Jump to content

Chrome Virus

max_vader
 Share

Recommended Posts

TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.

Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites
max_vader

max_vader

Posted
  • Author
Posted

Here is the first log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015

Ran by Max (administrator) on MAXALIENWARE (26-07-2015 11:21:30)
Running from C:\Users\Max\Downloads
Loaded Profiles: Max &  (Available Profiles: Max)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\puush\puush.exe
(Flux Software LLC) C:\Users\Max\AppData\Local\FluxSoftware\Flux\flux.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Dropbox, Inc.) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Pushbullet Inc) C:\Users\Max\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Pushbullet Inc) C:\Users\Max\AppData\Local\Temp\pushbullet_watchdog.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Spotify Ltd) C:\Users\Max\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SystemPropertiesProtection.exe
(Microsoft Corporation) C:\Windows\System32\rstrui.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [igfxTray] => C:\Windows\system32\igfxtray.exe [456808 2014-10-15] ()
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-24] (Alienware)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-06-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-02-28] (Razer Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-04] (Autodesk Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-31] (VMware, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-07-23] (Google Inc.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [spotify Web Helper] => C:\Users\Max\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-23] (Spotify Ltd)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [Dropbox Update] => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-06-27] ()
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [f.lux] => C:\Users\Max\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [F7B9E70633AFD6CEE6F29AC81DA30B2D6A21B039._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-07-23] (Google Inc.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify Web Helper] => C:\Users\Max\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-23] (Spotify Ltd)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-06-27] ()
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Max\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-01-10]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-07-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-12-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3856306043-2401411674-944370237-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alienwarearena.com/welcome-us
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alienwarearena.com/welcome-us
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3856306043-2401411674-944370237-1002 -> {3B15B740-B60E-451C-83AC-EE064D67EB8A} URL = 
SearchScopes: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3B15B740-B60E-451C-83AC-EE064D67EB8A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-10-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-04] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-10-14] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-11-10] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3887CD7-BFE8-4296-9207-3969B7D90BC9}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-04] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-13] (Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3856306043-2401411674-944370237-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Extension: Disconnect - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\2.0@disconnect.me.xpi [2015-07-22]
FF Extension: Pushbullet - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2015-07-25]
FF Extension: Reddit Enhancement Suite - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2015-07-22]
FF Extension: Omnibar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\omnibar@ajitk.com.xpi [2015-07-25]
FF Extension: uBlock Origin - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\uBlock0@raymondhill.net.xpi [2015-07-22]
FF Extension: Imagus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2015-07-25]
FF Extension: All-in-One Sidebar - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\molj7pu1.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-01-04]
FF Extension: No Name - C:\Program Files\Waterfox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-25]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-07-25]
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-25]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-25]
CHR Extension: (ColorZilla) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-07-25]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-25]
CHR Extension: (Pushbullet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-07-25]
CHR Extension: (uBlock Origin) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-07-25]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-25]
CHR Extension: (Tampermonkey) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-07-25]
CHR Extension: (Google Sheets) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-07-25]
CHR Extension: (Deathamns) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2015-07-25]
CHR Extension: (Disconnect) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-07-25]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-07-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-25]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-07-25]
CHR Extension: (Google Mail Checker) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-25]
CHR HKU\S-1-5-21-3856306043-2401411674-944370237-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.)
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [14568 2014-10-24] (Alienware)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-06-26] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-07-01] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [83512 2012-11-20] (Micro-Star Int'l Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12732608 2015-05-31] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [50408 2015-04-23] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-06-26] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2012-11-20] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-02] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-26 11:21 - 2015-07-26 11:21 - 00033024 _____ C:\Users\Max\Downloads\FRST.txt
2015-07-26 11:21 - 2015-07-26 11:21 - 00000000 ____D C:\FRST
2015-07-26 11:20 - 2015-07-26 11:20 - 02146816 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2015-07-25 13:18 - 2015-07-25 18:33 - 00000000 ____D C:\AdwCleaner
2015-07-25 09:55 - 2015-07-25 10:08 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-25 09:32 - 2015-07-25 09:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-07-25 08:49 - 2015-07-25 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-25 08:43 - 2015-07-25 18:19 - 00001691 _____ C:\Windows\setupact.log
2015-07-25 08:43 - 2015-07-25 10:09 - 00122740 _____ C:\Windows\PFRO.log
2015-07-25 08:43 - 2015-07-25 08:43 - 00000000 _____ C:\Windows\setuperr.log
2015-07-25 08:34 - 2015-07-25 08:43 - 00000000 ____D C:\Program Files\Waterfox
2015-07-24 16:29 - 2015-07-24 16:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-23 08:09 - 2015-07-26 11:20 - 00350849 _____ C:\Windows\WindowsUpdate.log
2015-07-22 16:11 - 2015-07-22 16:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-22 15:59 - 2015-07-22 16:18 - 00000000 ____D C:\Users\Max\AppData\Roaming\Rainmeter
2015-07-22 15:59 - 2015-07-22 15:59 - 00001720 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-07-22 15:59 - 2015-07-22 15:59 - 00000000 ____D C:\Program Files\Rainmeter
2015-07-22 15:56 - 2015-07-22 15:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Omnimo UI
2015-07-21 16:14 - 2015-07-21 16:14 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-07-21 16:14 - 2015-07-02 23:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-21 16:14 - 2015-07-02 23:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 05:28 - 2015-07-14 09:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 05:28 - 2015-07-14 09:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 05:28 - 2015-07-14 09:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 05:28 - 2015-07-14 09:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 12:15 - 2015-07-16 12:15 - 00000000 ____D C:\Users\Max\AppData\Local\CEF
2015-07-15 12:35 - 2015-07-25 09:31 - 00000000 ____D C:\Users\Max\AppData\Roaming\QuickScan
2015-07-15 08:25 - 2015-07-09 14:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 08:25 - 2015-07-09 13:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 08:25 - 2015-07-09 11:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 08:25 - 2015-07-09 10:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 08:25 - 2015-07-09 10:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 08:25 - 2015-07-09 10:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 08:25 - 2015-07-09 10:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 08:25 - 2015-07-09 10:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 08:25 - 2015-07-09 10:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 08:25 - 2015-07-09 10:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 08:25 - 2015-07-09 10:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 08:25 - 2015-07-09 10:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 08:25 - 2015-07-09 10:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 08:25 - 2015-06-28 00:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 08:25 - 2015-06-28 00:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 08:25 - 2015-06-28 00:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 08:25 - 2015-06-28 00:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 08:25 - 2015-06-27 11:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 08:25 - 2015-06-26 22:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 08:25 - 2015-06-26 22:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 08:25 - 2015-06-26 22:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 08:25 - 2015-06-26 22:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 08:25 - 2015-06-26 22:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 08:25 - 2015-06-26 21:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 08:25 - 2015-06-26 21:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 08:25 - 2015-06-26 21:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 08:25 - 2015-06-26 21:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 08:25 - 2015-06-26 20:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 08:25 - 2015-06-26 20:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 08:25 - 2015-06-24 21:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 08:25 - 2015-06-15 17:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 08:25 - 2015-06-15 17:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 08:25 - 2015-06-15 16:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 08:25 - 2015-06-15 16:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 08:25 - 2015-06-15 15:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 08:25 - 2015-06-15 14:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 08:25 - 2015-05-30 16:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 08:25 - 2015-05-30 14:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 08:25 - 2015-05-30 14:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 08:25 - 2015-05-07 12:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 08:25 - 2015-05-07 12:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 08:25 - 2015-05-07 11:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 08:25 - 2015-05-07 11:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 08:25 - 2015-05-07 10:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 08:25 - 2015-05-07 10:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 08:25 - 2015-05-02 19:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 08:25 - 2015-04-29 18:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 08:24 - 2015-06-15 17:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 08:24 - 2015-06-15 17:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 08:24 - 2015-06-15 17:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 08:24 - 2015-06-15 17:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 08:24 - 2015-06-15 16:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 08:24 - 2015-06-15 16:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 08:24 - 2015-06-15 16:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 08:24 - 2015-06-15 16:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 08:24 - 2015-06-15 16:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 08:24 - 2015-06-15 16:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 08:24 - 2015-06-15 16:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 08:24 - 2015-06-15 16:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 08:24 - 2015-06-15 16:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 08:24 - 2015-06-15 15:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 08:24 - 2015-06-15 15:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 08:24 - 2015-06-15 15:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 08:24 - 2015-06-15 15:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 08:24 - 2015-06-15 15:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 08:24 - 2015-06-15 15:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 08:24 - 2015-06-15 15:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 08:24 - 2015-06-15 15:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 08:24 - 2015-06-15 15:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 08:24 - 2015-06-15 15:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 08:24 - 2015-06-15 15:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 08:23 - 2015-06-15 16:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 08:23 - 2015-06-15 16:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 08:23 - 2015-06-15 16:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 08:23 - 2015-06-15 16:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 08:23 - 2015-06-15 15:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 08:23 - 2015-06-15 15:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 08:23 - 2015-06-15 15:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 08:22 - 2015-07-02 16:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 08:22 - 2015-07-02 15:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 08:22 - 2015-07-02 15:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 08:22 - 2015-07-02 15:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 08:22 - 2015-07-02 15:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 08:22 - 2015-07-02 14:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 08:22 - 2015-07-02 14:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 08:22 - 2015-07-02 13:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 08:22 - 2015-07-01 17:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 08:22 - 2015-07-01 16:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 08:22 - 2015-06-29 17:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 08:22 - 2015-06-29 10:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 08:22 - 2015-06-29 10:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 08:22 - 2015-06-29 10:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 08:22 - 2015-06-29 10:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 08:22 - 2015-06-29 10:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 08:22 - 2015-06-26 18:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 08:22 - 2015-06-26 18:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 08:22 - 2015-06-16 00:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 08:22 - 2015-06-16 00:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 08:22 - 2015-06-15 17:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 08:22 - 2015-06-15 16:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 08:22 - 2015-06-10 22:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 08:22 - 2015-06-10 11:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 08:22 - 2015-05-12 08:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 08:22 - 2015-05-11 13:17 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-15 08:22 - 2015-05-11 11:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 08:22 - 2015-05-07 11:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 08:22 - 2015-05-03 10:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 08:22 - 2015-05-03 09:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 08:22 - 2015-05-03 09:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 08:22 - 2015-05-03 09:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 08:22 - 2015-05-01 18:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-15 08:22 - 2015-04-28 08:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 08:22 - 2015-04-28 08:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 08:22 - 2015-04-24 21:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 08:22 - 2015-04-23 10:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 08:22 - 2015-04-23 10:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-15 08:22 - 2014-11-04 14:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-15 08:22 - 2014-11-04 14:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-15 08:22 - 2014-11-04 01:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-15 08:22 - 2014-11-04 01:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-15 08:22 - 2014-11-04 01:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-15 08:22 - 2014-11-04 01:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-15 08:21 - 2015-05-03 10:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 08:21 - 2015-05-03 09:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 07:47 - 2015-07-14 07:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-13 19:09 - 2015-07-18 20:51 - 00000000 ____D C:\Users\Max\Skyrim Backup
2015-07-13 18:47 - 2015-07-19 12:46 - 00000000 ____D C:\Users\Max\AppData\Local\Black_Tree_Gaming
2015-07-13 18:47 - 2015-07-13 18:50 - 00000000 ____D C:\Users\Max\Documents\Nexus Mod Manager
2015-07-10 15:04 - 2015-07-13 19:14 - 00000000 ____D C:\Users\Max\AppData\Local\Skyrim
2015-07-09 20:34 - 2015-07-09 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2015-07-09 20:31 - 2015-07-10 14:18 - 00000000 ____D C:\Users\Max\SWKotOR
2015-07-08 19:09 - 2015-07-08 20:00 - 00000000 ____D C:\Program Files (x86)\LucasArts
2015-07-05 15:32 - 2015-07-12 19:08 - 00000000 ____D C:\Users\Max\Documents\Virtual Machines
2015-07-05 15:28 - 2015-07-12 19:09 - 00000000 ____D C:\Users\Max\AppData\Roaming\VMware
2015-07-05 15:28 - 2015-07-12 19:09 - 00000000 ____D C:\Users\Max\AppData\Local\VMware
2015-07-05 15:24 - 2015-05-31 07:59 - 00066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2015-07-05 15:24 - 2015-05-21 17:36 - 00076480 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2015-07-05 15:24 - 2015-05-21 17:35 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2015-07-05 15:24 - 2015-05-21 17:35 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2015-07-05 15:23 - 2015-07-05 15:23 - 00001024 _____ C:\Windows\SysWOW64\%TMP%
2015-07-05 15:23 - 2015-07-05 15:23 - 00000000 ____D C:\Program Files\Common Files\VMware
2015-07-05 15:23 - 2015-05-31 07:59 - 00931520 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2015-07-05 15:23 - 2015-05-31 07:59 - 00359104 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2015-07-05 15:23 - 2015-05-31 07:59 - 00026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2015-07-05 15:23 - 2015-05-31 07:58 - 00438464 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2015-07-05 15:23 - 2015-05-22 08:03 - 00055488 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2015-07-05 15:22 - 2015-07-25 18:18 - 00000000 ____D C:\ProgramData\VMware
2015-07-05 15:22 - 2015-07-05 15:22 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2015-07-05 15:22 - 2015-07-05 15:22 - 00000000 ____D C:\Program Files (x86)\VMware
2015-07-05 15:18 - 2015-07-10 09:01 - 00000000 ____D C:\Users\Max\Documents\Visual Studio 2015
2015-07-05 15:17 - 2015-07-05 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-05 15:17 - 2015-07-05 15:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-07-05 15:16 - 2015-07-05 15:16 - 00000000 ____D C:\Program Files\Application Verifier
2015-07-05 15:16 - 2015-07-05 15:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-05 15:16 - 2015-07-05 15:16 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-07-05 15:15 - 2015-07-05 15:15 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-07-05 15:15 - 2015-07-05 15:15 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-07-05 15:15 - 2015-07-05 15:15 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-07-05 15:14 - 2015-07-05 15:14 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-07-05 15:13 - 2015-07-05 15:13 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-07-05 15:13 - 2015-07-05 15:13 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-07-05 15:10 - 2015-07-05 15:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-07-05 15:10 - 2015-07-05 15:10 - 00000000 ____D C:\Program Files\IIS Express
2015-07-05 15:10 - 2015-07-05 15:10 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-07-05 15:09 - 2015-07-05 15:09 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-07-05 15:09 - 2015-07-05 15:09 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-07-05 15:08 - 2015-07-05 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-07-05 15:08 - 2015-07-05 15:08 - 00000000 ____D C:\Program Files\IIS
2015-07-05 15:08 - 2015-07-05 15:08 - 00000000 ____D C:\Program Files (x86)\IIS
2015-07-05 15:06 - 2015-07-05 15:06 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-07-05 15:06 - 2015-07-05 15:06 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-07-05 15:03 - 2015-07-05 15:03 - 00000000 ____D C:\Windows\symbols
2015-07-05 15:02 - 2015-07-05 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-07-05 15:00 - 2015-07-05 15:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-07-05 15:00 - 2015-07-05 15:00 - 00000000 ____D C:\Program Files (x86)\Invalid Visual Studio Folder
2015-07-05 14:59 - 2015-07-05 14:59 - 00029856 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-07-05 14:59 - 2015-07-05 14:59 - 00027816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-07-05 14:54 - 2015-07-10 09:01 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-07-05 14:54 - 2015-03-25 17:09 - 01005736 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:09 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 01005696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-07-05 14:54 - 2015-03-25 17:08 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-07-04 18:28 - 2015-07-04 18:28 - 00000000 ____D C:\Users\Max\Roms
2015-07-04 18:27 - 2015-07-04 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-07-04 18:27 - 2015-07-04 18:27 - 00000000 ____D C:\Program Files\Dolphin
2015-07-04 13:20 - 2015-07-04 13:20 - 00000000 ____D C:\Program Files\Sublime Text 3
2015-07-03 21:32 - 2015-07-03 21:32 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2015-07-03 21:30 - 2015-07-03 21:30 - 00001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2015-07-03 21:21 - 2015-07-03 21:21 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-07-03 21:14 - 2015-07-03 21:14 - 00001513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
2015-07-03 21:03 - 2015-07-03 21:03 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
2015-07-03 20:59 - 2015-07-03 20:59 - 00001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk
2015-07-03 20:53 - 2015-07-03 20:53 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-07-03 20:41 - 2015-07-03 20:41 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-07-03 20:34 - 2015-07-15 16:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-03 20:34 - 2015-07-15 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-03 19:26 - 2015-07-03 19:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\.purple
2015-07-03 19:24 - 2015-07-03 20:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\Foxit Software
2015-07-03 19:24 - 2015-07-03 19:24 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-07-03 19:23 - 2015-07-03 19:27 - 00000000 ____D C:\Program Files (x86)\Pidgin
2015-07-03 19:23 - 2015-07-03 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-03 19:23 - 2015-07-03 19:23 - 00000000 ____D C:\Program Files\7-Zip
2015-07-03 16:24 - 2015-07-03 16:26 - 00000000 ____D C:\Program Files (x86)\Clover
2015-07-03 16:24 - 2015-07-03 16:24 - 00000000 ____D C:\Users\Max\AppData\Local\Clover
2015-07-03 13:49 - 2015-07-03 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-07-03 13:49 - 2015-07-03 13:49 - 00000000 ____D C:\Program Files\Oracle
2015-07-03 13:49 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-07-03 13:49 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-07-03 12:25 - 2015-07-03 12:25 - 00000000 __RHD C:\Users\Max\AppData\Roaming\SecuROM
2015-07-03 10:18 - 2015-07-03 10:18 - 00000862 _____ C:\Users\Max\Documents\Downloads - Shortcut.lnk
2015-07-02 18:57 - 2015-07-24 17:15 - 00000000 ____D C:\Users\Max\Operating Systems
2015-07-01 19:48 - 2015-07-01 20:06 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2015-07-01 19:48 - 2015-07-01 19:48 - 00000000 ____D C:\ProgramData\GOG.com
2015-07-01 19:39 - 2015-07-01 19:39 - 00000000 ____D C:\Users\Max\Long Live the Queen
2015-07-01 19:39 - 2015-07-01 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Long Live the Queen [GOG.com]
2015-07-01 17:31 - 2015-07-01 17:31 - 00000000 ____D C:\Users\Max\ID Tech
2015-07-01 15:25 - 2015-07-01 15:25 - 00000000 ____D C:\Users\Max\AppData\Roaming\RenPy
2015-07-01 12:22 - 2015-07-10 09:55 - 00000000 ____D C:\Users\Max\AppData\Roaming\foobar2000
2015-07-01 12:20 - 2015-07-01 12:20 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2015-07-01 12:20 - 2015-07-01 12:20 - 00000000 ____D C:\Program Files (x86)\foobar2000
2015-06-29 17:11 - 2015-06-29 17:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-06-29 17:11 - 2015-06-29 17:11 - 00000000 ____D C:\Users\Max\AppData\Local\FluxSoftware
2015-06-29 10:38 - 2015-06-29 10:38 - 00000000 ____D C:\Users\Max\Documents\Test Game
2015-06-29 10:36 - 2015-06-29 10:37 - 00000000 ____D C:\Users\Max\Documents\Game
2015-06-28 14:29 - 2015-06-28 14:29 - 00000000 ____D C:\Users\Max\AppData\Local\SCE
2015-06-27 19:13 - 2015-06-27 19:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\puush
2015-06-27 19:13 - 2015-06-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2015-06-27 19:13 - 2015-06-27 19:13 - 00000000 ____D C:\Program Files (x86)\puush
2015-06-27 12:22 - 2015-07-22 15:59 - 00000000 ____D C:\Users\Max\Documents\Rainmeter
2015-06-27 11:56 - 2015-06-27 11:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-06-27 11:56 - 2015-06-27 11:56 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-06-27 11:55 - 2015-06-27 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-06-27 11:55 - 2015-06-27 11:55 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-06-27 08:47 - 2015-07-12 19:26 - 00000000 ____D C:\Users\Max\VirtualBox VMs
2015-06-26 17:15 - 2015-06-26 17:15 - 00000000 ____D C:\Users\Max\Documents\Arduino
2015-06-26 17:15 - 2015-06-26 17:15 - 00000000 ____D C:\Users\Max\AppData\Roaming\Arduino15
2015-06-26 17:15 - 2015-06-26 17:15 - 00000000 ____D C:\Users\Max\.jssc
2015-06-26 16:27 - 2015-06-26 16:27 - 00000000 ____D C:\Program Files (x86)\Arduino
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-26 11:22 - 2014-10-06 11:51 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4496027F-7B7A-4B5D-9A65-945F4F34787D}
2015-07-26 11:21 - 2014-11-05 14:58 - 00000000 ____D C:\Users\Max\AppData\Local\Adobe
2015-07-26 11:19 - 2014-10-06 12:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\ClassicShell
2015-07-26 11:18 - 2014-11-29 16:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 11:18 - 2014-07-15 01:20 - 00011719 _____ C:\Windows\SysWOW64\Gms.log
2015-07-26 11:18 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-25 21:28 - 2015-06-21 14:17 - 00000936 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3856306043-2401411674-944370237-1002UA.job
2015-07-25 21:18 - 2015-01-31 17:57 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-25 20:18 - 2015-01-31 17:57 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-25 18:41 - 2015-04-12 18:37 - 00000000 ____D C:\Users\Max\AppData\Local\Spotify
2015-07-25 18:40 - 2014-07-15 01:22 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-25 18:32 - 2015-04-12 18:36 - 00000000 ____D C:\Users\Max\AppData\Roaming\Spotify
2015-07-25 18:20 - 2015-05-18 16:13 - 00000000 ___RD C:\Users\Max\Google Drive
2015-07-25 18:20 - 2015-05-15 21:01 - 00000000 ____D C:\Users\Max\AppData\Local\Pushbullet
2015-07-25 18:20 - 2014-10-06 15:01 - 00000000 ___RD C:\Users\Max\Dropbox
2015-07-25 18:20 - 2014-10-06 12:46 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2015-07-25 18:20 - 2014-10-06 11:51 - 00000000 ___DO C:\Users\Max\OneDrive
2015-07-25 18:18 - 2014-07-15 01:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-25 18:18 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 13:48 - 2014-10-06 11:58 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2015-07-25 10:29 - 2014-10-06 11:48 - 00000000 ____D C:\Users\Max
2015-07-25 10:06 - 2014-10-06 11:53 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3856306043-2401411674-944370237-1002
2015-07-25 09:29 - 2014-10-06 11:52 - 00000000 ____D C:\Users\Max\AppData\Local\Google
2015-07-25 08:50 - 2015-04-04 08:56 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 08:49 - 2014-10-06 11:52 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-25 08:43 - 2014-11-29 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-25 08:42 - 2014-10-06 12:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2015-07-25 08:42 - 2013-08-22 08:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-25 08:28 - 2015-06-21 14:17 - 00000884 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3856306043-2401411674-944370237-1002Core.job
2015-07-24 16:29 - 2015-01-04 08:03 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-07-23 19:41 - 2014-03-18 04:53 - 00919614 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-23 09:10 - 2014-10-31 11:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2015-07-21 16:14 - 2014-07-15 01:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-21 07:57 - 2013-08-22 09:44 - 05161808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 05:46 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-19 20:05 - 2015-03-04 20:23 - 00000000 ____D C:\Users\Max\AppData\Roaming\vlc
2015-07-19 08:23 - 2015-06-21 14:17 - 00003878 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3856306043-2401411674-944370237-1002UA
2015-07-19 08:23 - 2015-06-21 14:17 - 00003498 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3856306043-2401411674-944370237-1002Core
2015-07-18 10:03 - 2015-01-04 07:44 - 00000000 ____D C:\Windows\Minidump
2015-07-17 12:18 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache
2015-07-16 14:18 - 2015-05-18 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 08:40 - 2015-04-04 08:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 20:13 - 2015-01-31 17:57 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 20:13 - 2015-01-31 17:57 - 00003668 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:12 - 2015-04-13 21:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\OBS
2015-07-15 20:12 - 2015-04-13 21:04 - 00000000 ____D C:\Program Files\OBS
2015-07-15 12:41 - 2014-12-10 09:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 12:41 - 2014-10-06 17:31 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 12:41 - 2013-08-22 10:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 12:41 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 10:28 - 2014-10-06 17:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 14:06 - 2014-11-04 20:26 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-14 14:06 - 2014-11-04 20:26 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 14:05 - 2014-11-04 20:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-14 14:05 - 2014-11-04 20:26 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-14 09:18 - 2014-10-06 19:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-14 09:18 - 2014-10-06 12:35 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 16:10 - 2014-10-06 17:35 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 16:10 - 2014-10-06 17:35 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-12 20:02 - 2015-03-29 16:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-12 19:47 - 2015-02-13 10:33 - 00000000 __RHD C:\Users\Max\.VirtualBox
2015-07-10 15:03 - 2014-10-06 18:49 - 00000000 ____D C:\Users\Max\Documents\my games
2015-07-08 15:13 - 2014-11-05 15:01 - 00000000 ____D C:\ProgramData\Adobe
2015-07-08 14:56 - 2015-01-22 22:38 - 00000000 ____D C:\Program Files\WinRAR
2015-07-06 17:58 - 2014-11-05 15:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-05 18:07 - 2014-10-11 11:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\SpaceEngineers
2015-07-05 15:23 - 2014-07-15 01:15 - 00882158 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-05 15:21 - 2014-10-09 10:21 - 00000000 ___RD C:\Users\Max\School
2015-07-05 15:18 - 2014-11-04 08:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-07-05 15:16 - 2014-11-04 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-05 15:16 - 2014-11-04 08:59 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-05 15:09 - 2015-01-07 16:37 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-07-05 15:07 - 2014-07-15 01:14 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-05 15:05 - 2014-11-04 08:58 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-07-05 15:03 - 2014-11-04 08:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-07-05 15:02 - 2014-11-04 08:58 - 00000000 ____D C:\Windows\system32\1033
2015-07-05 14:59 - 2014-07-15 01:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-05 14:36 - 2014-11-25 20:07 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieBrowserModeList
2015-07-05 14:36 - 2014-10-06 11:51 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieUserList
2015-07-05 14:36 - 2014-10-06 11:51 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieSiteList
2015-07-05 05:08 - 2014-10-08 10:52 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-04 13:20 - 2014-10-14 20:55 - 00000000 ____D C:\Users\Max\AppData\Local\Sublime Text 3
2015-07-03 21:36 - 2014-11-05 15:13 - 00000000 ____D C:\Program Files\Adobe
2015-07-03 21:36 - 2014-11-05 15:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-03 21:36 - 2014-11-05 14:59 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-03 21:30 - 2014-10-06 11:48 - 00000000 ____D C:\Users\Max\AppData\Roaming\Adobe
2015-07-03 20:53 - 2014-11-05 17:22 - 00000000 ____D C:\Users\Max\Documents\Adobe
2015-07-03 20:15 - 2015-01-22 09:35 - 00000000 __RHD C:\ESD
2015-07-03 08:43 - 2014-10-06 17:13 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 23:28 - 2014-11-04 20:26 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-30 08:41 - 2015-05-15 21:01 - 00000000 ____D C:\Program Files (x86)\Pushbullet
2015-06-29 10:38 - 2015-05-30 20:36 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-29 10:38 - 2014-10-08 13:14 - 00000000 ____D C:\ProgramData\Unity
2015-06-29 10:38 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-06-29 10:15 - 2015-03-11 16:16 - 00000000 ____D C:\Users\Max\Documents\Test
2015-06-28 16:51 - 2015-06-12 19:27 - 00000000 ____D C:\Users\Max\AppData\Roaming\Nidhogg
2015-06-27 20:49 - 2014-10-21 21:32 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-06-27 11:56 - 2015-03-08 21:01 - 00000000 ____D C:\Program Files (x86)\Image-Line
2015-06-27 11:55 - 2015-03-08 21:05 - 00000000 ____D C:\Program Files\Image-Line
2015-06-27 11:55 - 2014-12-09 20:19 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
 
==================== Files in the root of some directories =======
 
2014-11-15 12:33 - 2014-11-15 12:33 - 0002260 _____ () C:\Users\Max\AppData\Local\recently-used.xbel
2014-12-09 19:26 - 2015-05-25 12:33 - 0007598 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg
2014-07-15 01:13 - 2014-07-15 01:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-10 11:17 - 2014-12-10 11:17 - 0000032 _____ () C:\ProgramData\Temp.log
2014-07-15 01:21 - 2014-07-15 01:21 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-07-15 01:18 - 2014-07-15 01:19 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-07-15 01:19 - 2014-07-15 01:20 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-07-15 01:20 - 2014-07-15 01:21 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-07-15 01:18 - 2014-07-15 01:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Some files in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplijjw1.dll
C:\Users\Max\AppData\Local\Temp\pushbullet_watchdog.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-17 11:06
 
==================== End of log ============================
Link to post
Share on other sites
max_vader

max_vader

Posted
  • Author
Posted

Here is the second log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Max at 2015-07-26 11:22:05
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3856306043-2401411674-944370237-500 - Administrator - Disabled)
Guest (S-1-5-21-3856306043-2401411674-944370237-501 - Limited - Disabled)
Max (S-1-5-21-3856306043-2401411674-944370237-1002 - Administrator - Enabled) => C:\Users\Max
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.1.110 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{3B0BFF91-F5EE-4EE3-84B9-5822AF012632}) (Version: 4.0.51.0 - Dell Inc.)
Alienware Command Center (Version: 4.0.51.0 - Dell Inc.) Hidden
Application Insights Tools for Visual Studio 2015 RC (x32 Version: 3.2 - Microsoft Corporation) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r2 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk DirectConnect 2016 64-bit (HKLM\...\Autodesk DirectConnect 2016 64-bit) (Version: 10.0.98.0 - Autodesk)
Autodesk DirectConnect 2016 64-bit (Version: 10.0.98.0 - Autodesk) Hidden
Autodesk Maya 2016 (HKLM\...\Autodesk Maya 2016) (Version: 16.1.1705.0 - Autodesk)
Autodesk Maya 2016 (Version: 16.1.1705.0 - Autodesk) Hidden
Autodesk Maya 2016 SP1 (HKLM\...\Autodesk Maya 2016 SP1) (Version: 16.1.1705.0 - Autodesk)
AzureTools.Notifications (x32 Version: 2.6.30331.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Canon LBP6000/LBP6018 (HKLM\...\Canon LBP6000/LBP6018) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dotfuscator and Analytics Community Edition 5.18.0 (x32 Version: 5.18.0.2789 - PreEmptive Solutions) Hidden
Download Windows Universal Tools (x32 Version: 14.0.22823 - Microsoft Corporation) Hidden
Dropbox (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
f.lux (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version:  - )
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
From The Depths (HKLM-x32\...\Steam App 268650) (Version:  - Brilliant Skies Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GitHub (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
IIS 10.0 Express (HKLM\...\{5456A561-2429-411B-B2C8-CAE4411D446B}) (Version: 10.0.1733 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000F0}) (Version: 7.0.0 - Oracle)
Kerbal Space Program (HKLM-x32\...\{ED501254-06B8-4883-B7F3-4799C9EDD288}_is1) (Version: 1.0 - Squad)
King Arthur's Gold (HKLM-x32\...\Steam App 219830) (Version:  - )
KotOR - Ultimate version 0.4 (HKLM-x32\...\KotOR - Ultimate_is1) (Version: 0.4 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Long Live the Queen (HKLM-x32\...\GOGPACKLLTQ_is1) (Version: 2.0.0.3 - GOG.com)
M4-78 Enhancement Project (HKLM-x32\...\The Sith Lords Restored Content Mod_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 RC Multi-Targeting Pack (ENU) (HKLM-x32\...\{E689C2B1-3711-4FF7-95C4-1F4932A2B493}) (Version: 4.6.00057 - Microsoft Corporation)
Microsoft .NET Framework 4.6 RC Multi-Targeting Pack (HKLM-x32\...\{F1052F45-79C1-48D6-979F-CC5B6F864615}) (Version: 4.6.00057 - Microsoft Corporation)
Microsoft .NET Framework 4.6 RC SDK (HKLM-x32\...\{7318F8D8-AFC9-499C-9909-1CA56E7E7FB4}) (Version: 4.6.00057 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta4 (HKLM\...\{a87918f8-8462-36ae-ab64-5bac8473c726}) (Version: 1.0.10413.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.22823 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50325.0) (HKLM-x32\...\{91A6AD24-DADE-407B-B19B-65000C22B931}) (Version: 14.0.50325.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 RC (HKLM-x32\...\{d79c19c8-760e-4fc2-a85a-8a89093b59e6}) (Version: 14.0.22823 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 Beta3 (HKLM\...\{07F0FC77-282E-42E5-BAE6-B8C098F8453E}) (Version: 3.1238.1942 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0a2 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.6 - Micro-Star Int'l Co., Ltd.)
MSI ODD Monitor (x32 Version: 1.0.0.6 - Micro-Star Int'l Co., Ltd.) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.22823 - Microsoft Corporation) Hidden
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Planet Explorers (HKLM-x32\...\Steam App 237870) (Version:  - Pathea Games)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Python Tools 2.1 for Visual Studio 2013 (HKLM-x32\...\{7AD18985-A5E6-443D-B0AB-A9ECFBB389A0}) (Version: 2.1.21008.00 - Microsoft Corporation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 beta r2416 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.24565 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Roslyn Language Services - x86 (x32 Version: 14.0.22823 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Spotify (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars Knights of the Old Republic (HKLM-x32\...\Star Wars Knights of the Old Republic) (Version: 1.03 - LucasArts)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text Build 3065 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Subnautica (HKLM-x32\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 RC (x32 Version: 14.0.22821 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 RC (x32 Version: 14.0.22823 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Escapists (HKLM-x32\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.4.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.4.3.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.0.0f4 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3856306043-2401411674-944370237-1002\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10056 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10058 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10056 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10056 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.2 - VMware, Inc)
VMware Workstation (Version: 11.1.2 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2014 (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
Windforge (HKLM-x32\...\Steam App 266170) (Version:  - Snowed In Studios)
XnView 2.30 (HKLM-x32\...\XnView_is1) (Version: 2.30 - Gougelet Pierre-e)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3856306043-2401411674-944370237-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
Link to post
Share on other sites
max_vader

max_vader

Posted
  • Author
Posted

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.

Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Sorry about that the second one was too long anyway here are the logs

Addition.txt

FRST.txt

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

FRST.gif Fix with Farbar Recovery Scan Tool
 


icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please upload it to your reply.
 
 
 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and upload your next reply.

fixlist.txt

Link to post
Share on other sites
max_vader

max_vader

Posted
  • Author
Posted

FRST.gif Fix with Farbar Recovery Scan Tool

 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif

icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 

Download attached fixlist.txt file and save it to the Desktop:

 

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please upload it to your reply.

 

 

 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

 

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and upload your next reply.

Ok here you go.

Fixlog.txt

mbamScanLog.txt

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

Let's try this:
 
Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
Link to post
Share on other sites
max_vader

max_vader

Posted
  • Author
Posted

 

Let's try this:

 

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.

To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

 

I am running windows 8.1 did what you did but there was no restart needed. I couldn't find wininit in event viewer either.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.