gpkenny
2015-05-23, 11:57
Hi, When I attempt to open spybot I receive system error - This program can't start because rtl150.bpl is missing from your computer. In addition, I am unable to uninstall spybot, as it appears the uninstall file is missing. Many Thanks for your help.
Logs as requested.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Asus (administrator) on G751 on 23-05-2015 09:32:05
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\pia_manager\pia_manager.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://www.ruby-lang.org/) C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
() C:\Windows\SysWOW64\UMonit64.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(http://www.ruby-lang.org/) C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276040 2014-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-05-06] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [BitTorrent] => C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\RunOnce: [Install Spybot - Search & Destroy] => C:\Users\Asus\Downloads\spybot-2.4.exe [46525608 2015-05-23] (Safer-Networking Ltd. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/?gws_rd=ssl
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-30] (Oracle Corporation)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-30] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\ivzp6exh.default-1429333259325
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\ivzp6exh.default-1429333259325\user.js [2015-04-23]
Chrome:
=======
CHR StartupUrls: Default -> "https://uk.search.yahoo.com/?type=888596&fr=yo-yhp-ch"
CHR DefaultSearchKeyword: Default -> 8790E33947437775DAB9AF3BD2BE78BE1975A67113FC29AEF2D0BE14163FF033
CHR DefaultSearchURL: Default -> B0DEBF26C478ED495FBDD48396ED9D96D78924FF37D82B6A9E4F532A7940EB57
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (WOT) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Adblock Plus) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-05-09] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-09] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) []
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-09] (NVIDIA Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244504 2015-04-15] (SlimWare Utilities, Inc.)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-06-05] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-04-16] (Avira Operations GmbH & Co. KG)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-05-21] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-04-09] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-09] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-05-23] (SlimWare Utilities, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 msahci; system32\drivers\msahci.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:32 - 2015-05-23 09:32 - 00021487 _____ () C:\Users\Asus\Downloads\FRST.txt
2015-05-23 09:31 - 2015-05-23 09:31 - 02108416 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2015-05-23 09:20 - 2015-05-23 09:20 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Asus\Downloads\spybot-2.4.exe
2015-05-23 09:17 - 2015-05-23 09:17 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Avira
2015-05-23 09:16 - 2015-04-16 15:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-23 09:14 - 2015-05-23 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-23 09:14 - 2015-05-23 09:16 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-23 09:14 - 2015-05-23 09:14 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\Asus\Downloads\avira_en_av_556031d617f5f__ws.exe
2015-05-23 09:14 - 2015-05-23 09:14 - 00001225 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-23 07:45 - 2015-05-23 07:45 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-05-22 21:29 - 2015-05-22 21:43 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2015-05-19 05:35 - 2015-05-23 08:22 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2015-05-16 05:48 - 2015-05-16 05:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 14:39 - 2015-05-13 14:39 - 00451848 _____ () C:\Windows\Minidump\051315-29218-01.dmp
2015-05-13 05:10 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 05:10 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 04:48 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 04:48 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 04:48 - 2015-04-24 22:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 04:48 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 04:48 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 04:48 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 04:48 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 04:48 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 04:48 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 04:48 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 04:48 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 04:48 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 04:48 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 04:48 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 04:48 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 04:48 - 2015-04-21 17:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 04:48 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 04:48 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 04:48 - 2015-04-21 16:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 04:48 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 04:48 - 2015-04-21 16:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 04:48 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 04:48 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 04:48 - 2015-04-21 16:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 04:48 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 04:48 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 04:48 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 04:48 - 2015-04-21 16:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 04:48 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 04:48 - 2015-04-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 04:48 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 04:48 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 04:48 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 04:48 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 04:48 - 2015-04-21 16:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 04:48 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 04:48 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 04:48 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 04:48 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 04:48 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 04:48 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 04:48 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 04:48 - 2015-04-13 23:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 04:48 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 04:48 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 04:48 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 04:48 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 04:48 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 04:48 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 04:48 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 04:48 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 04:48 - 2015-03-05 00:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 19:20 - 2015-05-12 19:20 - 00355448 _____ () C:\Windows\Minidump\051215-98218-01.dmp
2015-05-11 07:34 - 2015-05-19 12:00 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-11 07:34 - 2015-05-19 12:00 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-08 18:03 - 2015-05-08 18:03 - 00343648 _____ () C:\Windows\Minidump\050815-18406-01.dmp
2015-05-07 15:09 - 2015-05-13 14:38 - 1011441449 _____ () C:\Windows\MEMORY.DMP
2015-05-07 10:24 - 2015-05-23 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-05-07 10:24 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\Waves
2015-05-07 10:24 - 2015-05-07 10:24 - 00003138 _____ () C:\Windows\System32\Tasks\RtHDVBg
2015-05-07 10:24 - 2015-05-07 10:24 - 00003134 _____ () C:\Windows\System32\Tasks\RTKCPL
2015-05-07 10:24 - 2015-05-07 10:24 - 00001238 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2015-05-07 10:23 - 2015-05-23 08:22 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-07 10:23 - 2000-01-01 01:00 - 72506368 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-07 10:23 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 04273880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-07 10:23 - 2000-01-01 01:00 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02822512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-07 10:23 - 2000-01-01 01:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01458788 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-07 10:23 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-07 10:22 - 2015-05-23 08:53 - 00021262 _____ () C:\Windows\PFRO.log
2015-05-07 10:17 - 2000-01-01 01:00 - 00874712 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-05-07 10:17 - 2000-01-01 01:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-05-07 10:15 - 2015-04-08 21:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-07 10:14 - 2015-05-23 09:12 - 00027478 _____ () C:\Windows\setupact.log
2015-05-07 10:14 - 2015-05-07 10:14 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-07 10:14 - 2015-04-09 01:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00849552 _____ () C:\Windows\system32\nvmcumd.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00100680 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-07 10:13 - 2015-05-07 10:13 - 00000000 ____D () C:\NVIDIA
2015-05-07 10:11 - 2015-05-07 10:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-05-07 10:10 - 2015-05-23 09:13 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-05-07 10:10 - 2015-05-23 09:13 - 00000418 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Users\Asus\AppData\Local\Downloaded Installers
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\SlimService
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2015-05-07 10:10 - 2015-05-07 10:10 - 00002822 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2015-05-07 07:47 - 2015-05-07 07:47 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\Users\Asus\AppData\Local\Intel
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-05-06 17:00 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-06 17:00 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-06 17:00 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-06 17:00 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-06 17:00 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-06 17:00 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-06 17:00 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-06 17:00 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-06 17:00 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-06 17:00 - 2015-03-17 18:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-06 17:00 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-06 17:00 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-06 17:00 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-06 17:00 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-06 17:00 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-06 17:00 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-06 17:00 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-06 17:00 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-06 17:00 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-06 17:00 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-06 17:00 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-06 17:00 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-06 17:00 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-06 17:00 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-06 17:00 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-06 17:00 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-05-06 17:00 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-05-06 17:00 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-06 17:00 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-06 17:00 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-06 17:00 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-05-06 17:00 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-05-06 17:00 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-05-06 17:00 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-05-06 17:00 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-06 17:00 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-06 17:00 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-06 17:00 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-05-06 17:00 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-05-06 17:00 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-05-06 17:00 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-06 17:00 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-06 17:00 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-05-06 17:00 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-06 17:00 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-05-06 17:00 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-06 17:00 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-05-06 17:00 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-06 17:00 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-05-06 17:00 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-05-06 17:00 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-05-06 17:00 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-05-06 17:00 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-05-06 17:00 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-05-06 17:00 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-05-06 17:00 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-05-06 17:00 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-05-06 17:00 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-05-06 17:00 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-05-06 17:00 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-05-06 17:00 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-05-06 17:00 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-05-06 17:00 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-05-06 17:00 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-05-06 17:00 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-05-06 17:00 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-05-06 17:00 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-05-06 17:00 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-05-06 17:00 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-06 17:00 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-06 17:00 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-05-06 17:00 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-05-06 17:00 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-05-06 17:00 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-05-06 17:00 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-05-06 17:00 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-06 17:00 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-05-06 17:00 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-05-06 17:00 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-05-06 17:00 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-05-06 17:00 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-05-06 17:00 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-05-06 17:00 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-05-06 17:00 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-05-06 17:00 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-05-06 17:00 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-05-06 17:00 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-05-06 17:00 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-05-06 17:00 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-05-06 17:00 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-05-06 17:00 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-05-06 17:00 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-05-06 17:00 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-05-06 17:00 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-05-06 17:00 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-05-06 17:00 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-05-06 17:00 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-05-06 17:00 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-05-06 17:00 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-05-06 17:00 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-05-06 17:00 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-05-06 16:59 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-06 16:59 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-06 16:59 - 2015-03-13 01:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-06 16:59 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-06 16:59 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\Program Files (x86)\TweakBit
2015-05-06 16:29 - 2015-05-06 16:29 - 00000000 ____D () C:\ProgramData\TweakBit
2015-05-06 16:29 - 2015-05-06 16:29 - 00000000 ____D () C:\ProgramData\BSD
2015-05-04 17:30 - 2015-05-04 17:30 - 00000000 ____D () C:\ProgramData\Binarysense
2015-05-01 06:34 - 2015-05-23 08:21 - 00000000 ____D () C:\Users\Asus\AppData\Local\SlimWare Utilities Inc
2015-05-01 06:34 - 2015-05-07 10:09 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-05-01 06:34 - 2015-05-01 07:42 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2015-05-01 06:34 - 2015-05-01 06:34 - 00003004 _____ () C:\Windows\System32\Tasks\SlimCleaner Run
2015-05-01 06:34 - 2015-05-01 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2015-04-30 18:13 - 2015-04-30 18:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-30 18:13 - 2015-04-30 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-30 18:13 - 2015-04-30 18:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-30 18:07 - 2015-04-30 18:07 - 00000000 ____D () C:\Users\Asus\AppData\Local\Secunia PSI
2015-04-30 18:07 - 2015-04-30 18:07 - 00000000 ____D () C:\Program Files (x86)\Secunia
2015-04-26 17:02 - 2015-04-26 17:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-04-26 16:31 - 2015-04-26 16:31 - 00000000 ____D () C:\114db0cc6fdadf587ead
2015-04-23 11:03 - 2015-04-23 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:32 - 2015-03-06 09:51 - 00000000 ____D () C:\FRST
2015-05-23 09:28 - 2015-03-05 16:11 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\BitTorrent
2015-05-23 09:25 - 2015-03-03 09:48 - 01613932 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 09:19 - 2013-12-13 12:27 - 00810868 _____ () C:\Windows\system32\perfh013.dat
2015-05-23 09:19 - 2013-12-13 12:27 - 00166216 _____ () C:\Windows\system32\perfc013.dat
2015-05-23 09:19 - 2013-12-13 12:11 - 00814850 _____ () C:\Windows\system32\perfh00C.dat
2015-05-23 09:19 - 2013-12-13 12:11 - 00163070 _____ () C:\Windows\system32\perfc00C.dat
2015-05-23 09:19 - 2013-12-13 05:09 - 02783592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-23 09:17 - 2015-03-03 11:59 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4202764557-1761152932-1492796901-1001
2015-05-23 09:16 - 2015-03-07 09:40 - 00000000 ____D () C:\ProgramData\Avira
2015-05-23 09:14 - 2015-03-06 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 09:14 - 2015-03-03 09:48 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-23 09:12 - 2015-03-06 15:34 - 00000000 __RDO () C:\Users\Asus\OneDrive
2015-05-23 09:12 - 2015-03-03 11:54 - 00000093 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2015-05-23 09:12 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-23 09:12 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 09:08 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-23 08:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-23 08:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-23 08:22 - 2015-04-13 18:29 - 00000000 ____D () C:\Users\Asus\AppData\Local\Akamai
2015-05-23 08:22 - 2015-04-08 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-23 08:22 - 2015-04-08 07:47 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-23 08:22 - 2015-04-05 02:57 - 00000000 ____D () C:\Windows\Minidump
2015-05-23 08:22 - 2015-04-04 09:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-23 08:22 - 2015-04-04 09:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 08:22 - 2015-04-02 12:50 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-05-23 08:22 - 2015-04-02 12:47 - 00000000 ____D () C:\Program Files\WOT
2015-05-23 08:22 - 2015-04-02 12:47 - 00000000 ____D () C:\Program Files (x86)\WOT
2015-05-23 08:22 - 2015-03-16 12:53 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2015-05-23 08:22 - 2015-03-16 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-23 08:22 - 2015-03-16 12:52 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-05-23 08:22 - 2015-03-08 07:14 - 00000000 ____D () C:\Users\Asus\AppData\Local\PokerStars.UK
2015-05-23 08:22 - 2015-03-08 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-23 08:22 - 2015-03-08 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-23 08:22 - 2015-03-06 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-05-23 08:22 - 2015-03-06 13:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-23 08:22 - 2015-03-03 11:54 - 00000000 ____D () C:\Users\Asus
2015-05-23 08:22 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-23 08:22 - 2015-03-03 09:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-23 08:22 - 2015-03-03 09:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-23 08:22 - 2013-12-13 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-23 08:22 - 2013-12-13 05:10 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-23 08:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-23 08:21 - 2015-03-03 11:54 - 00000000 ____D () C:\Users\Asus\AppData\Local\NVIDIA
2015-05-23 08:21 - 2015-03-03 09:56 - 00000000 ____D () C:\Program Files\Realtek
2015-05-23 08:21 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-23 08:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-05-23 08:20 - 2015-03-03 09:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-23 07:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-23 07:06 - 2015-03-03 09:56 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-05-22 21:17 - 2015-03-06 10:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-19 21:08 - 2015-03-05 15:41 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31481147-3A5A-4832-888E-FFA8D7CBFAFF}
2015-05-18 07:54 - 2015-03-08 06:52 - 00000000 ____D () C:\ProgramData\Skype
2015-05-17 15:21 - 2015-03-05 17:43 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe
2015-05-17 15:20 - 2015-03-06 11:35 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-17 15:19 - 2015-04-01 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 02:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-05-13 14:38 - 2013-08-22 15:44 - 00337976 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 05:10 - 2015-03-05 16:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 05:09 - 2015-03-05 16:56 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 05:08 - 2013-08-22 21:59 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-11 07:34 - 2015-03-03 10:01 - 00003382 _____ () C:\Windows\System32\Tasks\Update Checker
2015-05-07 10:24 - 2015-03-03 09:56 - 00006786 _____ () C:\Windows\system32\Drivers\rtwavesEFX.dat
2015-05-07 10:24 - 2015-03-03 09:56 - 00002626 _____ () C:\Windows\system32\Drivers\rtwavesMFX.dat
2015-05-07 10:23 - 2015-03-03 09:56 - 00317062 _____ () C:\Windows\system32\Drivers\RTWAVES40.dat
2015-05-07 10:20 - 2015-03-03 09:49 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-07 10:00 - 2015-03-03 09:49 - 00000000 ____D () C:\ProgramData\Intel
2015-05-07 10:00 - 2015-03-03 09:49 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-07 09:59 - 2015-03-03 09:48 - 00000000 ____D () C:\Program Files\Intel
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-05-06 17:06 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-06 16:29 - 2013-08-22 14:25 - 00000187 _____ () C:\Windows\win.ini
2015-05-05 18:59 - 2015-03-06 15:07 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 18:59 - 2015-03-06 15:07 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-04 11:46 - 2015-03-03 10:05 - 00000000 ____D () C:\ProgramData\Temp
2015-05-01 08:21 - 2015-03-08 07:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.UK
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-01 06:35 - 2013-12-13 12:45 - 00000000 ____D () C:\Windows\Panther
2015-04-26 05:58 - 2015-03-06 16:21 - 00000000 ____D () C:\Program Files (x86)\Full Tilt UK
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-04-23 08:50 - 2015-03-03 10:06 - 00000000 ____D () C:\ProgramData\ASUS
2015-04-23 08:49 - 2015-03-08 11:41 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\WildTangent
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-04-23 08:48 - 2015-03-14 03:20 - 00000000 ____D () C:\ProgramData\Yahoo!
==================== Files in the root of some directories =======
2015-03-03 11:54 - 2015-05-23 09:12 - 0000093 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2015-03-10 09:15 - 2015-03-10 09:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-03 09:56 - 2015-03-03 09:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 05:09 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 05:09 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 05:09 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-17 10:02
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Asus at 2015-05-23 09:32:28
Running from C:\Users\Asus\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4202764557-1761152932-1492796901-500 - Administrator - Disabled)
Asus (S-1-5-21-4202764557-1761152932-1492796901-1001 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-4202764557-1761152932-1492796901-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4202764557-1761152932-1492796901-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Spybot - Search and Destroy (Disabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.2 - ASUS)
ASUS Intel Extreme Tuning Utility (HKLM-x32\...\{17933add-8de8-4586-b331-96f1070ae737}) (Version: 4.4.0.205 - Intel Corporation)
ASUS Intel Extreme Tuning Utility (x32 Version: 4.4.0.205 - Intel Corporation) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.1 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Avira (HKLM-x32\...\{022ef99f-0db2-4efc-964d-5dd2da3151f6}) (Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4105 - CyberLink Corp.)
ETDWare PS/2-X64 11.5.13.9_WHQL (HKLM\...\Elantech) (Version: 11.5.13.9 - ELAN Microelectronic Corp.)
Free Stopwatch 3.0.2 (HKLM-x32\...\{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 3.0 - Comfort Software Group)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5AE8ACA2-420B-4196-A8E0-20E8EB274E0F}) (Version: 17.1.1512.0771 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4718.78 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-GB)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7388 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimCleaner Plus (HKLM\...\{5F5EF771-2B0B-401C-969C-38399DF75D35}) (Version: 1.3.1 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
07-05-2015 10:23:35 Installed Realtek High Definition Audio Driver
13-05-2015 05:08:38 Windows Update
19-05-2015 22:25:58 Windows Update
21-05-2015 12:17:26 SlimDrivers Installing Drivers
21-05-2015 12:26:19 Removed Realtek High Definition Audio Driver
21-05-2015 12:28:00 Installed Realtek High Definition Audio Driver
22-05-2015 21:20:02 Removed WOT for Internet Explorer
22-05-2015 21:41:47 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0253208C-4A01-4EFB-86ED-409A6DF0D358} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-04-30] (ASUSTek Computer Inc.)
Task: {0412A4E0-1537-4263-BB7A-5C5441275D3D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {103B5C55-4882-4864-9CDB-6F2E510069E0} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {132BDEEA-686F-401F-A556-AFBABEF03056} - System32\Tasks\TweakBit\PCSpeedUp\Start PCSpeedUp оn logon => C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe <==== ATTENTION
Task: {258168F4-D901-4B73-93E8-539979036F33} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {345A5E38-18F6-4437-A156-ED073C7F847D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {372B9077-624D-444E-B2E4-ADA4FC6B81D4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {3B82C99E-02C2-486F-8F37-9D4F9D70954F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {3C3BBE8C-9959-4B82-8F4D-1B92FE0EF9F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {40F61B3D-3125-4F57-93DF-8D457A9703AE} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.)
Task: {67608500-6E4C-4CF4-919E-02D076178573} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6F6CB227-C83A-4385-8CF1-08B26208DFB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {8A8A8176-95CA-44AA-83FC-453ADE3570AC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {95A58846-6BB3-44E8-98D5-EE3273CE4507} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {97E5BA15-7F7B-410D-AA72-5D5D4E93D71C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {9D564E4F-7555-4C05-A36F-96E84FAB404F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {9DB2E73F-242B-4A34-8C54-6E83EB214422} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {9E7F0333-6C60-4600-8714-DD3236C561F5} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-03-08] ()
Task: {A6965D26-0A86-4D1B-AEEE-462AD7B86C61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated)
Task: {AA4A4B69-B037-49FE-B2F8-E549328374FA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {B724322B-BA53-43D0-BE73-E5552FF58AE5} - System32\Tasks\TweakBit\PCSpeedUp\Time for deal => C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe <==== ATTENTION
Task: {B9DF4181-A3D3-415B-9FA1-290E5753F1E8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2000-01-01] (Realtek Semiconductor)
Task: {BEFAB2D4-7C3C-4E94-8B8B-BE8D501A8A82} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {C6CE6890-6B30-481D-84AA-B6A253709F4D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-07-09] (ASUSTek Computer Inc.)
Task: {D9EA3712-4A59-47B7-9EC0-8BCEFEE697C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {DAD73489-A395-4FD3-94C8-280B712A25D1} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {E1202477-C56C-4D96-89AD-D3C48E48D598} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {E8989D4A-3344-4123-A94A-2D0B3DAF4B89} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FA27B8E7-A12F-4B14-8FCE-7E3AAD6BBE31} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {FCE22663-144D-4CEA-883E-0EC4B8698A39} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2000-01-01] (Realtek Semiconductor)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 09:52 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-05-09 13:21 - 2015-05-09 13:21 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-03-03 09:59 - 2014-02-26 04:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-05-07 10:16 - 2015-04-09 01:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00012800 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009728 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00014848 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\src\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009216 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00126976 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00087552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00016384 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00127316 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\bin\libffi-6.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00013312 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00095744 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00012800 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009728 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00014848 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\src\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00118784 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00069120 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00083968 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\zlib1.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00275968 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00015360 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00008192 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00009216 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00023552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00036352 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00126976 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00087552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00016384 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00127316 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\libffi-6.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00013312 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00095744 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-03-06 12:13 - 2015-03-08 07:01 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-03-03 09:55 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Asus\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Asus\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1001movie.com -> 1001movie.com
There are 6091 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "ROGNB"
HKLM\...\StartupApproved\Run32: => "ASUS ROG MacroKey"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0E2D0E8C-39A3-4BDB-B158-25FFE77313D2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{211B59A3-56F3-42B9-9EE9-E50BF7668F14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBEEE043-7761-4107-BB4E-E5B80B3BEBDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D8899967-1FA3-445A-A89F-FC01764B52F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BE3EA452-9358-4264-9E3A-9B5D42E28753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{065E05E2-3EAF-4E44-B270-82F82D49B582}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2D4BED1E-DA76-4699-A45D-1FD90EEC8392}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B146C685-DBE2-41DA-BB80-C1BBB52EA4F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6B2C93F-B29C-4C77-B11F-61D32D157778}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{1BA6D593-541F-4F63-853D-F937D3C936B5}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{04781A3E-4FF9-43F9-A9DD-FA47656089FD}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{DB75DE74-FD9E-4648-A3C2-8F5400E67759}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{E3AF2AA4-1AAC-448F-AB9E-98B81FBE7BFE}] => (Allow) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1AAB904B-ED1C-4BBE-A85E-D142E6C9E77C}] => (Allow) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BC425A47-A540-489C-810C-8DF8B6971C3B}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{0C428927-AFCC-4493-A695-91B7ACB0CA91}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D68E31ED-3D2E-423C-A8D7-4C87A3D00A34}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B4B7F89-ED36-4CBF-AB13-3B5658B79407}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{880E0DEF-083B-4CB2-81DB-37CD4D5A1B0B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{EC4809C9-ADAE-4897-9374-C833EEEF7E7E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6554A6FD-44FC-47D3-8BE2-4ABBE636E6BB}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E3A9BE6-EE12-41FF-BFEC-909251FBCE98}] => (Allow) D:\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{034361B6-F499-4D01-83D1-24302210EDF1}] => (Allow) D:\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{43A20772-7501-4418-9231-E72872BCD1C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C042886-83FD-44AA-B577-3B7EA1D9B6F3}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{D2981FB4-887C-43BE-98FF-383214B0B1C5}] => (Allow) LPort=5357
FirewallRules: [{26F55D82-E91E-4ABA-AA72-320E78481ADB}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9F4041EE-D99C-4E0C-B763-ADA30A2817E1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0403AEF1-EED6-4FFC-BAA0-5EE704C181B8}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D8620DE7-D815-4AF5-A990-234C4E232125}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{54940CEB-35BD-4502-91CC-593872B7652A}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{111F9D38-C4D5-49AA-8A78-CA96F1AAFED7}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{5306605F-76AC-4803-9EEB-70110B0F5FB8}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{C0B695B5-20AA-4896-A023-C22F114DB940}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{7C729F5B-7FC3-44A6-B59B-7713B3940A8E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{5DC9023E-C4CE-441F-AA54-66D67184724A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{BD1D5935-2382-4711-8234-93AF3BBE3C0F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{6A1F14B2-B2EB-44A8-AE81-52ECF8306BDA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64A29A22-DB4E-404C-89A3-3AEE1E7E2A05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{38B98744-FAD6-4107-9C54-4CCF7D090CF2}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A7D549FA-EEFD-4307-8C86-9EB2BC1A166E}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [{626CA427-EF2D-4473-B3DA-4563CEE224C3}] => (Allow) D:\Steam\steamapps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [{EA7E71FD-CC4D-468D-8BAB-40B559CE22B3}] => (Allow) D:\Steam\steamapps\common\The Bards Tale\Config\The Bard's Setup.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2015 09:32:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x628
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0xe60
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:24:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDWelcome.exe, version: 2.4.40.130, time stamp: 0x535a5196
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x10b4
Faulting application start time: 0xSDWelcome.exe0
Faulting application path: SDWelcome.exe1
Faulting module path: SDWelcome.exe2
Report ID: SDWelcome.exe3
Faulting package full name: SDWelcome.exe4
Faulting package-relative application ID: SDWelcome.exe5
Error: (05/23/2015 09:22:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x2c8
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:18:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDWelcome.exe, version: 2.4.40.130, time stamp: 0x535a5196
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1af0
Faulting application start time: 0xSDWelcome.exe0
Faulting application path: SDWelcome.exe1
Faulting module path: SDWelcome.exe2
Report ID: SDWelcome.exe3
Faulting package full name: SDWelcome.exe4
Faulting package-relative application ID: SDWelcome.exe5
Error: (05/23/2015 09:17:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1728
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:12:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDFSSvc.exe, version: 2.4.40.217, time stamp: 0x535a5114
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0xf14
Faulting application start time: 0xSDFSSvc.exe0
Faulting application path: SDFSSvc.exe1
Faulting module path: SDFSSvc.exe2
Report ID: SDFSSvc.exe3
Faulting package full name: SDFSSvc.exe4
Faulting package-relative application ID: SDFSSvc.exe5
Error: (05/23/2015 09:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x18c8
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:04:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x764
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 08:59:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1868
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
System errors:
=============
Error: (05/23/2015 09:12:59 AM) (Source: DCOM) (EventID: 10016) (User: G751)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}g751AsusS-1-5-21-4202764557-1761152932-1492796901-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/23/2015 09:12:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (05/23/2015 09:12:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
Error: (05/23/2015 09:12:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (05/23/2015 08:57:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Defender Service service, but this action failed with the following error:
%%1056
Error: (05/23/2015 08:56:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/23/2015 08:54:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Microsoft Office:
=========================
Error: (05/23/2015 09:32:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f262801d0953308fbffeaC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl46a984b5-0126-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2e6001d0953255937c59C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl934659fa-0125-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:24:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDWelcome.exe2.4.40.130535a5196rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f210b401d09531ed32ce3cC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exertl150.bpl32a01ff9-0125-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:22:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f22c801d09531a22a7ce5C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpldfdd0bc4-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:18:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDWelcome.exe2.4.40.130535a5196rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f21af001d09530fc790812C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exertl150.bpl3c00ed55-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:17:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2172801d09530eec6c8a9C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl2c8aa9d5-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:12:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDFSSvc.exe2.4.40.217535a5114rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f2f1401d0953047393752C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exertl150.bpl84ef4c8a-0123-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f218c801d0952fbf397ac4C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bplfceb1eaa-0122-11e5-82f6-382c4aebc6bc
Error: (05/23/2015 09:04:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f276401d0952f0bd0a51fC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl498297d7-0122-11e5-82f6-382c4aebc6bc
Error: (05/23/2015 08:59:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2186801d0952e586f54e0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl962651ef-0121-11e5-82f6-382c4aebc6bc
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 11%
Total physical RAM: 16333.1 MB
Available physical RAM: 14457.26 MB
Total Pagefile: 32717.1 MB
Available Pagefile: 30482.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:118.14 GB) (Free:54.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data1) (Fixed) (Total:455.75 GB) (Free:308.72 GB) NTFS
Drive e: (Data2) (Fixed) (Total:455.75 GB) (Free:455.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 8FFEFB6B)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 82EB289F)
Partition: GPT Partition Type.
==================== End of log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-05-23 09:36:02
-----------------------------
09:36:02.719 OS Version: Windows x64 6.2.9200
09:36:02.719 Number of processors: 8 586 0x3C03
09:36:02.719 ComputerName: G751 UserName: Asus
09:36:02.852 Initialize success
09:36:02.853 VM: initialized successfully
09:36:02.854 VM: Intel CPU supported
09:36:04.979 VM: disk I/O iaStorA.sys
09:38:14.707 AVAST engine defs: 15052300
09:38:18.565 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
09:52:19.988 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
09:52:19.989 Disk 0 Vendor: SanDisk_SD6SB1M128G1002 X231600 Size: 122104MB BusType: 11
09:52:19.991 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000003a
09:52:19.993 Disk 1 Vendor: HGST_HTS721010A9E630 JB0OA3J0 Size: 953869MB BusType: 11
09:52:20.006 Disk 0 MBR read successfully
09:52:20.008 Disk 0 MBR scan
09:52:20.013 Disk 0 unknown MBR code
09:52:20.015 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
09:52:20.027 Disk 0 scanning C:\Windows\system32\drivers
09:52:23.092 Service scanning
09:52:31.588 Modules scanning
09:52:31.599 Disk 0 trace - called modules:
09:52:31.620 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
09:52:31.631 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000af406060]
09:52:31.640 3 CLASSPNP.SYS[fffff80033f6a170] -> nt!IofCallDriver -> [0xffffe000abac4040]
09:52:31.651 5 ACPI.sys[fffff800334a1c21] -> nt!IofCallDriver -> [0xffffe000abac6e50]
09:52:31.662 7 ACPI.sys[fffff800334a1c21] -> nt!IofCallDriver -> \Device\00000038[0xffffe000acc151f0]
09:52:31.846 AVAST engine scan C:\Windows
09:52:32.340 AVAST engine scan C:\Windows\system32
09:53:44.429 AVAST engine scan C:\Windows\system32\drivers
09:53:48.549 AVAST engine scan C:\Users\Asus
09:54:39.169 AVAST engine scan C:\ProgramData
09:54:58.037 Disk 0 statistics 4312484/0/0 @ 55.01 MB/s
09:54:58.041 Scan finished successfully
09:55:11.967 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
09:55:11.970 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
Logs as requested.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Asus (administrator) on G751 on 23-05-2015 09:32:05
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\pia_manager\pia_manager.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://www.ruby-lang.org/) C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
() C:\Windows\SysWOW64\UMonit64.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(http://www.ruby-lang.org/) C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276040 2014-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-05-06] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [BitTorrent] => C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\RunOnce: [Install Spybot - Search & Destroy] => C:\Users\Asus\Downloads\spybot-2.4.exe [46525608 2015-05-23] (Safer-Networking Ltd. )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/?gws_rd=ssl
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2013-09-02] ()
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-30] (Oracle Corporation)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-30] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\ivzp6exh.default-1429333259325
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\ivzp6exh.default-1429333259325\user.js [2015-04-23]
Chrome:
=======
CHR StartupUrls: Default -> "https://uk.search.yahoo.com/?type=888596&fr=yo-yhp-ch"
CHR DefaultSearchKeyword: Default -> 8790E33947437775DAB9AF3BD2BE78BE1975A67113FC29AEF2D0BE14163FF033
CHR DefaultSearchURL: Default -> B0DEBF26C478ED495FBDD48396ED9D96D78924FF37D82B6A9E4F532A7940EB57
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (WOT) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Adblock Plus) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-05-09] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-09] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) []
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-09] (NVIDIA Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244504 2015-04-15] (SlimWare Utilities, Inc.)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-06-05] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-04-16] (Avira Operations GmbH & Co. KG)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-05-21] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-04-09] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-09] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-05-23] (SlimWare Utilities, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 msahci; system32\drivers\msahci.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:32 - 2015-05-23 09:32 - 00021487 _____ () C:\Users\Asus\Downloads\FRST.txt
2015-05-23 09:31 - 2015-05-23 09:31 - 02108416 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2015-05-23 09:20 - 2015-05-23 09:20 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Asus\Downloads\spybot-2.4.exe
2015-05-23 09:17 - 2015-05-23 09:17 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Avira
2015-05-23 09:16 - 2015-04-16 15:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-05-23 09:16 - 2015-04-16 15:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-23 09:14 - 2015-05-23 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-23 09:14 - 2015-05-23 09:16 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-23 09:14 - 2015-05-23 09:14 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\Asus\Downloads\avira_en_av_556031d617f5f__ws.exe
2015-05-23 09:14 - 2015-05-23 09:14 - 00001225 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-05-23 07:45 - 2015-05-23 07:45 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-05-22 21:29 - 2015-05-22 21:43 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2015-05-19 05:35 - 2015-05-23 08:22 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2015-05-16 05:48 - 2015-05-16 05:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 14:39 - 2015-05-13 14:39 - 00451848 _____ () C:\Windows\Minidump\051315-29218-01.dmp
2015-05-13 05:10 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 05:10 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 04:48 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 04:48 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 04:48 - 2015-04-24 22:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 04:48 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 04:48 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 04:48 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 04:48 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 04:48 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 04:48 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 04:48 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 04:48 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 04:48 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 04:48 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 04:48 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 04:48 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 04:48 - 2015-04-21 17:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 04:48 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 04:48 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 04:48 - 2015-04-21 16:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 04:48 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 04:48 - 2015-04-21 16:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 04:48 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 04:48 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 04:48 - 2015-04-21 16:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 04:48 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 04:48 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 04:48 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 04:48 - 2015-04-21 16:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 04:48 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 04:48 - 2015-04-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 04:48 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 04:48 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 04:48 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 04:48 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 04:48 - 2015-04-21 16:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 04:48 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 04:48 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 04:48 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 04:48 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 04:48 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 04:48 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 04:48 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 04:48 - 2015-04-13 23:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 04:48 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 04:48 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 04:48 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 04:48 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 04:48 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 04:48 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 04:48 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 04:48 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 04:48 - 2015-03-05 00:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 19:20 - 2015-05-12 19:20 - 00355448 _____ () C:\Windows\Minidump\051215-98218-01.dmp
2015-05-11 07:34 - 2015-05-19 12:00 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-11 07:34 - 2015-05-19 12:00 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-08 18:03 - 2015-05-08 18:03 - 00343648 _____ () C:\Windows\Minidump\050815-18406-01.dmp
2015-05-07 15:09 - 2015-05-13 14:38 - 1011441449 _____ () C:\Windows\MEMORY.DMP
2015-05-07 10:24 - 2015-05-23 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-05-07 10:24 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\Waves
2015-05-07 10:24 - 2015-05-07 10:24 - 00003138 _____ () C:\Windows\System32\Tasks\RtHDVBg
2015-05-07 10:24 - 2015-05-07 10:24 - 00003134 _____ () C:\Windows\System32\Tasks\RTKCPL
2015-05-07 10:24 - 2015-05-07 10:24 - 00001238 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2015-05-07 10:23 - 2015-05-23 08:22 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-07 10:23 - 2000-01-01 01:00 - 72506368 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-07 10:23 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 04273880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-07 10:23 - 2000-01-01 01:00 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02822512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-07 10:23 - 2000-01-01 01:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01458788 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-07 10:23 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-07 10:23 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-07 10:22 - 2015-05-23 08:53 - 00021262 _____ () C:\Windows\PFRO.log
2015-05-07 10:17 - 2000-01-01 01:00 - 00874712 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-05-07 10:17 - 2000-01-01 01:00 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-05-07 10:15 - 2015-04-08 21:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-07 10:14 - 2015-05-23 09:12 - 00027478 _____ () C:\Windows\setupact.log
2015-05-07 10:14 - 2015-05-07 10:14 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-07 10:14 - 2015-04-09 01:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00849552 _____ () C:\Windows\system32\nvmcumd.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00100680 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-07 10:14 - 2015-04-09 01:58 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-07 10:14 - 2015-04-09 01:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-07 10:13 - 2015-05-07 10:13 - 00000000 ____D () C:\NVIDIA
2015-05-07 10:11 - 2015-05-07 10:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-05-07 10:10 - 2015-05-23 09:13 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-05-07 10:10 - 2015-05-23 09:13 - 00000418 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Users\Asus\AppData\Local\Downloaded Installers
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\SlimService
2015-05-07 10:10 - 2015-05-23 08:22 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2015-05-07 10:10 - 2015-05-07 10:10 - 00002822 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup
2015-05-07 07:47 - 2015-05-07 07:47 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\Users\Asus\AppData\Local\Intel
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-07 07:45 - 2015-05-07 07:45 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-05-06 17:00 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-06 17:00 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-06 17:00 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-06 17:00 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-06 17:00 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-06 17:00 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-06 17:00 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-06 17:00 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-06 17:00 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-06 17:00 - 2015-03-17 18:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-06 17:00 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-06 17:00 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-06 17:00 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-06 17:00 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-06 17:00 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-06 17:00 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-06 17:00 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-06 17:00 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-06 17:00 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-06 17:00 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-06 17:00 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-06 17:00 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-06 17:00 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-06 17:00 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-06 17:00 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-06 17:00 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-05-06 17:00 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-05-06 17:00 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-06 17:00 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-06 17:00 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-06 17:00 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-05-06 17:00 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-05-06 17:00 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-05-06 17:00 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-05-06 17:00 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-06 17:00 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-06 17:00 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-06 17:00 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-05-06 17:00 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-05-06 17:00 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-05-06 17:00 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-06 17:00 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-06 17:00 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-05-06 17:00 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-06 17:00 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-05-06 17:00 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-06 17:00 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-05-06 17:00 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-06 17:00 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-05-06 17:00 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-05-06 17:00 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-05-06 17:00 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-05-06 17:00 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-05-06 17:00 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-05-06 17:00 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-05-06 17:00 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-05-06 17:00 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-05-06 17:00 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-05-06 17:00 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-05-06 17:00 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-05-06 17:00 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-05-06 17:00 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-05-06 17:00 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-05-06 17:00 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-05-06 17:00 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-05-06 17:00 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-05-06 17:00 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-05-06 17:00 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-05-06 17:00 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-06 17:00 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-06 17:00 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-05-06 17:00 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-05-06 17:00 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-05-06 17:00 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-05-06 17:00 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-05-06 17:00 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-06 17:00 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-05-06 17:00 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-05-06 17:00 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-05-06 17:00 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-05-06 17:00 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-05-06 17:00 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-05-06 17:00 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-05-06 17:00 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-05-06 17:00 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-05-06 17:00 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-05-06 17:00 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-05-06 17:00 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-05-06 17:00 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-05-06 17:00 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-05-06 17:00 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-05-06 17:00 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-05-06 17:00 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-05-06 17:00 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-05-06 17:00 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-05-06 17:00 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-05-06 17:00 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-05-06 17:00 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-05-06 17:00 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-05-06 17:00 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-05-06 17:00 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-05-06 17:00 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-05-06 16:59 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-06 16:59 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-06 16:59 - 2015-03-13 01:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-06 16:59 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-06 16:59 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-05-06 16:29 - 2015-05-06 16:37 - 00000000 ____D () C:\Program Files (x86)\TweakBit
2015-05-06 16:29 - 2015-05-06 16:29 - 00000000 ____D () C:\ProgramData\TweakBit
2015-05-06 16:29 - 2015-05-06 16:29 - 00000000 ____D () C:\ProgramData\BSD
2015-05-04 17:30 - 2015-05-04 17:30 - 00000000 ____D () C:\ProgramData\Binarysense
2015-05-01 06:34 - 2015-05-23 08:21 - 00000000 ____D () C:\Users\Asus\AppData\Local\SlimWare Utilities Inc
2015-05-01 06:34 - 2015-05-07 10:09 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-05-01 06:34 - 2015-05-01 07:42 - 00000000 ____D () C:\Program Files (x86)\SlimCleaner
2015-05-01 06:34 - 2015-05-01 06:34 - 00003004 _____ () C:\Windows\System32\Tasks\SlimCleaner Run
2015-05-01 06:34 - 2015-05-01 06:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2015-04-30 18:13 - 2015-04-30 18:13 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-30 18:13 - 2015-04-30 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-30 18:13 - 2015-04-30 18:13 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-30 18:07 - 2015-04-30 18:07 - 00000000 ____D () C:\Users\Asus\AppData\Local\Secunia PSI
2015-04-30 18:07 - 2015-04-30 18:07 - 00000000 ____D () C:\Program Files (x86)\Secunia
2015-04-26 17:02 - 2015-04-26 17:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-04-26 16:31 - 2015-04-26 16:31 - 00000000 ____D () C:\114db0cc6fdadf587ead
2015-04-23 11:03 - 2015-04-23 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-23 09:32 - 2015-03-06 09:51 - 00000000 ____D () C:\FRST
2015-05-23 09:28 - 2015-03-05 16:11 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\BitTorrent
2015-05-23 09:25 - 2015-03-03 09:48 - 01613932 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 09:19 - 2013-12-13 12:27 - 00810868 _____ () C:\Windows\system32\perfh013.dat
2015-05-23 09:19 - 2013-12-13 12:27 - 00166216 _____ () C:\Windows\system32\perfc013.dat
2015-05-23 09:19 - 2013-12-13 12:11 - 00814850 _____ () C:\Windows\system32\perfh00C.dat
2015-05-23 09:19 - 2013-12-13 12:11 - 00163070 _____ () C:\Windows\system32\perfc00C.dat
2015-05-23 09:19 - 2013-12-13 05:09 - 02783592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-23 09:17 - 2015-03-03 11:59 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4202764557-1761152932-1492796901-1001
2015-05-23 09:16 - 2015-03-07 09:40 - 00000000 ____D () C:\ProgramData\Avira
2015-05-23 09:14 - 2015-03-06 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 09:14 - 2015-03-03 09:48 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-23 09:12 - 2015-03-06 15:34 - 00000000 __RDO () C:\Users\Asus\OneDrive
2015-05-23 09:12 - 2015-03-03 11:54 - 00000093 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2015-05-23 09:12 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-23 09:12 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 09:08 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-23 08:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-23 08:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-23 08:22 - 2015-04-13 18:29 - 00000000 ____D () C:\Users\Asus\AppData\Local\Akamai
2015-05-23 08:22 - 2015-04-08 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-23 08:22 - 2015-04-08 07:47 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-23 08:22 - 2015-04-05 02:57 - 00000000 ____D () C:\Windows\Minidump
2015-05-23 08:22 - 2015-04-04 09:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-23 08:22 - 2015-04-04 09:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-23 08:22 - 2015-04-02 12:50 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-05-23 08:22 - 2015-04-02 12:47 - 00000000 ____D () C:\Program Files\WOT
2015-05-23 08:22 - 2015-04-02 12:47 - 00000000 ____D () C:\Program Files (x86)\WOT
2015-05-23 08:22 - 2015-03-16 12:53 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2015-05-23 08:22 - 2015-03-16 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-23 08:22 - 2015-03-16 12:52 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\ProgramData\Licenses
2015-05-23 08:22 - 2015-03-12 22:26 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-05-23 08:22 - 2015-03-08 07:14 - 00000000 ____D () C:\Users\Asus\AppData\Local\PokerStars.UK
2015-05-23 08:22 - 2015-03-08 06:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-23 08:22 - 2015-03-08 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-23 08:22 - 2015-03-06 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-05-23 08:22 - 2015-03-06 13:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-05-23 08:22 - 2015-03-06 10:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-23 08:22 - 2015-03-03 11:54 - 00000000 ____D () C:\Users\Asus
2015-05-23 08:22 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-23 08:22 - 2015-03-03 09:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-23 08:22 - 2015-03-03 09:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-23 08:22 - 2013-12-13 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-23 08:22 - 2013-12-13 05:10 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-05-23 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-23 08:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-23 08:21 - 2015-03-03 11:54 - 00000000 ____D () C:\Users\Asus\AppData\Local\NVIDIA
2015-05-23 08:21 - 2015-03-03 09:56 - 00000000 ____D () C:\Program Files\Realtek
2015-05-23 08:21 - 2015-03-03 09:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-23 08:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-05-23 08:20 - 2015-03-03 09:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-23 07:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-23 07:06 - 2015-03-03 09:56 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-05-22 21:17 - 2015-03-06 10:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-19 21:08 - 2015-03-05 15:41 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31481147-3A5A-4832-888E-FFA8D7CBFAFF}
2015-05-18 07:54 - 2015-03-08 06:52 - 00000000 ____D () C:\ProgramData\Skype
2015-05-17 15:21 - 2015-03-05 17:43 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe
2015-05-17 15:20 - 2015-03-06 11:35 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-17 15:19 - 2015-04-01 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 02:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-05-13 14:38 - 2013-08-22 15:44 - 00337976 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 05:10 - 2015-03-05 16:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 05:09 - 2015-03-05 16:56 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 05:08 - 2013-08-22 21:59 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-11 07:34 - 2015-03-03 10:01 - 00003382 _____ () C:\Windows\System32\Tasks\Update Checker
2015-05-07 10:24 - 2015-03-03 09:56 - 00006786 _____ () C:\Windows\system32\Drivers\rtwavesEFX.dat
2015-05-07 10:24 - 2015-03-03 09:56 - 00002626 _____ () C:\Windows\system32\Drivers\rtwavesMFX.dat
2015-05-07 10:23 - 2015-03-03 09:56 - 00317062 _____ () C:\Windows\system32\Drivers\RTWAVES40.dat
2015-05-07 10:20 - 2015-03-03 09:49 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-07 10:00 - 2015-03-03 09:49 - 00000000 ____D () C:\ProgramData\Intel
2015-05-07 10:00 - 2015-03-03 09:49 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-07 09:59 - 2015-03-03 09:48 - 00000000 ____D () C:\Program Files\Intel
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-06 17:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-05-06 17:06 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-06 16:29 - 2013-08-22 14:25 - 00000187 _____ () C:\Windows\win.ini
2015-05-05 18:59 - 2015-03-06 15:07 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 18:59 - 2015-03-06 15:07 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-04 11:46 - 2015-03-03 10:05 - 00000000 ____D () C:\ProgramData\Temp
2015-05-01 08:21 - 2015-03-08 07:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.UK
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-05-01 06:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-01 06:35 - 2013-12-13 12:45 - 00000000 ____D () C:\Windows\Panther
2015-04-26 05:58 - 2015-03-06 16:21 - 00000000 ____D () C:\Program Files (x86)\Full Tilt UK
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-04-23 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-23 09:02 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-04-23 08:50 - 2015-03-03 10:06 - 00000000 ____D () C:\ProgramData\ASUS
2015-04-23 08:49 - 2015-03-08 11:41 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\WildTangent
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-23 08:49 - 2013-12-13 05:11 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-04-23 08:48 - 2015-03-14 03:20 - 00000000 ____D () C:\ProgramData\Yahoo!
==================== Files in the root of some directories =======
2015-03-03 11:54 - 2015-05-23 09:12 - 0000093 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2015-03-10 09:15 - 2015-03-10 09:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-03 09:56 - 2015-03-03 09:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 05:09 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 05:09 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 05:09 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-17 10:02
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Asus at 2015-05-23 09:32:28
Running from C:\Users\Asus\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4202764557-1761152932-1492796901-500 - Administrator - Disabled)
Asus (S-1-5-21-4202764557-1761152932-1492796901-1001 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-4202764557-1761152932-1492796901-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4202764557-1761152932-1492796901-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Spybot - Search and Destroy (Disabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.2 - ASUS)
ASUS Intel Extreme Tuning Utility (HKLM-x32\...\{17933add-8de8-4586-b331-96f1070ae737}) (Version: 4.4.0.205 - Intel Corporation)
ASUS Intel Extreme Tuning Utility (x32 Version: 4.4.0.205 - Intel Corporation) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.1 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Avira (HKLM-x32\...\{022ef99f-0db2-4efc-964d-5dd2da3151f6}) (Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4105 - CyberLink Corp.)
ETDWare PS/2-X64 11.5.13.9_WHQL (HKLM\...\Elantech) (Version: 11.5.13.9 - ELAN Microelectronic Corp.)
Free Stopwatch 3.0.2 (HKLM-x32\...\{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 3.0 - Comfort Software Group)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5AE8ACA2-420B-4196-A8E0-20E8EB274E0F}) (Version: 17.1.1512.0771 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4718.78 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-GB)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7388 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimCleaner Plus (HKLM\...\{5F5EF771-2B0B-401C-969C-38399DF75D35}) (Version: 1.3.1 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
07-05-2015 10:23:35 Installed Realtek High Definition Audio Driver
13-05-2015 05:08:38 Windows Update
19-05-2015 22:25:58 Windows Update
21-05-2015 12:17:26 SlimDrivers Installing Drivers
21-05-2015 12:26:19 Removed Realtek High Definition Audio Driver
21-05-2015 12:28:00 Installed Realtek High Definition Audio Driver
22-05-2015 21:20:02 Removed WOT for Internet Explorer
22-05-2015 21:41:47 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0253208C-4A01-4EFB-86ED-409A6DF0D358} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-04-30] (ASUSTek Computer Inc.)
Task: {0412A4E0-1537-4263-BB7A-5C5441275D3D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {103B5C55-4882-4864-9CDB-6F2E510069E0} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {132BDEEA-686F-401F-A556-AFBABEF03056} - System32\Tasks\TweakBit\PCSpeedUp\Start PCSpeedUp оn logon => C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe <==== ATTENTION
Task: {258168F4-D901-4B73-93E8-539979036F33} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {345A5E38-18F6-4437-A156-ED073C7F847D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {372B9077-624D-444E-B2E4-ADA4FC6B81D4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {3B82C99E-02C2-486F-8F37-9D4F9D70954F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {3C3BBE8C-9959-4B82-8F4D-1B92FE0EF9F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {40F61B3D-3125-4F57-93DF-8D457A9703AE} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.)
Task: {67608500-6E4C-4CF4-919E-02D076178573} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6F6CB227-C83A-4385-8CF1-08B26208DFB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {8A8A8176-95CA-44AA-83FC-453ADE3570AC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {95A58846-6BB3-44E8-98D5-EE3273CE4507} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {97E5BA15-7F7B-410D-AA72-5D5D4E93D71C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {9D564E4F-7555-4C05-A36F-96E84FAB404F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {9DB2E73F-242B-4A34-8C54-6E83EB214422} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {9E7F0333-6C60-4600-8714-DD3236C561F5} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-03-08] ()
Task: {A6965D26-0A86-4D1B-AEEE-462AD7B86C61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-17] (Adobe Systems Incorporated)
Task: {AA4A4B69-B037-49FE-B2F8-E549328374FA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {B724322B-BA53-43D0-BE73-E5552FF58AE5} - System32\Tasks\TweakBit\PCSpeedUp\Time for deal => C:\Program Files (x86)\TweakBit\PCSpeedUp\PCSpeedUp.exe <==== ATTENTION
Task: {B9DF4181-A3D3-415B-9FA1-290E5753F1E8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2000-01-01] (Realtek Semiconductor)
Task: {BEFAB2D4-7C3C-4E94-8B8B-BE8D501A8A82} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {C6CE6890-6B30-481D-84AA-B6A253709F4D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-07-09] (ASUSTek Computer Inc.)
Task: {D9EA3712-4A59-47B7-9EC0-8BCEFEE697C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {DAD73489-A395-4FD3-94C8-280B712A25D1} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {E1202477-C56C-4D96-89AD-D3C48E48D598} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {E8989D4A-3344-4123-A94A-2D0B3DAF4B89} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FA27B8E7-A12F-4B14-8FCE-7E3AAD6BBE31} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {FCE22663-144D-4CEA-883E-0EC4B8698A39} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2000-01-01] (Realtek Semiconductor)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-03 09:52 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-05-09 13:21 - 2015-05-09 13:21 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-03-03 09:59 - 2014-02-26 04:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
2015-03-06 12:13 - 2015-03-08 07:01 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-05-07 10:16 - 2015-04-09 01:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00012800 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009728 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00014848 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\src\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009216 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00126976 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00087552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00016384 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00127316 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\bin\libffi-6.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00013312 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00095744 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr53EC.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00012800 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00009728 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00014848 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\src\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00094208 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00118784 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00069120 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00083968 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\zlib1.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00275968 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00015360 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00008192 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00009216 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00023552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00008704 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00036352 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00126976 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00087552 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00016384 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00127316 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\bin\libffi-6.dll
2015-05-23 09:12 - 2015-05-23 09:12 - 00013312 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-05-23 09:12 - 2015-05-23 09:12 - 00095744 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-05-23 09:13 - 2015-05-23 09:13 - 00026624 _____ () C:\Users\Asus\AppData\Local\Temp\ocr8A2F.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-03-06 12:13 - 2015-03-08 07:01 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-03-06 12:13 - 2015-03-08 07:01 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2015-03-03 09:55 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Asus\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Asus\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1001movie.com -> 1001movie.com
There are 6091 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "ROGNB"
HKLM\...\StartupApproved\Run32: => "ASUS ROG MacroKey"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0E2D0E8C-39A3-4BDB-B158-25FFE77313D2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{211B59A3-56F3-42B9-9EE9-E50BF7668F14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBEEE043-7761-4107-BB4E-E5B80B3BEBDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D8899967-1FA3-445A-A89F-FC01764B52F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BE3EA452-9358-4264-9E3A-9B5D42E28753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{065E05E2-3EAF-4E44-B270-82F82D49B582}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2D4BED1E-DA76-4699-A45D-1FD90EEC8392}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B146C685-DBE2-41DA-BB80-C1BBB52EA4F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6B2C93F-B29C-4C77-B11F-61D32D157778}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{1BA6D593-541F-4F63-853D-F937D3C936B5}] => (Allow) C:\Windows\system32\ftp.exe
FirewallRules: [{04781A3E-4FF9-43F9-A9DD-FA47656089FD}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{DB75DE74-FD9E-4648-A3C2-8F5400E67759}] => (Allow) C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{E3AF2AA4-1AAC-448F-AB9E-98B81FBE7BFE}] => (Allow) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1AAB904B-ED1C-4BBE-A85E-D142E6C9E77C}] => (Allow) C:\Users\Asus\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BC425A47-A540-489C-810C-8DF8B6971C3B}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{0C428927-AFCC-4493-A695-91B7ACB0CA91}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D68E31ED-3D2E-423C-A8D7-4C87A3D00A34}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B4B7F89-ED36-4CBF-AB13-3B5658B79407}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{880E0DEF-083B-4CB2-81DB-37CD4D5A1B0B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{EC4809C9-ADAE-4897-9374-C833EEEF7E7E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6554A6FD-44FC-47D3-8BE2-4ABBE636E6BB}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E3A9BE6-EE12-41FF-BFEC-909251FBCE98}] => (Allow) D:\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{034361B6-F499-4D01-83D1-24302210EDF1}] => (Allow) D:\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{43A20772-7501-4418-9231-E72872BCD1C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1C042886-83FD-44AA-B577-3B7EA1D9B6F3}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{D2981FB4-887C-43BE-98FF-383214B0B1C5}] => (Allow) LPort=5357
FirewallRules: [{26F55D82-E91E-4ABA-AA72-320E78481ADB}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9F4041EE-D99C-4E0C-B763-ADA30A2817E1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0403AEF1-EED6-4FFC-BAA0-5EE704C181B8}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D8620DE7-D815-4AF5-A990-234C4E232125}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{54940CEB-35BD-4502-91CC-593872B7652A}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{111F9D38-C4D5-49AA-8A78-CA96F1AAFED7}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{5306605F-76AC-4803-9EEB-70110B0F5FB8}] => (Allow) D:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{C0B695B5-20AA-4896-A023-C22F114DB940}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{7C729F5B-7FC3-44A6-B59B-7713B3940A8E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{5DC9023E-C4CE-441F-AA54-66D67184724A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{BD1D5935-2382-4711-8234-93AF3BBE3C0F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{6A1F14B2-B2EB-44A8-AE81-52ECF8306BDA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64A29A22-DB4E-404C-89A3-3AEE1E7E2A05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{38B98744-FAD6-4107-9C54-4CCF7D090CF2}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A7D549FA-EEFD-4307-8C86-9EB2BC1A166E}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [{626CA427-EF2D-4473-B3DA-4563CEE224C3}] => (Allow) D:\Steam\steamapps\common\The Bards Tale\Config\The Bard's Setup.exe
FirewallRules: [{EA7E71FD-CC4D-468D-8BAB-40B559CE22B3}] => (Allow) D:\Steam\steamapps\common\The Bards Tale\Config\The Bard's Setup.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2015 09:32:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x628
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0xe60
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:24:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDWelcome.exe, version: 2.4.40.130, time stamp: 0x535a5196
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x10b4
Faulting application start time: 0xSDWelcome.exe0
Faulting application path: SDWelcome.exe1
Faulting module path: SDWelcome.exe2
Report ID: SDWelcome.exe3
Faulting package full name: SDWelcome.exe4
Faulting package-relative application ID: SDWelcome.exe5
Error: (05/23/2015 09:22:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x2c8
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:18:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDWelcome.exe, version: 2.4.40.130, time stamp: 0x535a5196
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1af0
Faulting application start time: 0xSDWelcome.exe0
Faulting application path: SDWelcome.exe1
Faulting module path: SDWelcome.exe2
Report ID: SDWelcome.exe3
Faulting package full name: SDWelcome.exe4
Faulting package-relative application ID: SDWelcome.exe5
Error: (05/23/2015 09:17:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1728
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:12:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDFSSvc.exe, version: 2.4.40.217, time stamp: 0x535a5114
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0xf14
Faulting application start time: 0xSDFSSvc.exe0
Faulting application path: SDFSSvc.exe1
Faulting module path: SDFSSvc.exe2
Report ID: SDFSSvc.exe3
Faulting package full name: SDFSSvc.exe4
Faulting package-relative application ID: SDFSSvc.exe5
Error: (05/23/2015 09:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x18c8
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 09:04:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x764
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
Error: (05/23/2015 08:59:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.4.40.94, time stamp: 0x53ad3eee
Faulting module name: rtl150.bpl, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process ID: 0x1868
Faulting application start time: 0xSDUpdate.exe0
Faulting application path: SDUpdate.exe1
Faulting module path: SDUpdate.exe2
Report ID: SDUpdate.exe3
Faulting package full name: SDUpdate.exe4
Faulting package-relative application ID: SDUpdate.exe5
System errors:
=============
Error: (05/23/2015 09:12:59 AM) (Source: DCOM) (EventID: 10016) (User: G751)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}g751AsusS-1-5-21-4202764557-1761152932-1492796901-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/23/2015 09:12:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (05/23/2015 09:12:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
Error: (05/23/2015 09:12:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Error: (05/23/2015 09:12:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (05/23/2015 08:57:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Defender Service service, but this action failed with the following error:
%%1056
Error: (05/23/2015 08:56:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/23/2015 08:54:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053
Microsoft Office:
=========================
Error: (05/23/2015 09:32:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f262801d0953308fbffeaC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl46a984b5-0126-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2e6001d0953255937c59C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl934659fa-0125-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:24:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDWelcome.exe2.4.40.130535a5196rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f210b401d09531ed32ce3cC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exertl150.bpl32a01ff9-0125-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:22:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f22c801d09531a22a7ce5C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpldfdd0bc4-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:18:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDWelcome.exe2.4.40.130535a5196rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f21af001d09530fc790812C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exertl150.bpl3c00ed55-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:17:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2172801d09530eec6c8a9C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl2c8aa9d5-0124-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:12:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDFSSvc.exe2.4.40.217535a5114rtl150.bpl6.3.9600.17736550f42c2c00001350009d4f2f1401d0953047393752C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exertl150.bpl84ef4c8a-0123-11e5-82f7-382c4aebc6bc
Error: (05/23/2015 09:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f218c801d0952fbf397ac4C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bplfceb1eaa-0122-11e5-82f6-382c4aebc6bc
Error: (05/23/2015 09:04:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f276401d0952f0bd0a51fC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl498297d7-0122-11e5-82f6-382c4aebc6bc
Error: (05/23/2015 08:59:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDUpdate.exe2.4.40.9453ad3eeertl150.bpl6.3.9600.17736550f42c2c00001350009d4f2186801d0952e586f54e0C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exertl150.bpl962651ef-0121-11e5-82f6-382c4aebc6bc
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 11%
Total physical RAM: 16333.1 MB
Available physical RAM: 14457.26 MB
Total Pagefile: 32717.1 MB
Available Pagefile: 30482.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:118.14 GB) (Free:54.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data1) (Fixed) (Total:455.75 GB) (Free:308.72 GB) NTFS
Drive e: (Data2) (Fixed) (Total:455.75 GB) (Free:455.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 8FFEFB6B)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 82EB289F)
Partition: GPT Partition Type.
==================== End of log ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-05-23 09:36:02
-----------------------------
09:36:02.719 OS Version: Windows x64 6.2.9200
09:36:02.719 Number of processors: 8 586 0x3C03
09:36:02.719 ComputerName: G751 UserName: Asus
09:36:02.852 Initialize success
09:36:02.853 VM: initialized successfully
09:36:02.854 VM: Intel CPU supported
09:36:04.979 VM: disk I/O iaStorA.sys
09:38:14.707 AVAST engine defs: 15052300
09:38:18.565 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
09:52:19.988 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
09:52:19.989 Disk 0 Vendor: SanDisk_SD6SB1M128G1002 X231600 Size: 122104MB BusType: 11
09:52:19.991 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000003a
09:52:19.993 Disk 1 Vendor: HGST_HTS721010A9E630 JB0OA3J0 Size: 953869MB BusType: 11
09:52:20.006 Disk 0 MBR read successfully
09:52:20.008 Disk 0 MBR scan
09:52:20.013 Disk 0 unknown MBR code
09:52:20.015 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
09:52:20.027 Disk 0 scanning C:\Windows\system32\drivers
09:52:23.092 Service scanning
09:52:31.588 Modules scanning
09:52:31.599 Disk 0 trace - called modules:
09:52:31.620 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
09:52:31.631 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000af406060]
09:52:31.640 3 CLASSPNP.SYS[fffff80033f6a170] -> nt!IofCallDriver -> [0xffffe000abac4040]
09:52:31.651 5 ACPI.sys[fffff800334a1c21] -> nt!IofCallDriver -> [0xffffe000abac6e50]
09:52:31.662 7 ACPI.sys[fffff800334a1c21] -> nt!IofCallDriver -> \Device\00000038[0xffffe000acc151f0]
09:52:31.846 AVAST engine scan C:\Windows
09:52:32.340 AVAST engine scan C:\Windows\system32
09:53:44.429 AVAST engine scan C:\Windows\system32\drivers
09:53:48.549 AVAST engine scan C:\Users\Asus
09:54:39.169 AVAST engine scan C:\ProgramData
09:54:58.037 Disk 0 statistics 4312484/0/0 @ 55.01 MB/s
09:54:58.041 Scan finished successfully
09:55:11.967 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
09:55:11.970 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"