-BD25-9553417BD98D}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe

FirewallRules: [{D57F3917-C3C7-4566-A086-A3A6150E6D72}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe

FirewallRules: [{B913C5DF-8B3E-4B9F-A1E5-DE95EB8FC1F6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe

FirewallRules: [{6E04DD6B-D455-47B3-BAC1-1721730FCBC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe

FirewallRules: [{2B868E6B-6019-483B-BB6B-13B3FE944443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe

FirewallRules: [{C1C6F2B4-ADBE-4BA6-A714-A6F1D1BE7DCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{E316F5AB-BE4C-47CE-B306-CBD004A32B1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe

FirewallRules: [{385AAC63-4861-49CD-86FB-7CB33FE22219}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (06/14/2015 03:19:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (06/14/2015 03:19:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: TabletService Error: 

Could not init tablet driver

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: Prefs: Failed to open pref stream C:\Windows\system32\config\systemprofile\AppData\Roaming\WTablet\Wacom_Tablet.dat

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: Prefs: Failed to open pref stream C:\Windows\system32\config\systemprofile\AppData\Roaming\WTablet\Wacom_Tablet.dat

 

Error: (06/14/2015 02:28:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

 

Error: (06/14/2015 02:28:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

 

 

System errors:

=============

Error: (06/14/2015 03:17:41 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

Error: (06/14/2015 03:16:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The SAS Core Service service failed to start due to the following error: 

%%2

 

Error: (06/14/2015 03:15:04 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (06/14/2015 02:22:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The SAS Core Service service failed to start due to the following error: 

%%2

 

Error: (06/14/2015 02:21:23 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)

Description: CBS Client initialization failed. Last error: 0x8007045b

 

Error: (06/14/2015 02:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The SAS Core Service service failed to start due to the following error: 

%%2

 

Error: (06/14/2015 02:16:56 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (06/14/2015 02:16:05 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

 

Error: (06/14/2015 00:45:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TabletServiceWacom service.

 

Error: (06/13/2015 06:52:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The SAS Core Service service failed to start due to the following error: 

%%2

 

 

Microsoft Office:

=========================

Error: (06/14/2015 03:19:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (06/14/2015 03:19:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: Could not init tablet driver

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: Prefs: Failed to open pref stream C:\Windows\system32\config\systemprofile\AppData\Roaming\WTablet\Wacom_Tablet.dat

 

Error: (06/14/2015 03:16:34 PM) (Source: TabletServiceWacom) (EventID: 1) (User: )

Description: Prefs: Failed to open pref stream C:\Windows\system32\config\systemprofile\AppData\Roaming\WTablet\Wacom_Tablet.dat

 

Error: (06/14/2015 02:28:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000

 

Error: (06/14/2015 02:28:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000

 

Error: (06/14/2015 01:34:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-2520M CPU @ 2.50GHz

Percentage of memory in use: 44%

Total physical RAM: 3979 MB

Available physical RAM: 2219.19 MB

Total Pagefile: 7956.2 MB

Available Pagefile: 4689.35 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:440.76 GB) (Free:282.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C968D7DA)

Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)

Partition 2: (Active) - (Size=440.8 GB) - (Type=07 NTFS)

 

==================== End of log ============================

Link to post
Share on other sites

  • Root Admin

Great, glad things are working well for you now.

 

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
 
bwebb7v.jpgDownload Delfix from here and save it to your desktop. (you may already have this)

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.
  • Reboot

Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.


 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
 

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.