PDA

View Full Version : Intermittant ad popups in bottom right, and occasionally embedded in page


nastharl
2015-07-07, 03:52
For the last while (no real time frame), have been getting random video ad popups in the bottom right corner whenever ad-block is disabled. It doesn't consistantly do it on every page, but certain pages just do it all the time, and its one where i'm pretty sure its nothing to do with the actual page.

Log files are attached.1225312252

Except for Additions.txt which is pasted here because it was too big.


Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Nick at 2015-07-06 19:38:52
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-933702865-3488087127-4119853235-500 - Administrator - Disabled)
david (S-1-5-21-933702865-3488087127-4119853235-1010 - Limited - Enabled)
Guest (S-1-5-21-933702865-3488087127-4119853235-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-933702865-3488087127-4119853235-1002 - Limited - Enabled)
Nick (S-1-5-21-933702865-3488087127-4119853235-1001 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-933702865-3488087127-4119853235-1013 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
µTorrent (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cisco AnyConnect VPN Client (HKLM-x32\...\{28AAE6A5-B887-4E19-B06C-E367F3C43EDB}) (Version: 2.3.0185 - Cisco Systems, Inc.)
Combined Community Codec Pack 2013-03-25 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.03.25.0 - CCCP Project)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dell System Detect (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell System Detect (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - )
Dungeon Defenders Demo (HKLM-x32\...\Steam App 201680) (Version: - )
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.39.5101 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Chrome (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
HipChat (HKLM-x32\...\{1E58E3D7-8943-4BF1-BADD-BF471506B684}) (Version: 2.2.1388 - Atlassian Inc)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.20001.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java(TM) 6 Update 35 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416035FF}) (Version: 6.0.350 - Oracle)
JavaFX 2.2.4 (HKLM-x32\...\{1111706F-666A-4037-7777-224328764D10}) (Version: 2.2.4 - Oracle Corporation)
join.me (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
join.me (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.11.1 - LG Electronics)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy ds3 driver version 0.5.0002 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0002 - www.motioninjoy.com)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.33.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}) (Version: 3.00 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Spotify (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania 3.9b (remove only) (HKLM-x32\...\StepMania) (Version: - )
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
TigerGame Superjoy Box Series (HKLM-x32\...\TigerGame Superjoy Box Series) (Version: - )
TouchBIOS B11.1201.1 (HKLM-x32\...\{A2EBACDD-09BB-4894-AE25-7168DB3BFA7F}) (Version: 1.00.0000 - GIGABYTE)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.1 - The Wireshark developer community, http://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

01-07-2015 04:22:36 Scheduled Checkpoint
06-07-2015 15:19:36 Installed HipChat

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06847DE1-BE68-49ED-8E70-37A3FE317D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001UA => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {115AC79F-F3DE-4B13-AD59-7A8A06E8AF57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3D121B54-F28A-456C-B52E-5BE7CA7C7012} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001Core => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {59FB2BBF-9007-4978-B8CD-F2F413247931} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {5CB3BBA9-1CD9-4399-99BA-A6E89ED9CC1F} - System32\Tasks\{25ED3582-3C9E-49E6-8937-8BF5951D4455} => pcalua.exe -a C:\Users\Nick\Downloads\HECI\setup.exe -d C:\Users\Nick\Downloads\HECI
Task: {9FD375F7-8406-45D0-9C01-43D04F5A6308} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {A0EA8C16-038E-4CC5-93FA-235831516BD8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {BF54F4F5-B081-4070-A1A8-745508AAED8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {F7EA13F1-251D-4408-A713-DD652F26FFAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {F91E3C1C-BF31-46A2-9C16-1229E11A70A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {FA9D5B58-694A-4B57-849A-1823485916E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001Core.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001UA.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-01 13:37 - 2015-05-11 22:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-17 09:16 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-04 18:24 - 2015-02-04 18:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-03-17 06:01 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 04:49 - 2014-05-12 04:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-03-14 00:49 - 2015-03-14 00:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-06-23 16:24 - 2015-06-23 16:24 - 04274688 _____ () C:\Program Files (x86)\Atlassian\HipChat\hipchat.exe
2015-05-01 12:44 - 2015-05-01 11:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-17 06:01 - 2015-01-27 09:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-06-28 20:56 - 2015-04-16 12:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-28 20:56 - 2015-06-04 13:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-28 20:56 - 2015-06-04 13:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-05-19 21:29 - 2015-05-19 21:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-28 20:56 - 2015-05-11 14:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-06-28 20:56 - 2015-05-11 14:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-05-01 18:15 - 2015-07-05 18:55 - 41287224 _____ () C:\Users\Nick\AppData\Roaming\Spotify\libcef.dll
2015-05-01 18:15 - 2015-07-05 18:55 - 01488440 _____ () C:\Users\Nick\AppData\Roaming\Spotify\libglesv2.dll
2015-05-01 18:15 - 2015-07-05 18:55 - 00079928 _____ () C:\Users\Nick\AppData\Roaming\Spotify\libegl.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00036878 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00021075 _____ () C:\Program Files (x86)\Pidgin\plugins\.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00311021 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00092398 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00328186 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00107365 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00374169 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00150598 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00106671 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00116071 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00171123 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00055880 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00417758 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00236666 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00047934 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00069625 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00031993 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00023851 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-11-23 12:33 - 2014-11-23 12:33 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-11-23 12:34 - 2014-11-23 12:34 - 00486400 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2015-07-06 14:56 - 2015-07-06 14:56 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2015-06-23 16:20 - 2015-06-23 16:20 - 01059328 _____ () C:\Program Files (x86)\Atlassian\HipChat\qxmpp0.dll
2015-06-23 16:20 - 2015-06-23 16:20 - 00258048 _____ () C:\Program Files (x86)\Atlassian\HipChat\KF5SonnetCore.dll
2015-06-23 16:21 - 2015-06-23 16:21 - 00234496 _____ () C:\Program Files (x86)\Atlassian\HipChat\KF5SonnetUi.dll
2014-07-15 13:25 - 2014-07-15 13:25 - 19670016 _____ () C:\Program Files (x86)\Atlassian\HipChat\OPENGL32.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00877056 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\platforms\qwindows.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00023552 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\imageformats\qgif.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00024064 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\imageformats\qico.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00241152 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\imageformats\qjpeg.dll
2014-09-11 04:55 - 2014-09-11 04:55 - 00012288 _____ () C:\Program Files (x86)\Atlassian\HipChat\QtQuick.2\qtquick2plugin.dll
2014-09-11 04:56 - 2014-09-11 04:56 - 00730112 _____ () C:\Program Files (x86)\Atlassian\HipChat\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00037888 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\bearer\qgenericbearer.dll
2015-06-23 16:18 - 2015-06-23 16:18 - 00039936 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\bearer\qnativewifibearer.dll
2015-06-23 16:21 - 2015-06-23 16:21 - 00066048 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\kf5\sonnet\hunspell.dll
2014-09-11 04:40 - 2014-09-11 04:40 - 00119296 _____ () C:\Program Files (x86)\Atlassian\HipChat\plugins\accessible\qtaccessiblewidgets.dll
2015-06-22 12:51 - 2015-06-20 00:46 - 01281864 _____ () C:\Users\Nick\AppData\Local\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 12:51 - 2015-06-20 00:46 - 00080712 _____ () C:\Users\Nick\AppData\Local\Google\Chrome\Application\43.0.2357.130\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-933702865-3488087127-4119853235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Nick\AppData\Local\Apps\2.0\WWLJNK9P.Z1N\DQQLT1RK.LZ8\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Nick\AppData\Local\Temp\utt46DD.tmp.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7AA6A0B8-B4B1-4264-99FE-2437633ADC84}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{926FB89F-267D-4F2C-9F9C-96B059C6350D}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{8D307F65-75D2-4D0A-8CA3-B7A7C1463ACD}D:\program files\winamp\winamp.exe] => (Allow) D:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{DBCE091D-F8EE-4E2F-A1CB-6DE5114460A8}D:\program files\winamp\winamp.exe] => (Allow) D:\program files\winamp\winamp.exe
FirewallRules: [{3125BCA4-56C5-4B21-BCBB-2BF56FE28A64}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{02C27C23-F9E6-4D9C-8389-43F4DF2344D3}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{617D952F-F0AF-49C2-A009-1322ADCCEC57}] => (Allow) LPort=3724
FirewallRules: [TCP Query User{54163F1C-D787-4187-B28B-DDE8C1F1BC9B}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{BB635D0A-0AEE-406B-96FB-BA7BD2CA35CF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{70469CB5-BA3C-490A-8BB3-0606EA922891}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{FC4AAA53-E9ED-4068-92CA-5FAE0ACBBCB7}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{319F537E-7AE2-4B7B-AA5F-8DE1B4265D84}D:\sysreset\mirc.exe] => (Allow) D:\sysreset\mirc.exe
FirewallRules: [UDP Query User{0F1814A6-97E9-446F-8FC7-6597797285AB}D:\sysreset\mirc.exe] => (Allow) D:\sysreset\mirc.exe
FirewallRules: [{5452394A-6D58-48A7-BD27-46CFECDC9F9D}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{053593BA-1AE0-484F-961A-04CF83D0A7D3}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{65C6CFD8-00FF-4CAA-8014-5E9DD92DB8D0}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D4EE98E5-1742-442A-95A8-5CCDB03D9FF8}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F018C837-ED60-46FC-B0C2-FB670BED3FB1}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{0C474E9D-7A0F-44AE-8C06-227423AB5F12}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{BBF79ECD-75C9-4A52-AECD-8D0B39D5FE5A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{27A3DAAA-8784-4D27-9F05-3256032FE02F}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C9B7F39B-1ED6-4160-9120-AB9A1C2FC5DC}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{902373B0-A7A3-488D-BB8C-4E053140D7B1}] => (Allow) D:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{4DB9A497-7F8B-497B-8F18-FDD1C7CFA689}] => (Allow) D:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{92DD19F9-4305-4E97-9795-1D819E232068}] => (Allow) D:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{80E73E73-4C7F-4932-AAA4-4DB189930E91}] => (Allow) D:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{BBD15215-8FBD-487B-B082-8DF1D12601AD}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe
FirewallRules: [{6DAF3A04-3275-4242-B501-E1CA64AB530A}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe
FirewallRules: [{3BF08B38-FF34-41D4-9AB7-DA43ECC546C7}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe
FirewallRules: [{0FEE3F5D-7EDE-43B5-8EE4-056030C29FBB}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe
FirewallRules: [{6FE46AC9-5D03-455D-ABD6-C86F9A47F28A}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{0029D676-3955-4DA8-A464-B737DF8FE35C}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{5FD451BE-4EF7-4256-8912-6BD2832A1CC4}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{2C30D1C1-36FA-410F-A11E-2BDFDE7D22F7}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{421708E0-E506-4B43-A051-C5CA84C31AAC}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{4D79211F-3E69-4D7A-9850-DBFD43DFCD5C}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{811E1FF2-2918-4E95-AD75-576A19D71CFF}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{41BA4319-676D-43F3-A606-D5D698B310A0}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{B920FBD7-6322-4623-9F94-FC8C48964BFF}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{66D1E05A-09E5-496A-A6FE-8CBFD56AA698}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{531F1FE2-9014-49D2-95B0-011398155391}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{3ADE9C73-035B-4153-8280-3F05BF5B1C80}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{FC5629BF-EAFD-4193-9842-06BA9B2CC2AF}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{7E0892E3-C9D0-4F3B-8888-2D42EE7FD3EC}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{336A00AA-71C7-4B75-BD07-6ABC4B8DD5AD}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{F2B47580-1638-4374-AF06-030100000F38}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{96A95E09-5BB7-40F5-B480-0180DDE9EE3C}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{68FE19E2-5C22-4711-A90F-7D3C0C8C8823}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{06EA9E12-F4B6-4819-9615-F01045F50685}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{FD104F85-2947-4C1F-889A-02624996EED8}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{E2D3B94E-7AFE-49B4-BE72-B1FE197FF275}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{AAED2B17-3765-4B44-80B1-31A737B46146}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{851F1990-3D0E-4A86-9E3A-9DBDC8E9A3AB}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{A814F35D-C94E-4289-B258-90D06CCABB2A}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{FBB87DCC-7454-4741-8075-1D76155641EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{53F4B8F7-5522-4E13-8C68-BBB6015A70D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DFE82416-F482-44CE-A416-6D9A80337EEE}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{D1268EAF-3D40-4D7B-B4A1-0E25BF18E5F9}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{C3DEE63E-D0FD-491C-B09A-2E6349A1ECD9}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BD940288-6B81-453F-A617-C7BECEB61E0E}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{4AFE5596-789C-4F13-BAB2-466CC32934FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A6B6562B-2288-4404-9C27-12205F338C27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D07D49FD-D84C-4BB4-88D0-C7A26F370221}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52EF6003-9BF3-43BF-9122-B2984E791324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1DBEEF4E-ADBA-4B34-9DF4-5137EA6CB500}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{63D57C85-3817-40A8-A083-349D48031E7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DCEB3780-7C75-485C-BA90-3D91E5B158CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{68FDC97D-FF42-4EDF-8201-DDA10A621AF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A0AC361F-6537-4FE9-AD17-8D49A8D75DF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F021F918-96FE-4AB9-B53B-3712E0FAA501}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{188FE494-1FCF-4B38-84B9-74914F42F3AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21AAC1F0-119A-482D-8D19-D30D4CCB7349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3FD177FB-627F-4989-A2A0-F0E6D96EDF97}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{3A9EB43E-4A52-41C8-A432-56956DF353BA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C49EE13E-13C5-41FB-9DFE-7036B6568F81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0EFBFB2-57A6-48D8-8AE3-3B0E824C640A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B3812ACD-2E72-4A9F-8D3B-BB17A37C35E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{05C4D969-B0DB-4A5A-8F92-6D7143BA8C98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6BB3D1BF-45DA-493F-A6D1-5DCC80883F1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7D3D20E0-6C66-4D90-85C9-07779771F8CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BAFD6E2-CF6E-4F8A-BB32-C81999C235A0}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{E39422A4-BA84-4968-A9C6-79791596E21F}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{F2555453-69A8-4D62-B8D0-6F5558490622}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{305E0131-6EDA-44F3-A08F-48EF22293467}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BD0CAFBC-25B2-4AF8-A7F3-C97CF591A287}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{94BB03B9-F68A-4F75-9A52-C3C8105FE5BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EBF8AAA9-1C01-4D1D-9DB2-AC833C2BC737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A2568F9C-D7C1-44CE-9607-2E9CCACEF35A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D02B146E-C895-49C0-8B59-D10EA9CB25AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1333EEEB-2CA0-479C-AB2C-68B805184C2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{17470F9E-2A26-457A-9F01-DC454B98CBC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4BDE3F65-0155-4E9E-AAA2-4688DBEB6D07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30164245-476B-4ABF-8FE5-240C7322C138}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BDFF7EA6-59C6-4726-8F4C-5F75DA1BB45F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21EBAEF0-6490-4234-AB7F-065E1232B2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEA2572E-1522-4F85-98E1-53FDDADB53D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{74C739E3-E591-44A4-BC31-20409F85FE63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9618FCAD-E145-42BE-BA38-CC5675E96D23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B829BEED-5526-41E8-8E9F-5794BDC07BFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30A78922-3F09-492A-8B83-EBDA956E7A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{521C1791-1FCA-428C-9346-93F41E2E932E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{228670EE-2166-4458-BEBF-B10922AA91CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{53C69B1C-8EEC-47AA-AE5D-3289101DA6B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{228A5B39-A8AE-4C9F-AB65-4C7CB6765ECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC338EFE-F194-4A0D-8C14-33F0DBBDF2B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E23DFB1-DC3F-4677-B775-564A6B0CD340}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E087D21C-2F56-4DD5-B83F-256DD8AAC1DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC9B8EB1-2B86-4963-B020-54A29C341C3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9C988523-706F-4054-8A9C-32F7348D5593}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D822B51-E077-4E77-A1F4-F6F224BE1A24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B948FF19-0560-46B0-A3EB-5D8BAD3CDD1F}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{6FEAC59F-105A-4AA0-B19B-F1F443579D3A}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{3A2A9E06-BFF0-4CFA-BE22-549A525F42D0}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{C72D0A96-2061-418F-AE0F-40226BAA2858}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BFA51BDD-3F6D-47AD-BFE4-C2D4CA8B47E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D15C20AD-773F-49A7-85D2-3BFA1E53840D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{02CB3F08-3B87-4C40-AF72-759B85C2AB5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5E4CC6A1-C7E5-4D66-AD4F-B60D6BE949CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E7C70136-71C5-409F-A045-CB7407742891}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{810A7BB5-742B-4036-BE25-8FE5B045574D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{07BEDD08-2F44-4D11-95D0-5B98B590F084}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{AACC54A1-689B-4830-A6C0-14DB27E9D396}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{4CD86D44-F2F5-4DA9-BC60-FFFC174FA524}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{55B1F1E6-5EB2-425F-AF4F-086DCE2B8CB3}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{D7AA8422-5A1C-4AD9-A2BA-5E1B89F72904}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D7180FD-4102-4DEC-BCBF-D0EA2DE53D75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03B5BA7B-D737-41C6-A99D-8AE34295E374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4E51CB80-4182-4F82-B75B-253B786102AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6B2846F7-D5EE-439A-A5C9-F4F011E9FD62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{154EB2A0-F202-4AB2-9873-DCDA09043906}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44F5CA1D-A838-4D67-A53D-87BFA497E6DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C061522-D2E4-4904-BB18-3CEA13DA6999}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D18A2BB0-519E-4D5C-B1F1-70080DDCB717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DAFAE876-8DB7-46B0-945A-C475FF32A9C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{800978A9-BDEC-45C6-8B4E-937213EB91C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FA9864D6-622D-4B78-93A1-952B801CA6C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{07B63234-A692-4D52-AFC3-282CD05B3B63}] => (Allow) D:\Program Files\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{7C41819E-878C-4E4A-90F0-6550A826EDB9}] => (Allow) D:\Program Files\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{33B3B32B-6BFB-4AFD-B3CF-75926A7BF95E}] => (Allow) D:\Program Files\Steam\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{72639B92-2E3E-48DD-A774-1699AFF3C6F5}] => (Allow) D:\Program Files\Steam\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{63129C2D-A9ED-486D-9985-9ADA77A4B6B7}] => (Allow) D:\Program Files\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{28EF2CC7-5C4A-4A34-977A-6D43437A32EC}] => (Allow) D:\Program Files\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1066871E-A376-4695-807D-4C8EA5893031}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{69CB9BAF-A211-4A4A-A9A3-409D49637A64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{37A1934E-F5F9-4346-B4A5-27F0A2BE6CF9}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{25F722A9-29E1-4E36-8281-6B2197F7D498}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E852111-4903-4BB3-99CA-7BF4754B9E56}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1F76B5CA-8E7F-46CB-9472-6F58A3494CFF}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{17FD8A91-82E5-41C4-9332-E4FA3EB14314}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{14663198-3ABB-4EAD-AC7B-70F141F8D16D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2CD6E673-AB3A-4AD3-85F3-D853D2FB6310}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{68F9602F-D276-4734-AD2A-9C306788A714}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{373988CF-8CBB-4E3D-9FFC-18FFB0802A10}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{6345E56C-618F-4AD3-8564-91D7A6338256}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{B161D2F0-F3BD-423A-BA0A-BF840BBC770D}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{DAC3C5D5-3838-4F88-B083-BE9882E964CE}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\DAOrigins.exe
FirewallRules: [{515ED292-88BF-42BE-9E6B-1824D01E4C48}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\DAOrigins.exe
FirewallRules: [{E47B9290-BD4E-441D-A406-5B99C351502A}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{D7CA3C50-97E4-4910-B98E-E295247C72C4}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{EEFA0C20-4495-4C30-99B5-FB4EFF2411E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB2F0043-03A4-4B9A-A127-4BF1E810F005}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5228211D-2256-4609-B1DD-1575A581B6A1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D8A959BE-BBB5-4F6E-8B55-56B6F06FC723}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{573FED78-7C34-461D-981B-F6354D278ED9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{68D1A5FE-31D2-4EB0-BAC7-740F0FFADC12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{214D23A3-07CA-4329-BC1A-C79C5A90E83C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{01AC6DA2-A84F-4174-AE4A-E246CD0D9574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{5F384CC5-F288-4A16-A62D-A0990F8B658F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5589AC7D-B9DE-4F70-A853-69A66D482F28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

==================== Faulty Device Manager Devices =============

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) HD Graphics 3000
Description: Intel(R) HD Graphics 3000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) Display Audio
Description: Intel(R) Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2015 06:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2015 06:15:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (07/05/2015 06:15:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 09:16:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:15:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (06/28/2015 09:15:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 08:57:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 08:55:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (06/28/2015 08:55:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 08:54:01 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]


System errors:
=============
Error: (07/05/2015 06:15:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 09:15:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 08:57:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (06/28/2015 08:57:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (06/28/2015 08:55:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 08:54:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 08:43:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 08:39:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/28/2015 08:35:24 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT AUTHORITY)
Description: SAM failed to start the TCP/IP or SPX/IPX listening thread

Error: (06/28/2015 08:35:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom


Microsoft Office:
=========================
Error: (07/05/2015 06:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2015 06:15:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (07/05/2015 06:15:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 09:16:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:15:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (06/28/2015 09:15:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 08:57:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 08:55:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (06/28/2015 08:55:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]

Error: (06/28/2015 08:54:01 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]


CodeIntegrity Errors:
===================================
Date: 2012-02-11 21:04:04.982
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-02-11 21:04:04.973
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8109.18 MB
Available physical RAM: 4814.64 MB
Total Virtual: 16216.54 MB
Available Virtual: 12503.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:25.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: B34EDF65)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== End of log ============================
Curie
2015-07-07, 08:42
Hello nastharl!

Welcome to Spybot.info
I am Marie Curie and will gladly help you with any malware-related problems.

I am currently in training at WhatTheTech (http://forums.whatthetech.com) and every post of mine will be approved by a teacher. This will lead to some delay in my responses. I will return as soon as possible with instructions. Please familiarize yourself with the following ground rules in the meanwhile.


Read my instructions thoroughly, carry out each step in the given order.
Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
Back up important files before we start.
nastharl
2015-07-08, 04:56
Thanks for the reply. Since i posted last i added a backup hard drive to the system and installed final fantasy 14. I trust neither of these have any impact on browser hijacks.
Curie
2015-07-08, 08:33
Hello nastharl!

Our tools run best from the Desktop, please move FRST from your downloads folder to the desktop.

Please read the following warnings before you proceed:
http://i.imgur.com/goGMWSt.gifNo Anti-Virus Installed
------------------------------

Connecting to the Internet without an Anti-Virus is a risk to you, and to everyone as well. Your computer is susceptible to malware infections involving Botnets (http://www.microsoft.com/en-GB/security/resources/botnet-whatis.aspx) and Zombie Computers (http://en.wikipedia.org/wiki/Zombie_%28computer_science%29) . Using Anti-Virus software will help minimize the risk and help prevent your computer from being used to pass on infections to other machines. When infected and compromised, malware spreads faster and more extensively, distributed denial-of-service (DDoS) attacks are easier to launch, spammers have more platforms from which to send E-mails and more zombies are created to perpetuate the cycle.

Nowadays, a multi-layed approach to security that incorporates Anti-Virus software is required to protect your computer from the latest threats. Many of attackers today employ advanced techniques which involve sophisticated Backdoor Trojans (http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99) and Rootkits (http://en.wikipedia.org/wiki/Rootkit) to hide their presence on a computer. Without an Anti-Virus, your computer is not only more susceptible to infection, but also means you are less likely to realise your computer is infected - sometimes the only symptom is an alert from your Anti-Virus. Please refer to the following articles for more information.



Do I Need Antivirus Software? (http://www.antivirus.com/security-software/resources/need-virus-protection/index.html)
Understanding Home Network Security: What does antivirus software do? (http://www.cert.org/tech_tips/home_networks.html#II-M)
Understanding security and safer computing: Use virus protection (http://windows.microsoft.com/en-US/windows7/Understanding-security-and-safer-computing)

Please download and install ONE of the Anti-Virus' listed below.

avast! Free Anti-Virus (http://www.avast.com/en-gb/download-thank-you.php?product=FA-ONLINE&locale=en-gb) (free)
Microsoft Security Essentials (http://windows.microsoft.com/en-us/windows/security-essentials-all-versions) (free)
ESET NOD32 Anti-Virus (http://www.eset.co.uk/Download/Software/Home) (paid)
Kaspersky Anti-Virus (http://www.kaspersky.co.uk/home-products) (paid)
Emsisoft Internet Security (http://www.emsisoft.de/en/software/internetsecurity/) (paid)

For a paid solution, my choice of Anti-Virus is ESET NOD32, and for a free solution, my choice of Anti-Virus is avast!. Please be aware that there is no universal "one size fits all" solution (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/?p=2316629) that works for everyone and there is no single best anti-virus. What works for one person may not work for another.



http://i.imgur.com/goGMWSt.gifP2P Warning
------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - worms (http://en.wikipedia.org/wiki/Computer_worm), backdoor Trojans (http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99), IRCBots (http://en.wikipedia.org/wiki/IRC_bot), and rootkits (http://en.wikipedia.org/wiki/Rootkit) propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information.


Risks of File-Sharing Technology (http://www.us-cert.gov/cas/tips/ST05-007.html)
P2P Software User Advisories (http://aresgalaxy.sourceforge.net/p2prisks.htm)
More malware is traveling on P2P networks these days (http://www.computerworld.com/s/article/9240067/More_malware_is_traveling_on_P2P_networks_these_days)

Your P2P software can be removed by following the instructions below.

Press the Windows Key http://i.imgur.com/pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for the aforementioned programme(s), right-click and click Uninstall. Follow the prompts.

If you choose not to, please refrain from using the programme(s) during this process.

STEP 1
http://i.imgur.com/GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)


Open Malwarebytes Anti-Malware and click Update Now.
Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
Click the Scan tab, ensure Threat Scan is selected and click Start Scan.
Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the Scan Log.
Click Copy to Clipboard and paste the log in your next reply.

STEP 2
http://i.imgur.com/E3feWj5.png Junkware Removal Tool (JRT)


Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/) and save the file to your Desktop.
Create a System Restore Point. For instructions, please refer to the following link (http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html) (W8) | link (http://windows.microsoft.com/en-GB/windows7/create-a-restore-point) (W7) | link (http://www.bleepingcomputer.com/tutorials/windows-vista-system-restore-guide/#manual) (Vista).
Temporarily disable your anti-virus software. For instructions, please refer to the following link (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
Right-Click JRT.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts and allow the scan to run uninterrupted.
Upon completion, a log (JRT.txt) will open on your desktop.
Re-enable your anti-virus software.
Copy the contents of JRT.txt and paste in your next reply.

STEP 3
http://i.imgur.com/BY4dvz9.png AdwCleaner


Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and save the file to your Desktop.
Right-Click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

======================================================

STEP 4
http://i.imgur.com/pfNZP4A.png Logs
In your next reply please include the following logs. Please attach the requested logs, as well as provide information on any questions I may have asked.


Fixlog.txt
MBAM log
JRT.txt
AdwCleaner[S0].txt
You have AVG Security Toolbar installed. This is a potentially unwanted program. Do you want to keep it?
nastharl
2015-07-09, 04:44
I'm working through this list now. uTorrent was uninstalled some time back and is no longer on my remove programs list. Not sure if there is lingering registry keys hanging around.

Installing windows security essentials now.
nastharl
2015-07-09, 17:22
MWB Log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/9/2015
Scan Time: 8:58:54 AM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.07.09.03
Rootkit Database: v2015.07.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Nick

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 391767
Time Elapsed: 8 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, Quarantined, [10a702dd56340f27c210008e16eefa06],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [07b05788e6a4ee486c64a4eaba4aef11],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-933702865-3488087127-4119853235-1001\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [8730558aa9e12412bc147519e71dfe02],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-933702865-3488087127-4119853235-1001\SOFTWARE\CONDUIT\DistributionEngine, Quarantined, [dadd34ab1f6bdb5b38c5cbc1010302fe],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.OptimizerPro.A, C:\Users\Nick\Documents\Optimizer Pro, Quarantined, [02b5e6f996f4f04680fbed9fbd47f010],

Files: 1
PUP.Optional.OptimizerPro.A, C:\Users\Nick\Documents\Optimizer Pro\CookiesException.txt, Quarantined, [02b5e6f996f4f04680fbed9fbd47f010],

Physical Sectors: 0
(No malicious items detected)


(end)

JRT Log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.8 (07.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by Nick on Thu 07/09/2015 at 9:12:53.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\PIP



~~~ Files

Successfully deleted: [File] C:\Users\Nick\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\Nick\appdata\local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Nick\appdata\local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\Nick\appdata\local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\Users\Nick\appdata\local\esupport.com



~~~ FireFox

Successfully deleted the following from C:\Users\Nick\AppData\Roaming\mozilla\firefox\profiles\hskeenp0.default\prefs.js

user_pref(browser.search.defaultenginename, Conduit Search);
user_pref(browser.search.selectedEngine, Conduit Search);
Emptied folder: C:\Users\Nick\AppData\Roaming\mozilla\firefox\profiles\hskeenp0.default\minidumps [6 files]



~~~ Chrome


[C:\Users\Nick\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Nick\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Nick\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Nick\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
booedmolknjekdopkepjjeckmjkdpfgl,
flpcjncodpafbgdpnkljologafpionhb,
ohgcjecomkebbohfjgmncelbhogbbokf
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/09/2015 at 9:15:16.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AWT Log:
# AdwCleaner v4.207 - Logfile created 09/07/2015 at 09:19:29
# Updated 21/06/2015 by Xplode
# Database : 2015-07-05.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Nick - NICK-PC
# Running from : C:\Users\Nick\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1688 bytes] - [09/07/2015 09:17:57]
AdwCleaner[S0].txt - [1373 bytes] - [09/07/2015 09:19:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1432 bytes] ##########
nastharl
2015-07-09, 17:24
I was following the instructions that said paste the log, then got to the bottom that said attach the logs, sorry :(

Also what generates Fixlog? i didn't see that one.
Curie
2015-07-10, 22:13
Hello nashtarl,

sorry for the confusion, I added the Fixlist.txt by mistake. You did everything correct. http://forums.whatthetech.com/public/style_emoticons/default/smile.png

STEP 1
http://i.imgur.com/b8zkrsY.png Browser Reset

Before proceeding, please refer to the following instructions on how you can backup your Favourites/Bookmarks.


http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xehzOq95.png.pagespeed.ic.1o1xpAkZbO.png Internet Explorer: Backup Internet Explorer Favourites (http://www.wikihow.com/Back-Up-Favorites-in-Internet-Explorer)
http://2-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xQlf57ne.png.pagespeed.ic.SnwgqhVB9v.jpg Firefox:Backup Firefox Bookmarks (https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer)
http://i.imgur.com/U5NwUGc.png Chrome: Backup Chrome Bookmarks (http://www.wikihow.com/Export-Bookmarks-from-Chrome)

Using the relevant instructions below, please reset your installed browsers.
As Internet Explorer is an integral part of Windows, please ensure you reset this browser.


http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xehzOq95.png.pagespeed.ic.1o1xpAkZbO.png Internet Explorer: How to reset Internet Explorer settings (http://support.microsoft.com/kb/923737)
http://2-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xQlf57ne.png.pagespeed.ic.SnwgqhVB9v.jpg Firefox:Reset Firefox (https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems)
http://i.imgur.com/U5NwUGc.png Chrome: Chrome - Reset browser settings (https://support.google.com/chrome/answer/3296214?hl=en)

STEP 2
http://i.imgur.com/xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan


Right-Click FRST64.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Attach both logs in your next reply.


======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to attach the requested logs, as well as provide information on any questions I may have asked.


FRST.txt
Addition.txt
How is your computer doing now?
nastharl
2015-07-12, 22:53
Pasting the files, as they're too big to attach.

Things seeeeem better but it was intermittant so i dont know for sure. Will run a few days before i declare it good to go. Will also give it a day or 2 before re-enabling adblock and fauxbar (should be safe chrome plugins?) so that theres a consistant before and after to test with.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015
Ran by Nick (administrator) on NICK-PC on 12-07-2015 14:45:02
Running from C:\Users\Nick\Desktop
Loaded Profiles: Nick & UpdatusUser (Available Profiles: Nick & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Spotify Ltd) C:\Users\Nick\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Users\Nick\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Nick\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Run: [Google Update] => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-17] (Google Inc.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Run: [Spotify Web Helper] => C:\Users\Nick\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-05] (Spotify Ltd)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Run: [MusicManager] => C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\MountPoints2: {1f2788f0-b22f-11e3-838c-00acd819598c} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\MountPoints2: {338d2671-da1f-11e0-8e45-001cc0440357} - H:\setup.exe -a
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\MountPoints2: {3be388fb-5074-11e2-a708-50e54942f5c4} - E:\setup.exe -a
HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\MountPoints2: {e9c144cb-66d3-11e3-b24d-00acd819598c} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [Google Update] => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-17] (Google Inc.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [Spotify Web Helper] => "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\UpdatusUser\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=b5c60ffc732747d38f11d1e59efdb07f-2f0cec7c885f6edd3fb158d407185069992b169a /CMPID=1113a
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [MusicManager] => C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\MountPoints2: {1f2788f0-b22f-11e3-838c-00acd819598c} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\MountPoints2: {338d2671-da1f-11e0-8e45-001cc0440357} - H:\setup.exe -a
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\MountPoints2: {3be388fb-5074-11e2-a708-50e54942f5c4} - F:\setup.exe -a
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\MountPoints2: {e9c144cb-66d3-11e3-b24d-00acd819598c} - F:\VerizonSWUpgradeAssistantLauncher.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2014-09-15]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-933702865-3488087127-4119853235-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-28] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{43106C25-C086-4F38-9F04-C32A480F80F3}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{F0BDFCD3-0D63-4C98-9587-5498D54DCE04}: [NameServer] 141.211.144.17,141.211.125.17
Tcpip\..\Interfaces\{F0BDFCD3-0D63-4C98-9587-5498D54DCE04}: [DhcpNameServer] 208.59.247.45 208.59.247.46

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\gv0aoyru.default-1436730182877
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-28] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-28] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-17] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-23] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Nick\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-03-10] (Raidcall)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-933702865-3488087127-4119853235-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-933702865-3488087127-4119853235-1001: @talk.google.com/O1DPlugin -> C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-933702865-3488087127-4119853235-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-933702865-3488087127-4119853235-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-933702865-3488087127-4119853235-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Nick\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Nick\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)

Chrome:
=======
CHR Profile: C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Fauxbar Lite) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfimmnpbjccjihohjkimphfmmebffbmk [2014-01-13]
CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Google Play Music) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-05]
CHR Extension: (AdBlock) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-21]
CHR Extension: (Fauxbar) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibkhcnpkakjniplpfblaoikiggkopka [2012-05-14]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2012-09-25]
CHR Extension: (Foxish live RSS) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgagcapnkccceppgljfpoadahaopjdb [2011-08-31]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2012-09-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
StartMenuInternet: Google Chrome - C:\Users\Nick\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 UpdateCenterService; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; d:\program files\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-01-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0058.sys [28768 2013-09-05] (SoftEther Project at University of Tsukuba, Japan.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-12-30] (Razer Inc)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-12-30] (Razer Inc)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-05-09] ()
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cpuz136; \??\C:\Users\Nick\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 14:44 - 2015-07-12 14:44 - 00000000 ____D C:\Users\Nick\Desktop\FRST-OlderVersion
2015-07-12 14:43 - 2015-07-12 14:43 - 00000000 ____D C:\Users\Nick\Desktop\Old Firefox Data
2015-07-10 19:12 - 2015-07-10 19:12 - 00126727 _____ C:\Users\Nick\Desktop\bookmarks_7_10_15.html
2015-07-10 19:06 - 2015-07-10 19:06 - 00049616 _____ C:\Users\Nick\Desktop\bookmarks-2015-07-10.json
2015-07-09 09:23 - 2015-07-12 14:45 - 00023525 _____ C:\Users\Nick\Desktop\FRST.txt
2015-07-09 09:17 - 2015-07-09 09:19 - 00000000 ____D C:\AdwCleaner
2015-07-09 09:17 - 2015-07-09 09:17 - 02244096 _____ C:\Users\Nick\Desktop\AdwCleaner.exe
2015-07-09 09:15 - 2015-07-09 09:16 - 02953724 _____ (Malwarebytes Corporation) C:\Users\Nick\Downloads\JRT.exe
2015-07-09 09:15 - 2015-07-09 09:15 - 00002359 _____ C:\Users\Nick\Desktop\JRT.txt
2015-07-09 09:10 - 2015-07-09 09:10 - 02953724 _____ (Malwarebytes Corporation) C:\Users\Nick\Desktop\JRT.exe
2015-07-09 08:58 - 2015-07-09 09:21 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-09 08:58 - 2015-07-09 08:58 - 00001137 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-09 08:58 - 2015-07-09 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-09 08:58 - 2015-07-09 08:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-09 08:58 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-09 08:58 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-09 08:58 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-08 23:41 - 2015-07-08 23:41 - 00001276 _____ C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2015-07-08 23:41 - 2015-07-08 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-07-08 23:36 - 2015-07-08 23:36 - 00000000 ____D C:\Users\Nick\AppData\Roaming\NVIDIA
2015-07-08 23:26 - 2015-06-17 01:48 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-08 23:26 - 2015-06-17 01:48 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-08 23:26 - 2015-06-17 01:48 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-08 23:26 - 2015-06-17 01:48 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-08 23:26 - 2015-06-17 01:48 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-08 23:26 - 2015-06-17 01:48 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-08 23:26 - 2015-06-02 09:11 - 04421614 _____ C:\Windows\system32\nvcoproc.bin
2015-07-08 23:25 - 2015-07-08 23:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-08 23:24 - 2015-06-17 04:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-08 23:24 - 2015-06-17 04:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-08 23:24 - 2015-06-17 04:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-08 23:24 - 2015-06-17 04:10 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-08 23:00 - 2015-07-08 23:00 - 60061952 _____ (Igor Pavlov) C:\Users\Nick\Downloads\mb_driver_intel_me_6series.exe
2015-07-08 23:00 - 2015-07-08 23:00 - 00000000 ____D C:\Users\Nick\Downloads\mvDriver1
2015-07-08 22:53 - 2015-05-18 22:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-08 22:53 - 2015-05-18 22:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-08 22:51 - 2015-07-08 22:51 - 11840839 _____ C:\Users\Nick\Downloads\Windows6.1-KB2670838-x64.msu
2015-07-08 22:36 - 2015-07-08 22:41 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-08 22:36 - 2015-07-08 22:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-08 22:31 - 2015-01-08 18:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-07-08 22:31 - 2015-01-08 18:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-07-08 22:12 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-08 22:12 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-08 20:55 - 2015-05-25 13:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-08 20:55 - 2015-05-25 13:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-08 20:55 - 2015-05-25 13:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-08 20:55 - 2015-05-25 13:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-07-08 20:55 - 2015-05-25 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-07-08 20:55 - 2015-05-25 13:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-08 20:55 - 2015-05-25 13:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-08 20:55 - 2015-05-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-08 20:55 - 2015-05-25 13:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-08 20:55 - 2015-05-25 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-08 20:55 - 2015-05-25 13:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-08 20:55 - 2015-05-25 13:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 13:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-07-08 20:55 - 2015-05-25 13:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-07-08 20:55 - 2015-05-25 13:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-08 20:55 - 2015-05-25 13:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-07-08 20:55 - 2015-05-25 13:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-07-08 20:55 - 2015-05-25 13:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-07-08 20:55 - 2015-05-25 12:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-08 20:55 - 2015-05-25 12:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-08 20:55 - 2015-05-25 12:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-08 20:55 - 2015-05-25 12:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-07-08 20:55 - 2015-05-25 12:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-08 20:55 - 2015-05-25 12:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 12:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-08 20:55 - 2015-05-25 11:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-07-08 20:55 - 2015-05-25 11:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-07-08 20:55 - 2015-05-25 11:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 11:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 11:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-08 20:55 - 2015-05-25 11:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-08 20:55 - 2015-04-29 13:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-08 20:55 - 2015-04-29 13:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-08 20:55 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-08 20:55 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-08 20:55 - 2015-04-29 13:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-08 20:55 - 2015-04-29 13:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-08 20:55 - 2015-04-29 13:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-08 20:55 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-08 20:55 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-08 20:55 - 2015-04-29 13:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-08 20:55 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-08 20:55 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-08 20:55 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-08 20:55 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-08 20:55 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-08 20:55 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-08 20:55 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-08 20:55 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-08 20:55 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-08 20:55 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-08 20:55 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-08 20:55 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-08 20:55 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-08 20:55 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-07-08 20:55 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-07-08 20:55 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-07-08 20:55 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-07-08 20:54 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-08 20:54 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-08 20:54 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-07-08 20:54 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-08 20:54 - 2015-04-07 22:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-08 20:54 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-07-08 20:54 - 2015-02-02 22:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-07-08 20:54 - 2015-02-02 22:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-07-08 20:54 - 2015-02-02 22:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-07-08 20:54 - 2015-02-02 22:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-07-08 20:54 - 2015-02-02 22:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-07-08 20:54 - 2015-02-02 22:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-07-08 20:54 - 2015-02-02 22:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-07-08 20:54 - 2015-02-02 22:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-07-08 20:54 - 2015-02-02 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-08 20:54 - 2015-02-02 22:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-07-08 20:54 - 2015-02-02 22:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-07-08 20:54 - 2015-02-02 22:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-07-08 20:54 - 2015-02-02 22:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-07-08 20:54 - 2015-02-02 22:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-07-08 20:54 - 2015-02-02 22:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-07-08 20:54 - 2015-02-02 21:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-08 20:54 - 2015-01-30 22:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-08 20:54 - 2015-01-30 22:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-08 20:54 - 2015-01-30 18:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-08 20:54 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-08 20:54 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-08 20:54 - 2014-10-31 17:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-08 20:54 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-08 20:54 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-08 20:53 - 2015-06-01 14:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-08 20:53 - 2015-06-01 13:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-08 20:53 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-08 20:53 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-08 20:53 - 2015-05-25 12:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-08 20:53 - 2015-05-22 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-08 20:53 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-08 20:53 - 2015-05-22 22:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-08 20:53 - 2015-05-22 22:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-08 20:53 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-08 20:53 - 2015-05-22 22:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-08 20:53 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-08 20:53 - 2015-05-22 22:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-08 20:53 - 2015-05-22 22:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-08 20:53 - 2015-05-22 22:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-08 20:53 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-08 20:53 - 2015-05-22 22:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-08 20:53 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-08 20:53 - 2015-05-22 21:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-08 20:53 - 2015-05-22 21:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-08 20:53 - 2015-05-22 21:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-08 20:53 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-08 20:53 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-08 20:53 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-08 20:53 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-08 20:53 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-08 20:53 - 2015-05-22 21:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-08 20:53 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-08 20:53 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-08 20:53 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-08 20:53 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-08 20:53 - 2015-05-22 14:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-08 20:53 - 2015-05-22 14:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-08 20:53 - 2015-05-22 14:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-08 20:53 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-08 20:53 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-08 20:53 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-08 20:53 - 2015-05-22 14:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-08 20:53 - 2015-05-22 13:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-08 20:53 - 2015-05-22 13:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-08 20:53 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-08 20:53 - 2015-05-22 13:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-08 20:53 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-08 20:53 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-08 20:53 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-08 20:53 - 2015-05-22 13:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-08 20:53 - 2015-05-22 13:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-08 20:53 - 2015-05-22 13:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-08 20:53 - 2015-05-22 13:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-08 20:53 - 2015-05-22 13:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-08 20:53 - 2015-05-22 13:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-08 20:53 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-08 20:53 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-08 20:53 - 2015-05-22 13:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-08 20:53 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-08 20:53 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-08 20:53 - 2015-05-22 13:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-08 20:53 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-08 20:53 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-08 20:53 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-08 20:53 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-08 20:53 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-08 20:53 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-08 20:53 - 2015-04-10 22:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-08 20:53 - 2015-03-24 22:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-08 20:53 - 2015-03-24 22:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-08 20:53 - 2015-03-24 22:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-08 20:53 - 2015-03-24 22:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-08 20:53 - 2015-03-24 22:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-08 20:53 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-08 20:53 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-08 20:53 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-08 20:53 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-08 20:53 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-08 20:53 - 2015-03-09 22:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-08 20:53 - 2015-03-09 22:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-08 20:53 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-07-08 20:53 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-07-08 20:53 - 2015-03-05 00:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-08 20:53 - 2015-03-04 23:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-08 20:53 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-08 20:53 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-08 20:53 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-08 20:53 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-08 20:53 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-08 20:53 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-08 20:53 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-07-08 20:53 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-08 20:53 - 2015-01-28 22:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-08 20:53 - 2015-01-28 22:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-08 20:53 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-08 20:53 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-07-08 20:53 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-07-08 20:53 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-07-08 20:53 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-08 20:53 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-08 20:53 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-07-08 20:52 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-08 20:52 - 2015-03-03 23:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-08 20:52 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-08 20:52 - 2015-03-03 23:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-08 20:52 - 2015-03-03 23:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-08 20:52 - 2015-03-03 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-08 20:52 - 2015-03-03 23:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-07-08 20:52 - 2015-03-03 23:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-07-08 20:52 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-07-08 20:52 - 2015-03-03 23:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-08 20:52 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-08 20:52 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-07-08 20:52 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-08 20:52 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-08 20:52 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-08 20:52 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-07-08 20:52 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-07-08 20:52 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-07-08 20:52 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-07-08 20:52 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-07-08 20:52 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-08 20:52 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-08 20:52 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-08 20:52 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-08 20:52 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-08 20:52 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-08 20:52 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-08 20:52 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-08 20:52 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-08 20:52 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-08 20:48 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-08 20:48 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-08 20:42 - 2015-07-08 20:42 - 00002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-07-08 20:42 - 2015-07-08 20:42 - 00001945 _____ C:\Windows\epplauncher.mif
2015-07-08 20:42 - 2015-07-08 20:42 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-07-08 20:42 - 2015-07-08 20:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-07-08 20:41 - 2015-07-08 20:41 - 14243008 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\mseinstall.exe
2015-07-07 21:24 - 2015-07-07 21:25 - 00000000 ____D C:\Users\Nick\Downloads\Sun and Moon - Win
2015-07-07 21:20 - 2015-07-07 21:20 - 26672084 _____ C:\Users\Nick\Downloads\Sun and Moon - Win (5).zip
2015-07-07 19:51 - 2015-07-07 19:51 - 00931408 _____ (Google Inc.) C:\Users\Nick\Downloads\musicmanagerinstaller.exe
2015-07-07 19:51 - 2015-07-07 19:51 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2015-07-07 19:04 - 2015-07-07 19:04 - 111970304 _____ (SQUARE ENIX CO., LTD.) C:\Users\Nick\Downloads\ffxivsetup.exe
2015-07-07 18:57 - 2015-07-07 18:57 - 00000011 _____ C:\Users\Nick\Documents\extension.txt
2015-07-07 18:55 - 2015-07-07 18:55 - 00026277 _____ C:\Users\Nick\Downloads\Midwest Center for Women's Healthcare.html
2015-07-07 18:55 - 2015-07-07 18:55 - 00000000 ____D C:\Users\Nick\Downloads\Midwest Center for Women's Healthcare_files
2015-07-06 19:46 - 2015-07-06 19:46 - 00002188 _____ C:\Users\Nick\Downloads\aswMBR.txt
2015-07-06 19:46 - 2015-07-06 19:46 - 00000512 _____ C:\Users\Nick\Downloads\MBR.dat
2015-07-06 19:39 - 2015-07-06 19:39 - 05198336 _____ (AVAST Software) C:\Users\Nick\Downloads\aswMBR.exe
2015-07-06 19:38 - 2015-07-07 18:57 - 00071686 _____ C:\Users\Nick\Downloads\Addition.txt
2015-07-06 19:38 - 2015-07-06 19:39 - 00032975 _____ C:\Users\Nick\Downloads\FRST.txt
2015-07-06 19:37 - 2015-07-12 14:45 - 00000000 ____D C:\FRST
2015-07-06 19:37 - 2015-07-12 14:44 - 02133504 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe
2015-07-06 19:37 - 2015-07-06 19:37 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NICK-PC-Windows-7-Home-Premium-(64-bit).dat
2015-07-06 19:36 - 2015-07-06 19:36 - 04720448 _____ C:\Users\Nick\Downloads\tweaking.com_registry_backup_setup.exe
2015-07-06 19:36 - 2015-07-06 19:36 - 00002270 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-07-06 19:36 - 2015-07-06 19:36 - 00000000 ____D C:\RegBackup
2015-07-06 19:36 - 2015-07-06 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-07-06 19:36 - 2015-07-06 19:36 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-07-06 15:20 - 2015-07-06 15:20 - 00000000 ____D C:\Users\Nick\AppData\Local\Atlassian
2015-07-06 15:19 - 2015-07-06 15:19 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HipChat
2015-07-06 15:19 - 2015-07-06 15:19 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Atlassian
2015-07-06 15:19 - 2015-07-06 15:19 - 00000000 ____D C:\Program Files (x86)\Atlassian
2015-07-06 15:18 - 2015-07-06 15:18 - 43982848 _____ C:\Users\Nick\Downloads\HipChat-2.2.1388-win32.msi
2015-07-06 14:56 - 2015-07-06 14:56 - 00001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
2015-07-06 14:56 - 2015-07-06 14:56 - 00000000 ____D C:\Program Files (x86)\Pidgin
2015-07-06 14:55 - 2015-07-06 14:55 - 09670472 _____ C:\Users\Nick\Downloads\pidgin-2.10.11.exe
2015-06-28 20:56 - 2015-06-28 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-28 20:55 - 2015-06-28 20:55 - 01476720 _____ C:\Users\Nick\Downloads\SteamSetup.exe
2015-06-28 19:57 - 2015-06-28 19:57 - 00332512 _____ C:\Windows\Minidump\062815-12183-01.dmp
2015-06-28 19:53 - 2015-07-08 23:37 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps
2015-06-22 19:20 - 2015-06-22 19:20 - 00000693 _____ C:\Users\Nick\AppData\Local\recently-used.xbel
2015-06-21 15:08 - 2015-06-21 15:08 - 26226479 _____ C:\Users\Nick\Downloads\Sun and Moon - Win (4).zip
2015-06-17 19:58 - 2015-06-17 19:58 - 05378177 _____ C:\Users\Nick\Downloads\p95v285.win64.zip
2015-06-17 18:38 - 2015-06-17 18:38 - 00000849 _____ C:\Users\Nick\Desktop\LatencyMon.lnk
2015-06-17 18:38 - 2015-06-17 18:38 - 00000837 _____ C:\Users\Nick\Desktop\In Depth Latency Tests.lnk
2015-06-17 18:38 - 2015-06-17 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2015-06-17 18:38 - 2015-06-17 18:38 - 00000000 ____D C:\Program Files\LatencyMon
2015-06-17 18:38 - 2013-10-21 12:26 - 00025504 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2015-06-17 18:37 - 2015-06-17 18:37 - 01956880 _____ (Resplendence Software Projects Sp. ) C:\Users\Nick\Downloads\LatencyMon.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 14:44 - 2014-09-19 23:34 - 00021638 _____ C:\Windows\setupact.log
2015-07-12 14:44 - 2013-01-21 13:12 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-12 14:44 - 2011-12-02 12:55 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Skype
2015-07-12 14:44 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 14:43 - 2011-05-08 13:18 - 01150168 _____ C:\Windows\WindowsUpdate.log
2015-07-12 14:28 - 2011-05-08 20:28 - 00000000 ____D C:\Users\Nick\AppData\Roaming\.purple
2015-07-12 13:50 - 2013-11-25 22:59 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001UA.job
2015-07-11 16:50 - 2013-11-25 22:59 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001Core.job
2015-07-09 09:28 - 2009-07-13 23:45 - 00020496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 09:28 - 2009-07-13 23:45 - 00020496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 09:26 - 2009-07-14 00:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-09 09:20 - 2014-09-19 23:34 - 00230286 _____ C:\Windows\PFRO.log
2015-07-09 01:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-07-08 23:50 - 2011-10-09 18:04 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-08 23:47 - 2013-01-05 19:41 - 00000000 ____D C:\ProgramData\InstallShield
2015-07-08 23:41 - 2011-05-08 13:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-08 23:32 - 2014-08-02 16:30 - 00000000 __SHD C:\Users\Nick\AppData\Local\EmieUserList
2015-07-08 23:32 - 2014-08-02 16:30 - 00000000 __SHD C:\Users\Nick\AppData\Local\EmieSiteList
2015-07-08 23:27 - 2013-03-12 12:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-08 23:26 - 2012-02-26 22:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-08 23:26 - 2011-05-08 13:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-08 23:26 - 2011-05-08 13:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-08 23:25 - 2011-11-18 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-08 22:53 - 2013-10-31 18:48 - 00001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-08 22:41 - 2009-07-13 23:45 - 00490176 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-08 22:36 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-08 22:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2015-07-08 22:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-07-08 22:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2015-07-08 22:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-08 22:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-08 22:27 - 2011-05-11 10:02 - 00774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-08 22:19 - 2013-09-20 22:06 - 00000000 ____D C:\Windows\system32\MRT
2015-07-08 22:14 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-08 22:02 - 2011-07-03 17:38 - 00000000 ____D C:\Users\Nick\Documents\My Games
2015-07-07 19:51 - 2011-08-29 23:14 - 00000000 ____D C:\Users\Nick\AppData\Local\Google
2015-07-07 16:52 - 2011-08-29 23:15 - 00002358 _____ C:\Users\Nick\Desktop\Google Chrome.lnk
2015-07-06 20:27 - 2012-03-31 17:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-06 19:57 - 2012-09-12 18:56 - 00000000 ____D C:\Users\Nick\AppData\Local\Spotify
2015-07-06 19:20 - 2012-09-12 18:56 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Spotify
2015-07-05 05:08 - 2010-11-20 22:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-28 21:27 - 2014-02-01 12:49 - 00000222 _____ C:\Users\Nick\Desktop\Starbound.url
2015-06-28 21:27 - 2012-03-31 17:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-28 21:27 - 2012-03-31 17:14 - 00003912 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-28 21:27 - 2011-06-07 19:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-28 21:13 - 2013-07-26 19:03 - 00000219 _____ C:\Users\Nick\Desktop\Dota 2.url
2015-06-28 21:02 - 2015-06-11 23:09 - 00000222 _____ C:\Users\Nick\Desktop\The Binding of Isaac Rebirth.url
2015-06-28 20:03 - 2011-05-08 13:32 - 00125424 _____ C:\Users\Nick\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-28 20:03 - 2009-07-14 00:08 - 00032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-28 19:58 - 2015-02-24 20:59 - 00164966 _____ C:\Windows\DPINST.LOG
2015-06-28 19:57 - 2012-09-18 22:10 - 00000000 ____D C:\Windows\Minidump
2015-06-28 19:55 - 2011-12-02 12:55 - 00000000 ____D C:\ProgramData\Skype
2015-06-27 13:59 - 2014-10-17 09:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-25 08:46 - 2014-12-25 23:18 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 06:36 - 2014-08-02 16:50 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 06:36 - 2014-08-02 16:50 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 06:36 - 2014-08-02 16:50 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-24 06:36 - 2014-08-02 16:50 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-22 18:32 - 2015-01-29 20:17 - 00000000 ____D C:\Users\Nick\AppData\Roaming\deluge
2015-06-18 08:09 - 2013-08-20 08:24 - 00000000 ____D C:\Users\Nick\AppData\Local\Battle.net

==================== Files in the root of some directories =======

2013-03-14 00:27 - 2013-03-14 00:27 - 0093015 _____ () C:\Users\Nick\AppData\Local\ars.cache
2013-03-14 00:27 - 2013-03-14 00:27 - 0174797 _____ () C:\Users\Nick\AppData\Local\census.cache
2011-10-01 18:02 - 2012-06-28 22:21 - 0045056 _____ () C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-13 22:39 - 2013-03-13 22:39 - 0000036 _____ () C:\Users\Nick\AppData\Local\housecall.guid.cache
2015-06-22 19:20 - 2015-06-22 19:20 - 0000693 _____ () C:\Users\Nick\AppData\Local\recently-used.xbel
2011-10-09 21:36 - 2012-09-17 23:36 - 0007613 _____ () C:\Users\Nick\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Nick\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph8x5tv.dll
C:\Users\Nick\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Nick\AppData\Local\Temp\nvStInst.exe
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nick\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 02:17

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Nick at 2015-07-12 14:45:33
Running from C:\Users\Nick\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-933702865-3488087127-4119853235-500 - Administrator - Disabled)
Guest (S-1-5-21-933702865-3488087127-4119853235-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-933702865-3488087127-4119853235-1002 - Limited - Enabled)
Nick (S-1-5-21-933702865-3488087127-4119853235-1001 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-933702865-3488087127-4119853235-1013 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
µTorrent (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cisco AnyConnect VPN Client (HKLM-x32\...\{28AAE6A5-B887-4E19-B06C-E367F3C43EDB}) (Version: 2.3.0185 - Cisco Systems, Inc.)
Combined Community Codec Pack 2013-03-25 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.03.25.0 - CCCP Project)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dell System Detect (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Dell System Detect (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - )
Dungeon Defenders Demo (HKLM-x32\...\Steam App 201680) (Version: - )
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.39.5101 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Chrome (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
HipChat (HKLM-x32\...\{1E58E3D7-8943-4BF1-BADD-BF471506B684}) (Version: 2.2.1388 - Atlassian Inc)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java(TM) 6 Update 35 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416035FF}) (Version: 6.0.350 - Oracle)
JavaFX 2.2.4 (HKLM-x32\...\{1111706F-666A-4037-7777-224328764D10}) (Version: 2.2.4 - Oracle Corporation)
join.me (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
join.me (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.11.1 - LG Electronics)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy ds3 driver version 0.5.0002 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0002 - www.motioninjoy.com)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
Music Manager (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\MusicManager) (Version: - Google, Inc.)
Music Manager (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\MusicManager) (Version: - Google, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.33.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Update (HKLM-x32\...\InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}) (Version: 3.00 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.82.0 - PS3 Media Server)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Spotify (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania 3.9b (remove only) (HKLM-x32\...\StepMania) (Version: - )
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
TigerGame Superjoy Box Series (HKLM-x32\...\TigerGame Superjoy Box Series) (Version: - )
TouchBIOS B11.1201.1 (HKLM-x32\...\{A2EBACDD-09BB-4894-AE25-7168DB3BFA7F}) (Version: 1.00.0000 - GIGABYTE)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 2.2.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.1 - The Wireshark developer community, http://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-933702865-3488087127-4119853235-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nick\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

09-07-2015 09:11:58 Pre Junkware Removal Tool
12-07-2015 02:05:43 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06847DE1-BE68-49ED-8E70-37A3FE317D8A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001UA => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {115AC79F-F3DE-4B13-AD59-7A8A06E8AF57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3D121B54-F28A-456C-B52E-5BE7CA7C7012} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001Core => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {59FB2BBF-9007-4978-B8CD-F2F413247931} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {5CB3BBA9-1CD9-4399-99BA-A6E89ED9CC1F} - System32\Tasks\{25ED3582-3C9E-49E6-8937-8BF5951D4455} => pcalua.exe -a C:\Users\Nick\Downloads\HECI\setup.exe -d C:\Users\Nick\Downloads\HECI
Task: {9FD375F7-8406-45D0-9C01-43D04F5A6308} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {A0EA8C16-038E-4CC5-93FA-235831516BD8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {BF54F4F5-B081-4070-A1A8-745508AAED8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {F7EA13F1-251D-4408-A713-DD652F26FFAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {F91E3C1C-BF31-46A2-9C16-1229E11A70A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {FA9D5B58-694A-4B57-849A-1823485916E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001Core.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-933702865-3488087127-4119853235-1001UA.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-08 23:26 - 2015-06-17 01:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-17 09:16 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-04 18:24 - 2015-02-04 18:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-03-17 06:01 - 2015-01-27 10:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-10-21 17:50 - 2011-10-21 17:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-14 00:49 - 2015-03-14 00:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-05-01 12:44 - 2015-06-24 06:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-17 06:01 - 2015-01-27 09:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-06-28 20:56 - 2015-04-16 12:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-28 20:56 - 2015-04-22 21:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-28 20:56 - 2015-06-04 13:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-28 20:56 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-28 20:56 - 2015-06-04 13:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-29 15:04 - 2015-05-29 15:04 - 00117248 _____ () C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-05-29 15:04 - 2015-05-29 15:04 - 00234496 _____ () C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-05-29 15:04 - 2015-05-29 15:04 - 00253440 _____ () C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-05-29 15:04 - 2015-05-29 15:04 - 00344064 _____ () C:\Users\Nick\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-05-19 21:29 - 2015-05-19 21:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-06-28 20:56 - 2015-05-11 14:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-03-03 20:44 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\Nick\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-933702865-3488087127-4119853235-1001\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-933702865-3488087127-4119853235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Nick\AppData\Local\Apps\2.0\WWLJNK9P.Z1N\DQQLT1RK.LZ8\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Nick\AppData\Local\Temp\utt46DD.tmp.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7AA6A0B8-B4B1-4264-99FE-2437633ADC84}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [{926FB89F-267D-4F2C-9F9C-96B059C6350D}] => (Allow) D:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{8D307F65-75D2-4D0A-8CA3-B7A7C1463ACD}D:\program files\winamp\winamp.exe] => (Allow) D:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{DBCE091D-F8EE-4E2F-A1CB-6DE5114460A8}D:\program files\winamp\winamp.exe] => (Allow) D:\program files\winamp\winamp.exe
FirewallRules: [{3125BCA4-56C5-4B21-BCBB-2BF56FE28A64}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{02C27C23-F9E6-4D9C-8389-43F4DF2344D3}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{617D952F-F0AF-49C2-A009-1322ADCCEC57}] => (Allow) LPort=3724
FirewallRules: [TCP Query User{54163F1C-D787-4187-B28B-DDE8C1F1BC9B}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{BB635D0A-0AEE-406B-96FB-BA7BD2CA35CF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{70469CB5-BA3C-490A-8BB3-0606EA922891}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{FC4AAA53-E9ED-4068-92CA-5FAE0ACBBCB7}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{319F537E-7AE2-4B7B-AA5F-8DE1B4265D84}D:\sysreset\mirc.exe] => (Allow) D:\sysreset\mirc.exe
FirewallRules: [UDP Query User{0F1814A6-97E9-446F-8FC7-6597797285AB}D:\sysreset\mirc.exe] => (Allow) D:\sysreset\mirc.exe
FirewallRules: [{5452394A-6D58-48A7-BD27-46CFECDC9F9D}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{053593BA-1AE0-484F-961A-04CF83D0A7D3}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{65C6CFD8-00FF-4CAA-8014-5E9DD92DB8D0}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D4EE98E5-1742-442A-95A8-5CCDB03D9FF8}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F018C837-ED60-46FC-B0C2-FB670BED3FB1}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{0C474E9D-7A0F-44AE-8C06-227423AB5F12}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{BBF79ECD-75C9-4A52-AECD-8D0B39D5FE5A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{27A3DAAA-8784-4D27-9F05-3256032FE02F}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{C9B7F39B-1ED6-4160-9120-AB9A1C2FC5DC}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{902373B0-A7A3-488D-BB8C-4E053140D7B1}] => (Allow) D:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{4DB9A497-7F8B-497B-8F18-FDD1C7CFA689}] => (Allow) D:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{92DD19F9-4305-4E97-9795-1D819E232068}] => (Allow) D:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{80E73E73-4C7F-4932-AAA4-4DB189930E91}] => (Allow) D:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe
FirewallRules: [{BBD15215-8FBD-487B-B082-8DF1D12601AD}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe
FirewallRules: [{6DAF3A04-3275-4242-B501-E1CA64AB530A}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\Binaries\MassEffect2.exe
FirewallRules: [{3BF08B38-FF34-41D4-9AB7-DA43ECC546C7}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe
FirewallRules: [{0FEE3F5D-7EDE-43B5-8EE4-056030C29FBB}] => (Allow) D:\Program Files\Steam\steamapps\common\mass effect 2\MassEffect2Launcher.exe
FirewallRules: [{6FE46AC9-5D03-455D-ABD6-C86F9A47F28A}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{0029D676-3955-4DA8-A464-B737DF8FE35C}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{5FD451BE-4EF7-4256-8912-6BD2832A1CC4}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{2C30D1C1-36FA-410F-A11E-2BDFDE7D22F7}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{421708E0-E506-4B43-A051-C5CA84C31AAC}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{4D79211F-3E69-4D7A-9850-DBFD43DFCD5C}] => (Allow) D:\Program Files\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{811E1FF2-2918-4E95-AD75-576A19D71CFF}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{41BA4319-676D-43F3-A606-D5D698B310A0}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{B920FBD7-6322-4623-9F94-FC8C48964BFF}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{66D1E05A-09E5-496A-A6FE-8CBFD56AA698}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders demo\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{531F1FE2-9014-49D2-95B0-011398155391}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{3ADE9C73-035B-4153-8280-3F05BF5B1C80}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\DAOriginsLauncher.exe
FirewallRules: [{FC5629BF-EAFD-4193-9842-06BA9B2CC2AF}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{7E0892E3-C9D0-4F3B-8888-2D42EE7FD3EC}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{336A00AA-71C7-4B75-BD07-6ABC4B8DD5AD}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{F2B47580-1638-4374-AF06-030100000F38}] => (Allow) D:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{96A95E09-5BB7-40F5-B480-0180DDE9EE3C}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{68FE19E2-5C22-4711-A90F-7D3C0C8C8823}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\Torchlight2.exe
FirewallRules: [{06EA9E12-F4B6-4819-9615-F01045F50685}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{FD104F85-2947-4C1F-889A-02624996EED8}] => (Allow) D:\Program Files\Steam\steamapps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{E2D3B94E-7AFE-49B4-BE72-B1FE197FF275}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{AAED2B17-3765-4B44-80B1-31A737B46146}] => (Allow) D:\Program Files\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{851F1990-3D0E-4A86-9E3A-9DBDC8E9A3AB}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{A814F35D-C94E-4289-B258-90D06CCABB2A}] => (Allow) D:\Program Files\Steam\steamapps\common\dungeon defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{FBB87DCC-7454-4741-8075-1D76155641EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{53F4B8F7-5522-4E13-8C68-BBB6015A70D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DFE82416-F482-44CE-A416-6D9A80337EEE}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{D1268EAF-3D40-4D7B-B4A1-0E25BF18E5F9}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{C3DEE63E-D0FD-491C-B09A-2E6349A1ECD9}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BD940288-6B81-453F-A617-C7BECEB61E0E}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{4AFE5596-789C-4F13-BAB2-466CC32934FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A6B6562B-2288-4404-9C27-12205F338C27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D07D49FD-D84C-4BB4-88D0-C7A26F370221}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52EF6003-9BF3-43BF-9122-B2984E791324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1DBEEF4E-ADBA-4B34-9DF4-5137EA6CB500}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{63D57C85-3817-40A8-A083-349D48031E7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DCEB3780-7C75-485C-BA90-3D91E5B158CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{68FDC97D-FF42-4EDF-8201-DDA10A621AF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A0AC361F-6537-4FE9-AD17-8D49A8D75DF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F021F918-96FE-4AB9-B53B-3712E0FAA501}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{188FE494-1FCF-4B38-84B9-74914F42F3AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21AAC1F0-119A-482D-8D19-D30D4CCB7349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3FD177FB-627F-4989-A2A0-F0E6D96EDF97}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{3A9EB43E-4A52-41C8-A432-56956DF353BA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C49EE13E-13C5-41FB-9DFE-7036B6568F81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0EFBFB2-57A6-48D8-8AE3-3B0E824C640A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B3812ACD-2E72-4A9F-8D3B-BB17A37C35E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{05C4D969-B0DB-4A5A-8F92-6D7143BA8C98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6BB3D1BF-45DA-493F-A6D1-5DCC80883F1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7D3D20E0-6C66-4D90-85C9-07779771F8CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BAFD6E2-CF6E-4F8A-BB32-C81999C235A0}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{E39422A4-BA84-4968-A9C6-79791596E21F}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{F2555453-69A8-4D62-B8D0-6F5558490622}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{305E0131-6EDA-44F3-A08F-48EF22293467}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BD0CAFBC-25B2-4AF8-A7F3-C97CF591A287}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{94BB03B9-F68A-4F75-9A52-C3C8105FE5BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EBF8AAA9-1C01-4D1D-9DB2-AC833C2BC737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A2568F9C-D7C1-44CE-9607-2E9CCACEF35A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D02B146E-C895-49C0-8B59-D10EA9CB25AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1333EEEB-2CA0-479C-AB2C-68B805184C2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{17470F9E-2A26-457A-9F01-DC454B98CBC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4BDE3F65-0155-4E9E-AAA2-4688DBEB6D07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30164245-476B-4ABF-8FE5-240C7322C138}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BDFF7EA6-59C6-4726-8F4C-5F75DA1BB45F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{21EBAEF0-6490-4234-AB7F-065E1232B2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BEA2572E-1522-4F85-98E1-53FDDADB53D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{74C739E3-E591-44A4-BC31-20409F85FE63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9618FCAD-E145-42BE-BA38-CC5675E96D23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B829BEED-5526-41E8-8E9F-5794BDC07BFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{30A78922-3F09-492A-8B83-EBDA956E7A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{521C1791-1FCA-428C-9346-93F41E2E932E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{228670EE-2166-4458-BEBF-B10922AA91CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{53C69B1C-8EEC-47AA-AE5D-3289101DA6B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{228A5B39-A8AE-4C9F-AB65-4C7CB6765ECB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC338EFE-F194-4A0D-8C14-33F0DBBDF2B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E23DFB1-DC3F-4677-B775-564A6B0CD340}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E087D21C-2F56-4DD5-B83F-256DD8AAC1DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC9B8EB1-2B86-4963-B020-54A29C341C3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9C988523-706F-4054-8A9C-32F7348D5593}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D822B51-E077-4E77-A1F4-F6F224BE1A24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B948FF19-0560-46B0-A3EB-5D8BAD3CDD1F}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{6FEAC59F-105A-4AA0-B19B-F1F443579D3A}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{3A2A9E06-BFF0-4CFA-BE22-549A525F42D0}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{C72D0A96-2061-418F-AE0F-40226BAA2858}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{BFA51BDD-3F6D-47AD-BFE4-C2D4CA8B47E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D15C20AD-773F-49A7-85D2-3BFA1E53840D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{02CB3F08-3B87-4C40-AF72-759B85C2AB5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5E4CC6A1-C7E5-4D66-AD4F-B60D6BE949CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E7C70136-71C5-409F-A045-CB7407742891}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{810A7BB5-742B-4036-BE25-8FE5B045574D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{07BEDD08-2F44-4D11-95D0-5B98B590F084}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{AACC54A1-689B-4830-A6C0-14DB27E9D396}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{4CD86D44-F2F5-4DA9-BC60-FFFC174FA524}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{55B1F1E6-5EB2-425F-AF4F-086DCE2B8CB3}] => (Allow) D:\Program Files\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{D7AA8422-5A1C-4AD9-A2BA-5E1B89F72904}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0D7180FD-4102-4DEC-BCBF-D0EA2DE53D75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03B5BA7B-D737-41C6-A99D-8AE34295E374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4E51CB80-4182-4F82-B75B-253B786102AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6B2846F7-D5EE-439A-A5C9-F4F011E9FD62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{154EB2A0-F202-4AB2-9873-DCDA09043906}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44F5CA1D-A838-4D67-A53D-87BFA497E6DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C061522-D2E4-4904-BB18-3CEA13DA6999}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D18A2BB0-519E-4D5C-B1F1-70080DDCB717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DAFAE876-8DB7-46B0-945A-C475FF32A9C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{800978A9-BDEC-45C6-8B4E-937213EB91C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FA9864D6-622D-4B78-93A1-952B801CA6C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{07B63234-A692-4D52-AFC3-282CD05B3B63}] => (Allow) D:\Program Files\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{7C41819E-878C-4E4A-90F0-6550A826EDB9}] => (Allow) D:\Program Files\Steam\steamapps\common\Source SDK Base\hl2.exe
FirewallRules: [{33B3B32B-6BFB-4AFD-B3CF-75926A7BF95E}] => (Allow) D:\Program Files\Steam\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{72639B92-2E3E-48DD-A774-1699AFF3C6F5}] => (Allow) D:\Program Files\Steam\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{63129C2D-A9ED-486D-9985-9ADA77A4B6B7}] => (Allow) D:\Program Files\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{28EF2CC7-5C4A-4A34-977A-6D43437A32EC}] => (Allow) D:\Program Files\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{1066871E-A376-4695-807D-4C8EA5893031}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{69CB9BAF-A211-4A4A-A9A3-409D49637A64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{37A1934E-F5F9-4346-B4A5-27F0A2BE6CF9}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{25F722A9-29E1-4E36-8281-6B2197F7D498}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E852111-4903-4BB3-99CA-7BF4754B9E56}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1F76B5CA-8E7F-46CB-9472-6F58A3494CFF}] => (Allow) D:\Program Files\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{17FD8A91-82E5-41C4-9332-E4FA3EB14314}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{14663198-3ABB-4EAD-AC7B-70F141F8D16D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2CD6E673-AB3A-4AD3-85F3-D853D2FB6310}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{68F9602F-D276-4734-AD2A-9C306788A714}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{373988CF-8CBB-4E3D-9FFC-18FFB0802A10}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{6345E56C-618F-4AD3-8564-91D7A6338256}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{B161D2F0-F3BD-423A-BA0A-BF840BBC770D}] => (Allow) D:\Program Files\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{DAC3C5D5-3838-4F88-B083-BE9882E964CE}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\DAOrigins.exe
FirewallRules: [{515ED292-88BF-42BE-9E6B-1824D01E4C48}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\DAOrigins.exe
FirewallRules: [{E47B9290-BD4E-441D-A406-5B99C351502A}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{D7CA3C50-97E4-4910-B98E-E295247C72C4}] => (Allow) D:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{EEFA0C20-4495-4C30-99B5-FB4EFF2411E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB2F0043-03A4-4B9A-A127-4BF1E810F005}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5228211D-2256-4609-B1DD-1575A581B6A1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D8A959BE-BBB5-4F6E-8B55-56B6F06FC723}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{573FED78-7C34-461D-981B-F6354D278ED9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{68D1A5FE-31D2-4EB0-BAC7-740F0FFADC12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{214D23A3-07CA-4329-BC1A-C79C5A90E83C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{01AC6DA2-A84F-4174-AE4A-E246CD0D9574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{5F384CC5-F288-4A16-A62D-A0990F8B658F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5589AC7D-B9DE-4F70-A853-69A66D482F28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{880A0C53-BEA9-4C59-8AC6-C74CD7FF0CA9}] => (Allow) D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{E572AAEA-08F4-4957-B4FF-DE6A7CA58730}] => (Allow) D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{5B5A63CF-3F5B-442D-AD28-B986D57EEC0E}] => (Allow) D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{D42FB863-C02A-4539-90F6-C0035185234B}] => (Allow) D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2015 09:22:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 11:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 11:37:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Faulting module name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Exception code: 0xc0000005
Fault offset: 0x00b146d7
Faulting process id: 0xbb4
Faulting application start time: 0xffxiv.exe0
Faulting application path: ffxiv.exe1
Faulting module path: ffxiv.exe2
Report Id: ffxiv.exe3

Error: (07/08/2015 11:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Faulting module name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Exception code: 0xc0000005
Fault offset: 0x00b146d7
Faulting process id: 0x1230
Faulting application start time: 0xffxiv.exe0
Faulting application path: ffxiv.exe1
Faulting module path: ffxiv.exe2
Report Id: ffxiv.exe3

Error: (07/08/2015 11:36:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Faulting module name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Exception code: 0xc0000005
Fault offset: 0x0000000000da0779
Faulting process id: 0x1df8
Faulting application start time: 0xffxiv_dx11.exe0
Faulting application path: ffxiv_dx11.exe1
Faulting module path: ffxiv_dx11.exe2
Report Id: ffxiv_dx11.exe3

Error: (07/08/2015 11:35:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Faulting module name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Exception code: 0xc0000005
Fault offset: 0x0000000000da0779
Faulting process id: 0xdec
Faulting application start time: 0xffxiv_dx11.exe0
Faulting application path: ffxiv_dx11.exe1
Faulting module path: ffxiv_dx11.exe2
Report Id: ffxiv_dx11.exe3

Error: (07/08/2015 11:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GFExperience.exe version 2.4.5.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 670

Start Time: 01d0b9ff0c842cf1

Termination Time: 46

Application Path: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Report Id:

Error: (07/08/2015 11:33:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 43.0.2357.132 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bf4

Start Time: 01d0b9ff017e5bdf

Termination Time: 3

Application Path: C:\Users\Nick\AppData\Local\Google\Chrome\Application\chrome.exe

Report Id: 9d41b413-25f3-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:22:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Faulting module name: ffxiv_dx11.exe, version: 1.0.0.0, time stamp: 0x55997713
Exception code: 0xc0000005
Fault offset: 0x0000000000da0779
Faulting process id: 0x4a4
Faulting application start time: 0xffxiv_dx11.exe0
Faulting application path: ffxiv_dx11.exe1
Faulting module path: ffxiv_dx11.exe2
Report Id: ffxiv_dx11.exe3

Error: (07/08/2015 11:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Faulting module name: ffxiv.exe, version: 1.0.0.0, time stamp: 0x55997639
Exception code: 0xc0000005
Fault offset: 0x00b146d7
Faulting process id: 0x19f0
Faulting application start time: 0xffxiv.exe0
Faulting application path: ffxiv.exe1
Faulting module path: ffxiv.exe2
Report Id: ffxiv.exe3


System errors:
=============
Error: (07/12/2015 02:44:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (07/09/2015 09:20:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (07/09/2015 09:19:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 3 time(s).

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 2 time(s).

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Block Level Backup Engine Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Virtual Disk service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/09/2015 09:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office:
=========================
Error: (07/09/2015 09:22:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 11:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 11:37:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv.exe1.0.0.055997639ffxiv.exe1.0.0.055997639c000000500b146d7bb401d0ba00ffdccdf6D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe3e724548-25f4-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv.exe1.0.0.055997639ffxiv.exe1.0.0.055997639c000000500b146d7123001d0ba00ea9987d2D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exe294b130e-25f4-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:36:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv_dx11.exe1.0.0.055997713ffxiv_dx11.exe1.0.0.055997713c00000050000000000da07791df801d0ba00d485cf41D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exe13728f9a-25f4-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:35:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv_dx11.exe1.0.0.055997713ffxiv_dx11.exe1.0.0.055997713c00000050000000000da0779dec01d0ba00bb5f4cebD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exefabad643-25f3-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GFExperience.exe2.4.5.5767001d0b9ff0c842cf146C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Error: (07/08/2015 11:33:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe43.0.2357.1321bf401d0b9ff017e5bdf3C:\Users\Nick\AppData\Local\Google\Chrome\Application\chrome.exe9d41b413-25f3-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:22:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv_dx11.exe1.0.0.055997713ffxiv_dx11.exe1.0.0.055997713c00000050000000000da07794a401d0b9fee861ebceD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv_dx11.exe272e526e-25f2-11e5-ac9d-50e54942f5c4

Error: (07/08/2015 11:21:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ffxiv.exe1.0.0.055997639ffxiv.exe1.0.0.055997639c000000500b146d719f001d0b9febf860886D:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exeD:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\game\ffxiv.exefdcc4d3f-25f1-11e5-ac9d-50e54942f5c4


CodeIntegrity Errors:
===================================
Date: 2012-02-11 21:04:04.982
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-02-11 21:04:04.973
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8109.18 MB
Available physical RAM: 6106.39 MB
Total Virtual: 16216.57 MB
Available Virtual: 14070.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:21.58 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:907.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: B34EDF65)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0CA9D105)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
Curie
2015-07-13, 21:35
Hello nashtarl.

Yes, Adblock and Fauxbar are legitimate browser plugins.

STEP 1
http://i.imgur.com/xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

Press the Windows Key http://i.imgur.com/pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
Copy the entire contents of the codebox below and paste into the Notepad document.

start
CreateRestorePoint:
HKU\S-1-5-21-933702865-3488087127-4119853235-1013\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\UpdatusUser\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=b5c60ffc732747d38f11d1e59efdb07f-2f0cec7c885f6edd3fb158d407185069992b169a /CMPID=1113a
C:\Users\UpdatusUser\AppData\Roaming\AVG 1113a Campaign
EmptyTemp:
end
Click File, Save As and type fixlist.txt as the File Name.
Important: The file must be saved in the same location as FRST64.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.


Right-Click FRST64.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Click Fix.
A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

STEP 2
http://i.imgur.com/GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.


Please download ESET Online Scan (http://download.eset.com/special/eos/esetsmartinstaller_enu.exe) and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
Double-click esetsmartinstaller_enu.exe to run the programme.
Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
Agree to the Terms of Use once more and click Start. Allow components to download.
Place a checkmark next to Enable detection of potentially unwanted applications.
Click Advanced settings. Place a checkmark next to:

Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology


Ensure Remove found threats is unchecked.
Click Start.
Wait for the scan to finish. Please be patient as this can take some time.
Upon completion, click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png. If no threats were found, skip the next two bullet points.
Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
Push the Back button.
Place a checkmark next to http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

======================================================

STEP X
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.



Fixlog.txt by FRST
ESET log
Are there any outstanding issues?
Curie
2015-07-16, 08:32
Hi nastharl. Are you still with me?
Curie
2015-07-17, 21:50
Due to lack of feedback I will no longer be monitoring this thread.
If you need further help in the future, please start a new topic.
tashi
2015-07-18, 03:26
Thank you Curie. :)