Inactive Bad Image - Malware/Virus

TheSaiyan · Oct 6, 2014

I'm damn near pulling my hair out scouring different topics and solutions for curing this but to no avail. Was hoping for some assistance.

Broni · Oct 6, 2014

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

TheSaiyan · Oct 6, 2014

Thank you! I've run the MBAM scan and found that there were two threats. They were removed and I restarted. My Avast scan is now running, however, before I put this to run I was trying to get DDS downloaded, and when I ran it, it read: "This program was not meant to run in compatibility mode" and exited.

TheSaiyan · Oct 6, 2014

The following is the log from the MBAM scan:
(Quick note, my notepad is no longer working)

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014-10-07
Scan Time: 12:12:42 AM
Logfile: scan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.07.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: marc__000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350376
Time Elapsed: 9 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Somoto, C:\Users\marc__000\AppData\Local\Temp\nsb1D7.tmp, Quarantined, [0ed023ee2656290d4ef2d4d943be6898],
PUP.Optional.Somoto, C:\Users\marc__000\AppData\Local\Temp\bitool.dll, Quarantined, [3f9f040d245885b1c83b5f0732d006fa],

Physical Sectors: 0
(No malicious items detected)

(end)

Broni · Oct 6, 2014

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download

Malwarebytes Anti-Rootkit to your desktop.

Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Double click on downloaded file. OK self extracting prompt.
MBAR will start. Click "Next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
- "mbar-log-{date} (xx-xx-xx).txt"
- "system-log.txt"

TheSaiyan · Oct 7, 2014

RogueKiller logs, about to start the malwarebytes Anti-rootkit steps

RogueKiller V9.3.0.0 [Oct 6 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : marc__000 [Admin rights]
Mode : Remove -- Date : 10/07/2014 01:01:44

¤¤¤ Bad processes : 1 ¤¤¤
[Suspicious.Path] hola_plugin_x64.exe -- C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe[7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 140.184.120.33 140.184.120.30 140.184.120.31 140.184.1.21 140.184.1.22 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 140.184.120.33 140.184.120.30 140.184.120.31 140.184.1.21 140.184.1.22 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9C1B66DE-799C-49C4-96A4-0549F207D79B} | DhcpNameServer : 140.184.120.33 140.184.120.30 140.184.120.31 140.184.1.21 140.184.1.22 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C4C75A03-4F99-486D-A16F-39BA9C47B4FD} | DhcpNameServer : 140.184.1.21 140.184.1.22 140.184.120.30 140.184.120.31 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9C1B66DE-799C-49C4-96A4-0549F207D79B} | DhcpNameServer : 140.184.120.33 140.184.120.30 140.184.120.31 140.184.1.21 140.184.1.22 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C4C75A03-4F99-486D-A16F-39BA9C47B4FD} | DhcpNameServer : 140.184.1.21 140.184.1.22 140.184.120.30 140.184.120.31 -> NOT SELECTED
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NOT SELECTED
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10S21X-24R1BT0-SSHD-8GB +++++
--- User ---
[MBR] b8ba3e1bfe485b9e234ee2e4a806a5b3
[BSP] 60a67551c3882c1e96079ebca23cb91c : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_10072014_010118.log

TheSaiyan · Oct 7, 2014

Mbar Logs:

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.07.02

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17278
marc__000 :: ULTIMECIA [administrator]

2014-10-07 1:06:00 AM
mbar-log-2014-10-07 (01-06-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 350844
Time elapsed: 10 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

And

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17278

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 17087881216, free: 12175970304

Downloaded database version: v2014.10.07.02
Downloaded database version: v2014.09.19.01
Initializing...
======================
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 796B02F8

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1827436153
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 72b3b736-5f13-45c6-ac48-b4b0705e3391
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 1827436153
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 72b3b736-5f13-45c6-ac48-b4b0705e3391
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128

Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 2f6c6420-4785-456c-aece-448792aaf217
FirstLBA 2048 Last LBA 2050047
Attributes 1
Partition Name Basic data partition

Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID ea39b8c8-b86a-4533-9fda-295fc44159d
FirstLBA 2050048 Last LBA 2582527
Attributes 1
Partition Name EFI system partition

GPT Partition 1 is bootable
Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22
Partition ID d371fc30-ecd4-4aea-a111-6163a4d6f49a
FirstLBA 2582528 Last LBA 4630527
Attributes 1
Partition Name Basic data partition

Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 7cee61b-db13-44c1-b456-1c874c27830
FirstLBA 4630528 Last LBA 4892671
Attributes 0
Partition Name Microsoft reserved partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID b012f44b-8de1-4af0-9424-98dfb1251af
FirstLBA 4892672 Last LBA 1866909695
Attributes 0
Partition Name Basic data partition

Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 998e8c10-3915-4951-b3ba-68fa6dc7c12f
FirstLBA 1866909696 Last LBA 1919338495
Attributes 0
Partition Name Basic data partition

Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID af5297f5-8fd-48b8-9e3c-f6addbc7f22b
FirstLBA 1919338496 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Broni · Oct 7, 2014

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

TheSaiyan · Oct 7, 2014

AdwCleaner, Onto the next one:

# AdwCleaner v3.311 - Report created 07/10/2014 at 01:23:02
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : marc__000 - ULTIMECIA
# Running from : C:\Users\marc__000\Downloads\adwcleaner_3.311(1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\prefs.js ]

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1182 octets] - [06/10/2014 23:40:43]
AdwCleaner[R1].txt - [1185 octets] - [06/10/2014 23:51:56]
AdwCleaner[R2].txt - [1249 octets] - [07/10/2014 01:21:44]
AdwCleaner[S0].txt - [1251 octets] - [06/10/2014 23:42:03]
AdwCleaner[S1].txt - [1172 octets] - [07/10/2014 01:23:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1232 octets] ##########

TheSaiyan · Oct 7, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 8.1 x64
Ran by marc__000 on 2014-10-07 at 1:27:45.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"

~~~ FireFox

Successfully deleted: [File] C:\Users\marc__000\AppData\Roaming\mozilla\firefox\profiles\r31jvotx.default\searchplugins\youtube-video-search.xml
Successfully deleted the following from C:\Users\marc__000\AppData\Roaming\mozilla\firefox\profiles\r31jvotx.default\prefs.js

user_pref("browser.search.useDBForOrder", true);
Emptied folder: C:\Users\marc__000\AppData\Roaming\mozilla\firefox\profiles\r31jvotx.default\minidumps [2 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-10-07 at 1:33:53.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TheSaiyan · Oct 7, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by marc__000 (administrator) on ULTIMECIA on 07-10-2014 01:35:06
Running from C:\Users\marc__000\Downloads
Loaded Profile: marc__000 (Available profiles: marc__000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\SysWOW64\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Dropbox, Inc.) C:\Users\marc__000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hola Networks Ltd.) C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\extensions\jid1-4P0kohSJxU1qGg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Thisisu) C:\Users\marc__000\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Farbar) C:\Users\marc__000\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-07-05] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-07-05] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-18] (Electronic Arts)
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\MountPoints2: {e5aa175d-30b5-11e4-825b-e82aeab5644e} - "E:\setup.exe"
Startup: C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKLM - {9F0CFFBB-8C1F-4010-8A49-0737AC29B731} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - {9F0CFFBB-8C1F-4010-8A49-0737AC29B731} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - {9F0CFFBB-8C1F-4010-8A49-0737AC29B731} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 140.184.1.21 140.184.1.22 140.184.120.30 140.184.120.31

FireFox:
========
FF ProfilePath: C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default
FF DefaultSearchEngine: YouTube Video Search
FF SelectedSearchEngine: YouTube Video Search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Hola Better Internet - C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-10-06]
FF Extension: YouTube Center - C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-09-04]
FF Extension: Linkification - C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2014-09-01]
FF Extension: ReloadEvery - C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-10-07]
FF Extension: Adblock Plus - C:\Users\marc__000\AppData\Roaming\Mozilla\Firefox\Profiles\r31jvotx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-21]
CHR Extension: (Google Docs) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (YouTube) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-21]
CHR Extension: (Google Search) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-21]
CHR Extension: (Google Sheets) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (avast! Online Security) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-21]
CHR Extension: (Google Wallet) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-21]
CHR Extension: (Gmail) - C:\Users\marc__000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-31] (AVAST Software)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-14] (ELAN Microelectronics Corp.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-16] (NVIDIA Corporation)
R2 iBtSiva; c:\windows\syswow64\ibtsiva.exe [121288 2014-03-10] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-07-05] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-07-05] (Lenovo(beijing) Limited)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-16] () [File not signed]
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [0 2014-09-16] () [File not signed]
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
S2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] () [File not signed]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2014-09-08] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [0 2014-04-14] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
S2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [X]
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-31] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-01] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronic Corp.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [0 2013-10-18] () [File not signed]
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-16] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] () [File not signed]
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-23] (Realsil Semiconductor Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-07] ()
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 01:35 - 2014-10-07 01:35 - 00026766 _____ () C:\Users\marc__000\Downloads\FRST.txt
2014-10-07 01:34 - 2014-10-07 01:35 - 00000000 ____D () C:\FRST
2014-10-07 01:34 - 2014-10-07 01:34 - 02109952 _____ (Farbar) C:\Users\marc__000\Downloads\FRST64(1).exe
2014-10-07 01:33 - 2014-10-07 01:33 - 00001148 _____ () C:\Users\marc__000\Desktop\JRT.txt
2014-10-07 01:29 - 2014-10-07 01:29 - 00000000 ____D () C:\Users\marc__000\AppData\Local\CrashDumps
2014-10-07 01:27 - 2014-10-07 01:27 - 01705141 _____ (Thisisu) C:\Users\marc__000\Downloads\JRT.exe
2014-10-07 01:27 - 2014-10-07 01:27 - 00000000 ____D () C:\windows\ERUNT
2014-10-07 01:21 - 2014-10-07 01:21 - 01375089 _____ () C:\Users\marc__000\Downloads\adwcleaner_3.311(1).exe
2014-10-07 01:05 - 2014-10-07 01:16 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-07 01:04 - 2014-10-07 01:16 - 00000000 ____D () C:\Users\marc__000\Desktop\mbar
2014-10-07 01:04 - 2014-10-07 01:04 - 14349744 _____ (Malwarebytes Corp.) C:\Users\marc__000\Downloads\mbar-1.07.0.1012.exe
2014-10-07 00:55 - 2014-10-07 00:55 - 04910680 _____ () C:\Users\marc__000\Downloads\RogueKiller.exe
2014-10-07 00:51 - 2014-10-07 00:51 - 00001261 _____ () C:\Users\marc__000\Documents\scan.txt
2014-10-07 00:45 - 2014-10-07 00:45 - 00688992 _____ (Swearware) C:\Users\marc__000\Downloads\dds.scr
2014-10-07 00:45 - 2014-10-07 00:45 - 00688992 _____ (Swearware) C:\Users\marc__000\Downloads\dds.com
2014-10-07 00:45 - 2014-10-07 00:45 - 00688992 _____ (Swearware) C:\Users\marc__000\Downloads\dds(1).com
2014-10-07 00:19 - 2014-10-07 00:19 - 05582981 _____ (Swearware) C:\Users\marc__000\Downloads\ComboFix(1).exe
2014-10-07 00:18 - 2014-10-07 00:18 - 05582481 _____ (Swearware) C:\Users\marc__000\Downloads\ComboFix.exe
2014-10-07 00:12 - 2014-10-07 01:26 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-07 00:11 - 2014-10-07 01:05 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-07 00:11 - 2014-10-07 00:11 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-07 00:11 - 2014-10-07 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-07 00:11 - 2014-10-07 00:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 00:11 - 2014-10-07 00:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-07 00:11 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-07 00:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-07 00:10 - 2014-10-07 00:10 - 02109952 _____ (Farbar) C:\Users\marc__000\Downloads\FRST64.exe
2014-10-07 00:08 - 2014-10-07 00:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\marc__000\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-07 00:08 - 2014-10-07 00:08 - 00000000 _____ () C:\autoexec.bat
2014-10-07 00:07 - 2014-10-07 00:14 - 00000000 ____D () C:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-07 00:07 - 2014-10-07 00:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-07 00:02 - 2014-10-07 00:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\marc__000\Downloads\SpyHunter-Installer.exe
2014-10-06 23:57 - 2014-10-07 00:56 - 00034808 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-10-06 23:57 - 2014-10-06 23:57 - 05491800 _____ () C:\Users\marc__000\Downloads\RogueKillerX64.exe
2014-10-06 23:57 - 2014-10-06 23:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\marc__000\Downloads\tdsskiller.exe
2014-10-06 23:57 - 2014-10-06 23:57 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-06 23:56 - 2014-10-06 23:57 - 00003884 _____ () C:\Users\marc__000\Desktop\Rkill.txt
2014-10-06 23:56 - 2014-10-06 23:56 - 00000000 ____D () C:\Users\marc__000\Desktop\rkill
2014-10-06 23:55 - 2014-10-06 23:55 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\marc__000\Downloads\rkill.exe
2014-10-06 23:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-10-06 23:40 - 2014-10-07 01:23 - 00000000 ____D () C:\AdwCleaner
2014-10-06 23:39 - 2014-10-06 23:40 - 01375089 _____ () C:\Users\marc__000\Downloads\adwcleaner_3.311.exe
2014-10-06 23:19 - 2014-10-06 23:19 - 00000017 _____ () C:\Users\marc__000\AppData\Local\resmon.resmoncfg
2014-10-06 22:42 - 2014-10-06 22:42 - 00000000 ____D () C:\Users\marc__000\Downloads\Castlevania.Lords.of.Shadow.2.Update1.incl.DLC-CODEX
2014-10-06 22:24 - 2014-10-06 22:24 - 319671744 _____ (NVIDIA Corporation) C:\Users\marc__000\Downloads\344.11-notebook-win8-win7-64bit-international-whql(1).exe
2014-10-06 22:19 - 2014-10-06 22:19 - 00000000 ____D () C:\Users\marc__000\Documents\MercurySteam
2014-10-06 22:14 - 2014-10-06 22:14 - 00889416 _____ (Microsoft Corporation) C:\Users\marc__000\Downloads\dotNetFx40_Full_setup(1).exe
2014-10-06 22:13 - 2014-10-06 22:13 - 05073240 _____ (Microsoft Corporation) C:\Users\marc__000\Downloads\vcredist_x86.exe
2014-10-06 22:09 - 2014-10-06 22:09 - 00292184 _____ (Microsoft Corporation) C:\Users\marc__000\Downloads\dxwebsetup.exe
2014-10-06 21:54 - 2014-10-06 21:57 - 00000000 ____D () C:\Program Files (x86)\MotionInJoy
2014-10-06 21:48 - 2014-10-06 23:38 - 00000000 ____D () C:\Program Files (x86)\Castlevania Lords of Shadow 2
2014-10-06 21:32 - 2014-10-06 21:34 - 29293656 _____ () C:\Users\marc__000\Downloads\Castlevania.vol03+04.PAR2
2014-10-06 21:32 - 2014-10-06 21:32 - 14665084 _____ () C:\Users\marc__000\Downloads\Castlevania.vol01+02.PAR2
2014-10-06 21:31 - 2014-10-06 21:32 - 07332580 _____ () C:\Users\marc__000\Downloads\Castlevania.vol00+01.PAR2
2014-10-06 20:39 - 2014-10-06 20:39 - 00002400 _____ () C:\Users\marc__000\Downloads\Castlevania.Lords.of.Shadow.2.AricoVert.1.nfo
2014-10-06 20:35 - 2014-10-06 20:39 - 81457275 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part65.rar
2014-10-06 20:32 - 2014-10-06 20:36 - 104857600 _____ () C:\Users\marc__000\Downloads\CASTLEVANIA LORDS OF SHADOW 2.PART64.RAR
2014-10-06 20:28 - 2014-10-06 20:33 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part63.rar
2014-10-06 20:23 - 2014-10-06 20:29 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part62.rar
2014-10-06 20:19 - 2014-10-06 20:24 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part61.rar
2014-10-06 20:14 - 2014-10-06 20:19 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part60.rar
2014-10-06 20:10 - 2014-10-06 20:15 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part59.rar
2014-10-06 20:05 - 2014-10-06 20:10 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part58.rar
2014-10-06 20:02 - 2014-10-06 20:05 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part57.rar
2014-10-06 19:58 - 2014-10-06 20:02 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part56.rar
2014-10-06 19:55 - 2014-10-06 19:59 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part55.rar
2014-10-06 19:51 - 2014-10-06 19:55 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part54.rar
2014-10-06 19:29 - 2014-10-06 19:51 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part53.rar
2014-10-06 19:25 - 2014-10-06 19:32 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part52.rar
2014-10-06 19:22 - 2014-10-06 19:25 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part51.rar
2014-10-06 19:21 - 2014-10-06 19:22 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part50.rar
2014-10-06 19:19 - 2014-10-06 19:21 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part49.rar
2014-10-06 19:17 - 2014-10-06 19:20 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part48.rar
2014-10-06 19:16 - 2014-10-06 19:17 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part47.rar
2014-10-06 19:14 - 2014-10-06 19:16 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part46.rar
2014-10-06 19:12 - 2014-10-06 19:14 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part45.rar
2014-10-06 19:09 - 2014-10-06 19:09 - 00000000 __SHD () C:\found.000
2014-10-06 18:59 - 2014-10-06 19:02 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part44.rar
2014-10-06 18:57 - 2014-10-06 19:00 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part43.rar
2014-10-06 18:56 - 2014-10-06 18:57 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part42.rar
2014-10-06 18:55 - 2014-10-06 18:56 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part41.rar
2014-10-06 18:54 - 2014-10-06 18:55 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part40.rar
2014-10-06 18:53 - 2014-10-06 18:55 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part39.rar
2014-10-06 18:52 - 2014-10-06 18:55 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part37.rar
2014-10-06 18:52 - 2014-10-06 18:54 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part38.rar
2014-10-06 18:51 - 2014-10-06 18:53 - 104857600 _____ () C:\Users\marc__000\Downloads\CASTLEVANIA LORDS OF SHADOW 2.PART36.RAR
2014-10-06 18:50 - 2014-10-06 18:52 - 104857600 _____ () C:\Users\marc__000\Downloads\CASTLEVANIA LORDS OF SHADOW 2.PART35.RAR
2014-10-06 18:48 - 2014-10-06 18:52 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part34.rar
2014-10-06 18:46 - 2014-10-06 18:49 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part33.rar
2014-10-06 18:44 - 2014-10-06 18:46 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part32.rar
2014-10-06 18:42 - 2014-10-06 18:45 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part31.rar
2014-10-06 18:40 - 2014-10-06 18:42 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part30.rar
2014-10-06 18:31 - 2014-10-06 18:35 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part29.rar
2014-10-06 18:28 - 2014-10-06 18:32 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part28.rar
2014-10-06 18:24 - 2014-10-06 18:29 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part27.rar
2014-10-06 18:19 - 2014-10-06 18:25 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part26.rar
2014-10-06 18:15 - 2014-10-06 18:20 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part25.rar
2014-10-06 18:11 - 2014-10-06 18:16 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part24.rar
2014-10-06 18:09 - 2014-10-06 18:11 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part23.rar
2014-10-06 18:07 - 2014-10-06 18:09 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part22.rar
2014-10-06 18:05 - 2014-10-06 18:07 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part21.rar
2014-10-06 18:03 - 2014-10-06 18:06 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part20.rar
2014-10-06 18:01 - 2014-10-06 18:04 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part19.rar
2014-10-06 18:00 - 2014-10-06 18:02 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part18.rar
2014-10-06 17:59 - 2014-10-06 18:01 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part17.rar
2014-10-06 17:56 - 2014-10-06 17:59 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part16.rar
2014-10-06 17:55 - 2014-10-06 17:57 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part15.rar
2014-10-06 17:54 - 2014-10-06 17:55 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part14.rar
2014-10-06 17:53 - 2014-10-06 17:54 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part13.rar
2014-10-06 17:52 - 2014-10-06 17:53 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part12.rar
2014-10-06 17:50 - 2014-10-06 17:52 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part11.rar
2014-10-06 17:48 - 2014-10-06 17:50 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part10.rar
2014-10-06 17:47 - 2014-10-06 17:49 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part09.rar
2014-10-06 17:45 - 2014-10-06 17:47 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part08.rar
2014-10-06 17:44 - 2014-10-06 17:46 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part07.rar
2014-10-06 17:42 - 2014-10-06 17:44 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part06.rar
2014-10-06 17:41 - 2014-10-06 17:42 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part05.rar
2014-10-06 17:40 - 2014-10-06 17:42 - 104855508 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part04.rar
2014-10-06 17:39 - 2014-10-06 17:40 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part03.rar
2014-10-06 17:38 - 2014-10-06 17:39 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part02.rar
2014-10-06 17:37 - 2014-10-06 17:39 - 104857600 _____ () C:\Users\marc__000\Downloads\Castlevania Lords of Shadow 2.part01.rar
2014-10-06 17:37 - 2014-10-06 17:37 - 00036512 _____ () C:\Users\marc__000\Downloads\Castlevania.par2
2014-10-06 03:41 - 2014-10-06 03:51 - 00000000 ____D () C:\Program Files (x86)\R.G. Mechanics
2014-10-06 02:57 - 2014-10-06 02:59 - 00000000 ____D () C:\Users\marc__000\Downloads\Castlevania.Lords Of Shadow 2.v 1.0.0.1 + 3 DLC.(2014).Repack
2014-10-06 02:44 - 2014-10-06 03:32 - 00000000 ____D () C:\Users\marc__000\Downloads\[R.G. Mechanics] Castlevania - Lords of Shadow 2
2014-10-06 02:44 - 2014-10-06 03:21 - 00000000 ____D () C:\Users\marc__000\Downloads\Castlevania.Lords.of.Shadow.2-RELOADED
2014-10-06 02:42 - 2014-10-06 02:47 - 00000000 ____D () C:\Users\marc__000\Downloads\!RnE - 2014.10.06 02.42.14 - Castlevania
2014-10-06 02:35 - 2014-10-06 02:35 - 00002400 _____ () C:\Users\marc__000\Downloads\Castlevania.Lords.of.Shadow.2.AricoVert.nfo
2014-10-05 23:29 - 2014-10-05 23:29 - 00000222 _____ () C:\Users\marc__000\Desktop\Zombies Monsters Robots.url
2014-10-05 19:52 - 2014-10-05 19:52 - 00455078 _____ () C:\Users\marc__000\Documents\SMUCS General Meeting.pptx
2014-10-05 02:22 - 2014-10-05 02:22 - 03853026 _____ () C:\Users\marc__000\Downloads\BARC0DE.NZB
2014-10-05 02:22 - 2014-10-05 02:22 - 00002340 _____ () C:\Users\marc__000\Downloads\BARC0DE.nfo
2014-10-04 18:42 - 2014-10-04 18:43 - 46244731 _____ () C:\Users\marc__000\Downloads\Edge of Spider-Verse 004 (2014) (Digital) (Darkness-Empire).cbr
2014-10-04 17:37 - 2014-10-04 17:52 - 00000000 ____D () C:\Users\marc__000\Downloads\!RnE - 2014.10.04 17.37.45 - 500.Days.of.Summer.2009.MULTi.1080p.BluRay.x264.DTS-FiDELiO
2014-10-02 23:10 - 2014-10-02 23:16 - 00000000 ____D () C:\Users\marc__000\Downloads\Childish Gambino- STN MTN-Kauai
2014-10-02 17:03 - 2014-10-02 17:03 - 00000000 ____D () C:\Users\marc__000\Documents\WB Games
2014-10-02 16:43 - 2014-10-02 16:43 - 00000000 ____D () C:\Users\marc__000\uname
2014-10-02 16:18 - 2014-10-02 16:18 - 00001305 _____ () C:\Users\marc__000\Desktop\Middle Earth Shadow of Mordor.lnk
2014-10-02 16:18 - 2014-10-02 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
2014-10-02 15:47 - 2014-10-02 16:17 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-02 08:14 - 2014-10-02 08:15 - 08132800 _____ () C:\windows\Minidump\100214-22906-01.dmp
2014-10-02 05:26 - 2014-10-02 05:26 - 00000000 ____D () C:\Users\marc__000\Downloads\!RnE - 2014.10.02 05.26.40 - codex-middle.earth.shadow.of.mordor
2014-10-02 02:13 - 2014-10-02 02:13 - 00000000 ____D () C:\Users\marc__000\AppData\Local\FLT
2014-10-02 02:08 - 2014-10-02 02:08 - 00002164 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-10-02 02:08 - 2014-10-02 02:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-02 02:07 - 2014-09-13 17:13 - 00613696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2014-10-02 02:05 - 2014-09-13 20:48 - 31887680 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 24552592 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 20922512 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 18106152 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 17259664 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 14026304 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 13939272 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 13157696 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-10-02 02:05 - 2014-09-13 20:48 - 11392576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 11330776 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 04287296 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 04008592 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 01876296 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434411.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 01539272 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434411.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00957584 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00925896 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00919240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00894096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00501064 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00417096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00393024 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00348304 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2014-10-02 02:05 - 2014-

TheSaiyan · Oct 7, 2014

09-13 20:48 - 00174856 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00156840 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00000000 _____ () C:\windows\SysWOW64\nvd3dum.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00000000 _____ () C:\windows\system32\nvwgf2umx.dll
2014-10-02 02:05 - 2014-09-13 20:48 - 00000000 _____ () C:\windows\system32\nvd3dumx.dll
2014-10-02 02:05 - 2014-09-04 16:14 - 00038048 _____ () C:\windows\system32\Drivers\nvvad64v.sys
2014-10-02 02:05 - 2014-09-04 16:14 - 00032416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-10-02 01:59 - 2014-10-02 01:59 - 00000000 _____ () C:\Users\marc__000\Downloads\344.11-notebook-win8-win7-64bit-international-whql.exe
2014-10-02 01:57 - 2014-10-02 01:57 - 00002270 _____ () C:\Users\Public\Desktop\Launch BioShock Infinite.lnk
2014-10-02 01:57 - 2014-10-02 01:57 - 00002235 _____ () C:\Users\Public\Desktop\Launch BioShock Infinite Benchmarking Utility.lnk
2014-10-02 01:57 - 2014-10-02 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
2014-10-02 01:37 - 2014-10-02 01:57 - 00000000 ____D () C:\Program Files (x86)\BioShock Infinite
2014-10-02 01:24 - 2014-10-02 01:30 - 00000000 ____D () C:\Users\marc__000\Documents\Bioshock Infinite
2014-09-30 18:44 - 2014-09-30 18:49 - 32905293 _____ () C:\Users\marc__000\Downloads\New Warriors 003 (2014) (digital) (BlackManta-Empire).cbr
2014-09-30 18:42 - 2014-09-30 18:47 - 36420694 _____ () C:\Users\marc__000\Downloads\New_Warriors_04_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:41 - 2014-09-30 18:47 - 37433825 _____ () C:\Users\marc__000\Downloads\New_Warriors_05_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:40 - 2014-09-30 18:44 - 40926098 _____ () C:\Users\marc__000\Downloads\New_Warriors_07_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:40 - 2014-09-30 18:43 - 40293338 _____ () C:\Users\marc__000\Downloads\New_Warriors_06_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:37 - 2014-09-30 18:42 - 44367252 _____ () C:\Users\marc__000\Downloads\New_Warriors_08_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:37 - 2014-09-30 18:40 - 41301926 _____ () C:\Users\marc__000\Downloads\New Warriors 09 (2014) (Digital) (BlackManta-Empire).cbr
2014-09-30 18:37 - 2014-09-30 18:40 - 37420835 _____ () C:\Users\marc__000\Downloads\New_Warriors_001_(2014)_(Digital)_(BlackManta-Empire).cbr
2014-09-30 18:37 - 2014-09-30 18:39 - 44396683 _____ () C:\Users\marc__000\Downloads\New Warriors 010 (2014) (Digital) (BlackManta-Empire).cbr
2014-09-30 18:37 - 2014-09-30 18:37 - 00000000 ____D () C:\Users\marc__000\Downloads\New Warriors 002 (2014) (Digital) (BlackManta-Empire)
2014-09-30 16:47 - 2014-09-30 16:47 - 00001806 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-30 16:47 - 2014-09-30 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-30 16:46 - 2014-09-30 16:46 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-30 16:46 - 2014-09-30 16:46 - 00000000 ____D () C:\Program Files\iTunes
2014-09-30 16:46 - 2014-09-30 16:46 - 00000000 ____D () C:\Program Files\iPod
2014-09-30 16:46 - 2014-09-30 16:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-30 16:31 - 2014-09-30 16:31 - 00001000 _____ () C:\Users\marc__000\Desktop\NewsLeecher.lnk
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher
2014-09-30 16:26 - 2014-09-30 16:26 - 00002550 _____ () C:\Users\marc__000\Downloads\codex-middle.earth.shadow.of.mordor.nfo
2014-09-29 20:41 - 2014-09-29 20:41 - 00129844 _____ () C:\Users\marc__000\Downloads\Family.Guy.S13E01.iNTERNAL.720p.HDTV.x264-2HD.nzb
2014-09-29 20:40 - 2014-09-29 20:40 - 00000000 ____D () C:\Users\marc__000\Downloads\!RnE - 2014.09.29 20.40.48 - family.guy.s13e01.internal.720p.hdtv.x264-2hd
2014-09-29 20:23 - 2014-09-29 20:23 - 00000000 ____D () C:\Users\marc__000\Downloads\[The Fappening Part 3] Anna Kendrick [Non-Nede But Still Sexy Photos] [.jpg]
2014-09-29 19:57 - 2014-09-29 19:57 - 18483455 _____ () C:\Users\marc__000\Downloads\sample-family.guy.s13e01.internal.720p.hdtv.x264-2hd.mkv
2014-09-29 19:55 - 2014-09-29 19:55 - 00000000 ____D () C:\Users\marc__000\Downloads\Family.Guy.S13E01.720p.HDTV.x264-KILLERS[rarbg]
2014-09-29 17:30 - 2014-09-29 17:33 - 51830370 _____ () C:\Users\marc__000\Downloads\Edge of Spider-Verse 003 (2014) (Digital) (Darkness-Empire).cbr
2014-09-28 23:59 - 2014-09-28 23:59 - 00003038 _____ () C:\Users\marc__000\Downloads\40a9924ebc7649ac9666ec30e4f7ccfb.1.nfo
2014-09-28 23:55 - 2014-09-28 23:55 - 00003038 _____ () C:\Users\marc__000\Downloads\40a9924ebc7649ac9666ec30e4f7ccfb.nfo
2014-09-28 23:53 - 2014-09-30 16:31 - 00000000 ____D () C:\Program Files (x86)\NewsLeecher
2014-09-28 23:51 - 2014-09-28 23:53 - 12860380 _____ () C:\Users\marc__000\Downloads\NL50B3.rar
2014-09-28 23:44 - 2014-09-28 23:44 - 06838896 _____ ( ) C:\Users\marc__000\Downloads\nl_setup.exe
2014-09-28 23:44 - 2014-09-28 23:44 - 03970064 _____ ( ) C:\Users\marc__000\Downloads\nl_setup_beta.exe
2014-09-28 23:33 - 2014-09-28 23:33 - 00000000 ____D () C:\Users\marc__000\AppData\Local\sabnzbd
2014-09-28 23:31 - 2014-09-28 23:32 - 10880386 _____ () C:\Users\marc__000\Downloads\SABnzbd-0.7.18-win32-setup.exe
2014-09-28 00:27 - 2014-09-28 00:38 - 312049914 _____ () C:\Users\marc__000\Downloads\[wakaRIP]Terror2B_HD.mp4
2014-09-28 00:27 - 2014-09-28 00:37 - 340533909 _____ () C:\Users\marc__000\Downloads\[wakaRIP]Zankyou no Terror 01 HD VOSTFR.mp4
2014-09-28 00:27 - 2014-09-28 00:37 - 312214473 _____ () C:\Users\marc__000\Downloads\[wakaRIP]Terror3_HD.mp4
2014-09-27 18:10 - 2014-09-27 18:10 - 00000000 ____D () C:\Users\marc__000\Downloads\Jayne Ann Krentz collection [.epub]
2014-09-26 01:50 - 2014-09-26 01:51 - 39657456 _____ () C:\Users\marc__000\Downloads\XSplit v1.3.1311.1201.rar
2014-09-26 01:49 - 2014-09-26 01:49 - 51015328 _____ (SplitmediaLabs) C:\Users\marc__000\Downloads\xsplit_gc_installer.exe
2014-09-26 01:38 - 2014-09-26 01:39 - 07406196 _____ () C:\Users\marc__000\Downloads\OBS_0_635b_Installer.exe
2014-09-25 23:37 - 2014-09-25 23:37 - 00323672 _____ (Dropbox, Inc.) C:\Users\marc__000\Downloads\DropboxInstaller.exe
2014-09-25 23:36 - 2014-09-25 23:36 - 00001563 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-25 23:36 - 2014-09-25 23:36 - 00001270 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-25 23:36 - 2014-09-25 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-25 23:36 - 2014-09-25 23:36 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-25 23:35 - 2014-09-25 23:37 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\DVDVideoSoft
2014-09-25 23:34 - 2014-09-25 23:35 - 31386424 _____ (DVDVideoSoft Ltd. ) C:\Users\marc__000\Downloads\FreeYouTubeToMP3Converter.exe
2014-09-25 22:36 - 2014-09-25 22:36 - 00000000 ____D () C:\Users\marc__000\Documents\MATH2308MATH2305
2014-09-25 22:10 - 2014-09-25 22:14 - 00000000 ____D () C:\Users\marc__000\Downloads\Jason Mraz - Yes! 2014 [MP3@320kbps] - the.HH
2014-09-25 21:34 - 2014-09-25 21:34 - 00001665 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocksmith2014.lnk
2014-09-25 21:34 - 2014-09-25 21:34 - 00001658 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\quakelive_steam.lnk
2014-09-25 17:04 - 2014-09-25 21:33 - 00000222 _____ () C:\Users\marc__000\Desktop\Rocksmith 2014.url
2014-09-24 06:16 - 2014-09-24 06:21 - 236797755 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E08.HDTV.x264-KILLERS.mp4
2014-09-24 05:46 - 2014-09-24 06:16 - 00000000 ____D () C:\Users\marc__000\Downloads\Silicon Valley S01E07 HDTV x264-KILLERS[ettv]
2014-09-24 05:44 - 2014-09-24 05:48 - 203987337 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E06.HDTV.x264-2HD.mp4
2014-09-24 05:22 - 2014-09-24 05:24 - 2149414387 _____ () C:\Users\marc__000\Downloads\born_flirty_5.DVDRip.mp4
2014-09-24 05:22 - 2014-09-24 05:22 - 00000000 ____D () C:\Users\marc__000\Downloads\Born Flirty 5 XXX DVDRip x264-RedSecTioN
2014-09-24 04:30 - 2014-09-24 04:33 - 226026915 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E05.HDTV.x264-KILLERS.mp4
2014-09-24 04:01 - 2014-09-24 04:06 - 251565466 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E04.HDTV.x264-KILLERS.mp4
2014-09-24 03:34 - 2014-09-24 03:38 - 237239595 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E03.HDTV.x264-KILLERS.mp4
2014-09-24 03:07 - 2014-09-24 03:11 - 220957543 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E02.HDTV.x264-2HD.mp4
2014-09-24 03:02 - 2014-09-24 03:05 - 225351574 _____ () C:\Users\marc__000\Downloads\Silicon.Valley.S01E01.HDTV.x264-KILLERS.mp4
2014-09-24 02:57 - 2014-09-24 02:59 - 00000000 ____D () C:\Users\marc__000\Downloads\Silicon Valley Season 1
2014-09-24 00:14 - 2014-09-24 00:14 - 00001442 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLGame.lnk
2014-09-24 00:06 - 2014-09-24 00:06 - 00000000 ____D () C:\ProgramData\Steam
2014-09-24 00:04 - 2014-09-24 00:04 - 00001030 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-09-24 00:04 - 2014-09-24 00:04 - 00000000 _____ () C:\Users\Public\Desktop\Outlast.lnk
2014-09-24 00:00 - 2014-09-24 00:03 - 00000000 ____D () C:\Program Files (x86)\Outlast
2014-09-23 19:02 - 2014-09-23 19:03 - 00000000 ____D () C:\Users\marc__000\Downloads\!RnE - 2014.09.23 19.02.05 - rld-outlast
2014-09-23 18:07 - 2014-09-23 18:07 - 00014114 _____ () C:\Users\marc__000\Downloads\Outlast.MULTi9-PROPHET.nfo
2014-09-23 17:57 - 2014-09-23 17:57 - 00000000 ____D () C:\Users\marc__000\Downloads\NewsLeecher.4.0.Final
2014-09-23 17:55 - 2014-10-06 18:36 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\NewsLeecher
2014-09-23 17:54 - 2014-09-23 17:55 - 06987528 _____ ( ) C:\Users\marc__000\Downloads\nl_final_40000_win8_compatible.exe
2014-09-23 17:50 - 2014-09-23 17:51 - 00000000 ____D () C:\Users\marc__000\Downloads\NewsLeecher.v4.0.Cracked-EAT
2014-09-23 01:32 - 2014-09-23 01:32 - 00000222 _____ () C:\Users\marc__000\Desktop\Quake Live.url
2014-09-21 21:08 - 2014-10-07 01:28 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-21 21:08 - 2014-10-07 01:25 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 21:08 - 2014-10-07 01:13 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 21:08 - 2014-09-21 21:08 - 00895120 _____ (Google Inc.) C:\Users\marc__000\Downloads\ChromeSetup.exe
2014-09-21 21:08 - 2014-09-21 21:08 - 00003896 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-21 21:08 - 2014-09-21 21:08 - 00003660 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-21 21:08 - 2014-09-21 21:08 - 00000000 ____D () C:\Users\marc__000\AppData\Local\Google
2014-09-21 21:08 - 2014-09-21 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-21 21:08 - 2014-09-21 21:08 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-21 15:30 - 2014-09-22 16:18 - 00000000 ____D () C:\Users\marc__000\Downloads\Edge.of.Tomorrow.2014.1080p.BluRay.x264-SPARKS[rarbg]
2014-09-20 15:25 - 2014-09-20 15:25 - 00001302 _____ () C:\Users\marc__000\Desktop\Naruto Shippuden Ultimate Ninja Storm Revolution.lnk
2014-09-20 15:25 - 2014-09-20 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Naruto Shippuden Ultimate Ninja Storm Revolution
2014-09-20 15:16 - 2014-09-20 15:57 - 00000000 ____D () C:\Program Files (x86)\Naruto Shippuden Ultimate Ninja Storm Revolution
2014-09-19 19:00 - 2014-09-19 23:02 - 00000000 ____D () C:\Users\marc__000\Downloads\Naruto Shippuden Ultimate Ninja Storm Revolution-CODEX
2014-09-19 01:28 - 2014-09-19 01:29 - 88264538 _____ () C:\Users\marc__000\Downloads\MATH2308MATH2305.rar
2014-09-19 01:06 - 2014-09-19 01:19 - 00000000 ____D () C:\Users\marc__000\Downloads\Compilation of the final 10 Favorite Female Orgasm Contest
2014-09-18 19:15 - 2014-09-18 19:18 - 56846847 _____ () C:\Users\marc__000\Downloads\Superior Spider-Man 033 (2014) (Eisenhart-DCP).cbr
2014-09-18 19:13 - 2014-09-18 19:14 - 35282363 _____ () C:\Users\marc__000\Downloads\Edge of Spider-Verse 02 (of 5) (2014) (Eisenhart-DCP).cbr
2014-09-18 16:25 - 2014-10-02 16:50 - 00003902 ____H () C:\Users\marc__000\_viminfo
2014-09-18 16:15 - 2014-09-18 16:59 - 00000000 ____D () C:\Users\marc__000\fork1.c
2014-09-18 16:08 - 2014-09-18 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-09-18 16:07 - 2014-09-18 16:08 - 00000000 ____D () C:\Program Files (x86)\Git
2014-09-18 16:07 - 2014-09-18 16:07 - 00000986 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk
2014-09-18 16:07 - 2014-09-18 16:07 - 00000962 _____ () C:\Users\marc__000\Desktop\MinGW Installer.lnk
2014-09-18 16:06 - 2014-09-18 16:07 - 17806885 _____ (The Git Development Community ) C:\Users\marc__000\Downloads\Git-1.9.4-preview20140815.exe
2014-09-18 16:04 - 2014-09-18 16:59 - 00000000 ____D () C:\MinGW
2014-09-17 18:15 - 2014-09-17 18:18 - 43075066 _____ () C:\Users\marc__000\Downloads\Amazing Spider-Man 006 (2014) (Digital) (Darkness-Empire).cbr
2014-09-17 18:06 - 2014-09-17 18:08 - 31558141 _____ () C:\Users\marc__000\Downloads\Miles_Morales_Ultimate_Spider-Man_005_(2014)_(Digital)_(Zone-Empire).cbr
2014-09-17 14:24 - 2014-09-17 14:25 - 00000000 ____D () C:\Users\marc__000\Documents\Witcher 2
2014-09-17 14:24 - 2014-09-17 14:24 - 00000000 ____D () C:\Users\marc__000\AppData\Local\The Witcher 2
2014-09-17 14:03 - 2014-09-17 14:24 - 00001680 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witcher 2 - Assassins of Kings.lnk
2014-09-17 14:00 - 2014-09-17 14:00 - 00000299 _____ () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-09-16 17:59 - 2014-09-16 17:59 - 01402920 _____ () C:\Users\marc__000\Downloads\battlelog-web-plugins_2.5.1_149(1).exe
2014-09-15 16:10 - 2014-09-17 14:00 - 00000221 _____ () C:\Users\marc__000\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
2014-09-15 16:10 - 2014-09-17 14:00 - 00000220 _____ () C:\Users\marc__000\Desktop\Garry's Mod.url
2014-09-15 15:08 - 2014-10-02 08:14 - 739206746 _____ () C:\windows\MEMORY.DMP
2014-09-15 15:08 - 2014-10-02 08:14 - 00000000 ____D () C:\windows\Minidump
2014-09-15 15:08 - 2014-09-15 15:08 - 00262144 _____ () C:\windows\Minidump\091514-52484-01.dmp
2014-09-15 02:26 - 2014-09-15 02:26 - 00000970 _____ () C:\Users\marc__000\Desktop\CDisplay.lnk
2014-09-15 02:26 - 2014-09-15 02:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay
2014-09-15 02:26 - 2014-09-15 02:26 - 00000000 ____D () C:\Program Files (x86)\CDisplay
2014-09-15 02:24 - 2014-09-15 02:25 - 37170952 _____ () C:\Users\marc__000\Downloads\Edge of Spider-Verse 001 (2014) (Digital) (Darkness-Empire).cbr
2014-09-15 02:23 - 2014-09-15 02:25 - 55293405 _____ () C:\Users\marc__000\Downloads\Superior Spider-Man 032 (2014) (Digital) (Darkness-Empire).cbr
2014-09-14 23:03 - 2014-09-02 17:06 - 00706016 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-14 23:03 - 2014-09-02 17:06 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-14 19:18 - 2014-08-23 04:48 - 02374784 _____ (Microsoft Corporation) C:\windows\explorer.exe
2014-09-14 19:18 - 2014-08-23 04:13 - 02084520 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2014-09-14 19:18 - 2014-08-23 03:10 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-09-14 19:18 - 2014-08-23 02:32 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-09-14 19:18 - 2014-08-23 01:44 - 02860032 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-09-14 19:18 - 2014-08-23 01:34 - 13423104 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-09-14 19:18 - 2014-08-23 01:33 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2014-09-14 19:18 - 2014-08-23 01:31 - 01038336 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-09-14 19:18 - 2014-08-23 01:20 - 11818496 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-09-14 19:18 - 2014-07-29 22:56 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-09-14 19:18 - 2014-07-29 02:22 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\tcpmon.dll
2014-09-14 19:18 - 2014-07-24 12:28 - 00468288 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-09-14 19:18 - 2014-07-24 12:28 - 00419648 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-09-14 19:18 - 2014-07-24 12:28 - 00412992 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-09-14 19:18 - 2014-07-24 12:28 - 00143680 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-09-14 19:18 - 2014-07-24 12:23 - 01519488 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-09-14 19:18 - 2014-07-24 12:20 - 21266336 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-09-14 19:18 - 2014-07-24 12:20 - 00645592 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-09-14 19:18 - 2014-07-24 12:16 - 02574208 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-09-14 19:18 - 2014-07-24 12:16 - 00211216 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
2014-09-14 19:18 - 2014-07-24 12:07 - 07424320 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-09-14 19:18 - 2014-07-24 12:07 - 02009920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-09-14 19:18 - 2014-07-24 12:05 - 01660048 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-09-14 19:18 - 2014-07-24 12:05 - 01519560 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-09-14 19:18 - 2014-07-24 12:05 - 01488008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-09-14 19:18 - 2014-07-24 12:05 - 01356840 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-09-14 19:18 - 2014-07-24 12:03 - 02141920 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-09-14 19:18 - 2014-07-24 12:03 - 00882136 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-09-14 19:18 - 2014-07-24 12:03 - 00818624 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-09-14 19:18 - 2014-07-24 12:03 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-09-14 19:18 - 2014-07-24 12:03 - 00205512 _____ (Microsoft Corporation) C:\windows\system32\mftranscode.dll
2014-09-14 19:18 - 2014-07-24 11:57 - 02515264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-09-14 19:18 - 2014-07-24 11:57 - 00475968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-09-14 19:18 - 2014-07-24 10:48 - 02410976 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-09-14 19:18 - 2014-07-24 10:46 - 18760328 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-09-14 19:18 - 2014-07-24 10:46 - 00477200 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-09-14 19:18 - 2014-07-24 10:36 - 02145472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-09-14 19:18 - 2014-07-24 10:36 - 00707536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-09-14 19:18 - 2014-07-24 10:36 - 00674512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 19:18 - 2014-07-24 10:36 - 00355800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-09-14 19:18 - 2014-07-24 10:36 - 00180720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mftranscode.dll
2014-09-14 19:18 - 2014-07-24 08:44 - 00674816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-09-14 19:18 - 2014-07-24 08:43 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2014-09-14 19:18 - 2014-07-24 08:42 - 01200640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-09-14 19:18 - 2014-07-24 08:42 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2014-09-14 19:18 - 2014-07-24 08:05 - 00287232 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2014-09-14 19:18 - 2014-07-24 08:05 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-09-14 19:18 - 2014-07-24 07:49 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersGPExt.dll
2014-09-14 19:18 - 2014-07-24 07:20 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2014-09-14 19:18 - 2014-07-24 07:10 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2014-09-14 19:18 - 2014-07-24 07:10 - 00834560 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-09-14 19:18 - 2014-07-24 07:10 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-09-14 19:18 - 2014-07-24 07:09 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-09-14 19:18 - 2014-07-24 07:06 - 00438272 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2014-09-14 19:18 - 2014-07-24 06:52 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2014-09-14 19:18 - 2014-07-24 06:44 - 16874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-09-14 19:18 - 2014-07-24 06:39 - 00770048 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2014-09-14 19:18 - 2014-07-24 06:33 - 01741824 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2014-09-14 19:18 - 2014-07-24 06:24 - 01817088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2014-09-14 19:18 - 2014-07-24 06:23 - 00328704 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2014-09-14 19:18 - 2014-07-24 06:16 - 12730880 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 19:18 - 2014-07-24 06:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2014-09-14 19:18 - 2014-07-24 06:11 - 00356864 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-09-14 19:18 - 2014-07-24 06:10 - 00540672 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2014-09-14 19:18 - 2014-07-24 06:03 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-09-14 19:18 - 2014-07-24 06:02 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-09-14 19:18 - 2014-07-24 05:53 - 01261056 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2014-09-14 19:18 - 2014-07-24 05:53 - 00449536 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-09-14 19:18 - 2014-07-24 05:49 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2014-09-14 19:18 - 2014-07-24 05:39 - 02397184 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-09-14 19:18 - 2014-07-24 05:38 - 00371200 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2014-09-14 19:18 - 2014-07-24 05:32 - 01532416 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2014-09-14 19:18 - 2014-07-24 05:30 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2014-09-14 19:18 - 2014-07-24 05:29 - 00439296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 19:18 - 2014-07-24 05:27 - 00907776 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-09-14 19:18 - 2014-07-24 05:23 - 01404416 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-09-14 19:18 - 2014-07-24 05:22 - 00487936 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2014-09-14 19:18 - 2014-07-24 05:21 - 01231872 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-09-14 19:18 - 2014-07-24 05:21 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2014-09-14 19:18 - 2014-07-24 05:19 - 00388608 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-14 19:18 - 2014-07-24 05:18 - 00795136 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2014-09-14 19:18 - 2014-07-24 05:16 - 00505344 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
2014-09-14 19:18 - 2014-07-24 05:16 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-09-14 19:18 - 2014-07-24 05:15 - 00000000 _____ () C:\windows\system32\wuapi.dll
2014-09-14 19:18 - 2014-07-24 05:10 - 01029632 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-09-14 19:18 - 2014-07-24 05:10 - 00889344 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-09-14 19:18 - 2014-07-24 05:10 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-09-14 19:18 - 2014-07-24 05:10 - 00371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2014-09-14 19:18 - 2014-07-24 05:02 - 03465216 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-14 19:18 - 2014-07-24 05:01 - 05833216 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 19:18 - 2014-07-24 05:01 - 01992192 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-09-14 19:18 - 2014-07-24 04:50 - 01182208 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
2014-09-14 19:18 - 2014-07-24 04:47 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-09-14 19:18 - 2014-07-24 04:46 - 08652800 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2014-09-14 19:18 - 2014-07-24 04:44 - 01057792 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
2014-09-14 19:18 - 2014-07-24 04:43 - 02696704 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2014-09-14 19:18 - 2014-07-24 04:39 - 02642944 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-09-14 19:18 - 2014-07-24 04:38 - 06649344 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-09-14 19:18 - 2014-07-24 04:38 - 05777408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-09-14 19:18 - 2014-07-24 04:33 - 03360768 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-09-14 19:18 - 2014-07-24 04:30 - 02318336 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-09-14 19:18 - 2014-07-24 04:28 - 01600000 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2014-09-14 19:18 - 2014-07-24 01:11 - 00513544 _____ () C:\windows\SysWOW64\locale.nls
2014-09-14 19:18 - 2014-07-24 01:11 - 00513544 _____ () C:\windows\system32\locale.nls
2014-09-14 19:18 - 2014-07-12 02:55 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\wisp.dll
2014-09-14 19:18 - 2014-07-12 01:13 - 01417216 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-14 19:18 - 2014-07-04 07:29 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\AppxSip.dll
2014-09-14 19:18 - 2014-07-04 06:30 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2014-09-14 19:18 - 2014-07-04 06:27 - 00474112 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2014-09-14 19:18 - 2014-06-27 03:22 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-09-14 19:18 - 2014-06-25 21:32 - 01029632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2014-09-14 19:18 - 2014-06-18 23:13 - 00310080 ____C (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-09-14 19:18 - 2014-06-14 03:03 - 02389504 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-14 19:18 - 2014-06-14 02:46 - 02071552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-14 19:18 - 2014-06-05 07:18 - 01018368 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll
2014-09-14 19:18 - 2014-06-05 06:42 - 00889856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll
2014-09-14 19:18 - 2014-05-31 02:00 - 01463808 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2014-09-14 19:18 - 2014-05-29 03:23 - 00427008 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-09-14 19:18 - 2014-05-29 02:25 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-09-14 19:18 - 2014-05-06 01:41 - 00486744 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-09-14 19:18 - 2014-05-05 21:55 - 00391000 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-09-14 19:18 - 2014-03-24 23:27 - 00160600 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2014-09-14 19:18 - 2014-03-24 22:20 - 00127544 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2014-09-14 19:17 - 2014-07-24 12:28 - 00280384 ____C (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2014-09-14 19:17 - 2014-07-24 12:25 - 00054752 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-14 19:17 - 2014-07-24 12:23 - 00125472 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-09-14 19:17 - 2014-07-24 12:20 - 00263400 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2014-09-14 19:17 - 2014-07-24 12:03 - 00233888 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-09-14 19:17 - 2014-07-24 10:50 - 00098048 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-09-14 19:17 - 2014-07-24 10:48 - 00180208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
2014-09-14 19:17 - 2014-07-24 08:51 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTT102.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-09-14 19:17 - 2014-07-24 08:51 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-09-14 19:17 - 2014-07-24 08:47 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-09-14 19:17 - 2014-07-24 08:46 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-09-14 19:17 - 2014-07-24 08:45 - 00076800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-09-14 19:17 - 2014-07-24 08:42 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisImPlatform.sys
2014-09-14 19:17 - 2014-07-24 08:41 - 00118272 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2014-09-14 19:17 - 2014-07-24 08:41 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2014-09-14 19:17 - 2014-07-24 08:33 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-09-14 19:17 - 2014-07-24 08:33 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-09-14 19:17 - 2014-07-24 08:22 - 00308736 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2014-09-14 19:17 - 2014-07-24 08:06 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\iasnap.dll
2014-09-14 19:17 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-09-14 19:17 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTT102.DLL
2014-09-14 19:17 - 2014-07-24 07:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-09-14 19:17 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-09-14 19:17 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-09-14 19:17 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-09-14 19:17 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-09-14 19:17 - 2014-07-24 07:33 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-09-14 19:17 - 2014-07-24 07:32 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-09-14 19:17 - 2014-07-24 07:18 - 01089024 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-09-14 19:17 - 2014-07-24 07:12 - 00878592 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2014-09-14 19:17 - 2014-07-24 07:10 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasnap.dll
2014-09-14 19:17 - 2014-07-24 07:05 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2014-09-14 19:17 - 2014-07-24 06:53 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll
2014-09-14 19:17 - 2014-07-24 06:42 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-09-14 19:17 - 2014-07-24 06:40 - 00557056 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2014-09-14 19:17 - 2014-07-24 06:32 - 01048064 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-09-14 19:17 - 2014-07-24 06:27 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-09-14 19:17 - 2014-07-24 06:27 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-09-14 19:17 - 2014-07-24 06:25 - 00832512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2014-09-14 19:17 - 2014-07-24 06:21 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2014-09-14 19:17 - 2014-07-24 06:18 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll
2014-09-14 19:17 - 2014-07-24 06:14 - 00443904 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2014-09-14 19:17 - 2014-07-24 06:13 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll
2014-09-14 19:17 - 2014-07-24 06:11 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
2014-09-14 19:17 - 2014-07-24 06:09 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-09-14 19:17 - 2014-07-24 06:04 - 00492032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2014-09-14 19:17 - 2014-07-24 06:04 - 00183808 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-09-14 19:17 - 2014-07-24 05:58 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2014-09-14 19:17 - 2014-07-24 05:49 - 01361408 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-09-14 19:17 - 2014-07-24 05:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2014-09-14 19:17 - 2014-07-24 05:49 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-09-14 19:17 - 2014-07-24 05:48 - 00659968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2014-09-14 19:17 - 2014-07-24 05:47 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-09-14 19:17 - 2014-07-24 05:43 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
2014-09-14 19:17 - 2014-07-24 05:36 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2014-09-14 19:17 - 2014-07-24 05:28 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2014-09-14 19:17 - 2014-07-24 05:24 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 19:17 - 2014-07-24 05:20 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2014-09-14 19:17 - 2014-07-24 05:18 - 01144320 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2014-09-14 19:17 - 2014-07-24 05:18 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-14 19:17 - 2014-07-24 05:15 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2014-09-14 19:17 - 2014-07-24 05:15 - 00432128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2014-09-14 19:17 - 2014-07-24 05:13 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2014-09-14 19:17 - 2014-07-24 05:12 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 19:17 - 2014-07-24 05:08 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-09-14 19:17 - 2014-07-24 05:08 - 00162816 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2014-09-14 19:17 - 2014-07-24 05:07 - 01705472 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-14 19:17 - 2014-07-24 05:06 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-14 19:17 - 2014-07-24 05:05 - 00448000 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
2014-09-14 19:17 - 2014-07-24 05:04 - 00667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-14 19:17 - 2014-07-24 05:01 - 01126912 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-09-14 19:17 - 2014-07-24 05:00 - 02100736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 19:17 - 2014-07-24 04:58 - 00432640 _____ (Microsoft Corporation) C:\windows

TheSaiyan · Oct 7, 2014

\system32\wwanconn.dll
2014-09-14 19:17 - 2014-07-24 04:58 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-09-14 19:17 - 2014-07-24 04:54 - 01290752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-09-14 19:17 - 2014-07-24 04:50 - 00923136 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-14 19:17 - 2014-07-24 04:49 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2014-09-14 19:17 - 2014-07-24 04:43 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-14 19:17 - 2014-07-24 04:43 - 00200192 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2014-09-14 19:17 - 2014-07-24 04:41 - 00459264 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-09-14 19:17 - 2014-07-12 02:23 - 00436224 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-09-14 19:17 - 2014-07-12 01:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wisp.dll
2014-09-14 19:17 - 2014-07-12 01:33 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-09-14 19:17 - 2014-07-09 20:19 - 00387391 _____ () C:\windows\system32\ApnDatabase.xml
2014-09-14 19:17 - 2014-07-04 09:59 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-09-14 19:17 - 2014-07-04 07:20 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-09-14 19:17 - 2014-07-04 07:06 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxSip.dll
2014-09-14 19:17 - 2014-07-04 07:00 - 01351168 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-09-14 19:17 - 2014-06-25 21:29 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2014-09-14 19:17 - 2014-06-19 20:37 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-09-14 19:17 - 2014-06-07 09:46 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-09-14 19:17 - 2014-06-07 07:20 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-09-14 19:17 - 2014-06-05 11:00 - 01118040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-09-14 19:17 - 2014-05-31 01:18 - 01319936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2014-09-14 19:17 - 2014-05-29 02:20 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-09-14 19:17 - 2014-05-29 01:36 - 00344576 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-09-14 19:17 - 2014-05-26 04:26 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\AppxSysprep.dll
2014-09-14 19:17 - 2014-05-10 07:12 - 00387896 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2014-09-14 19:17 - 2014-05-10 05:46 - 00335680 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2014-09-14 19:17 - 2014-03-24 23:27 - 00123920 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2014-09-14 19:17 - 2014-03-24 22:20 - 00128568 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2014-09-14 19:11 - 2014-08-14 21:36 - 00146752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2014-09-11 15:02 - 2014-08-15 23:40 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-11 15:02 - 2014-08-15 23:04 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-11 15:02 - 2014-08-15 23:00 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-11 15:02 - 2014-08-15 23:00 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-11 15:02 - 2014-08-15 22:56 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-11 15:02 - 2014-08-15 22:54 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-11 15:02 - 2014-08-15 22:45 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-11 15:02 - 2014-08-15 22:43 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-11 15:02 - 2014-08-15 22:32 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-11 15:02 - 2014-08-15 22:25 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 15:02 - 2014-08-15 22:22 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-11 15:02 - 2014-08-15 22:20 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-11 15:02 - 2014-08-15 22:19 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-11 15:02 - 2014-08-15 22:18 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-11 15:02 - 2014-08-15 22:18 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-11 15:02 - 2014-08-15 22:11 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-11 15:02 - 2014-08-15 22:06 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-11 15:02 - 2014-08-15 22:05 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-11 15:02 - 2014-08-15 22:05 - 00000000 _____ () C:\windows\system32\ie4uinit.exe
2014-09-11 15:02 - 2014-08-15 22:03 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-11 15:02 - 2014-08-15 22:03 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-11 15:02 - 2014-08-15 21:58 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 15:02 - 2014-08-15 21:56 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-11 15:02 - 2014-08-15 21:53 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-11 15:02 - 2014-08-15 21:53 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-11 15:02 - 2014-08-15 21:53 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-11 15:02 - 2014-08-15 21:51 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-11 15:02 - 2014-08-15 21:45 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-11 15:02 - 2014-08-15 21:44 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-11 15:02 - 2014-08-15 21:44 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-11 15:02 - 2014-08-15 21:34 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-11 15:02 - 2014-08-15 21:20 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-11 15:02 - 2014-08-15 21:18 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-11 15:02 - 2014-08-15 21:14 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-11 15:02 - 2014-08-15 21:12 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-11 15:02 - 2014-05-30 06:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-11 15:02 - 2014-05-30 05:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-11 15:02 - 2014-02-06 08:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-11 15:02 - 2014-02-06 08:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-11 15:02 - 2014-02-06 08:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-11 15:02 - 2014-02-06 08:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-11 15:02 - 2014-02-06 07:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-11 15:02 - 2014-02-06 07:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-11 15:02 - 2014-02-06 07:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-11 15:02 - 2014-02-06 07:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-11 15:02 - 2014-02-06 07:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-11 15:02 - 2014-02-06 07:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-11 15:02 - 2014-02-06 06:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-11 15:02 - 2014-02-06 06:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-11 15:02 - 2014-02-06 06:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-11 15:02 - 2014-02-06 06:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-11 14:47 - 2014-08-01 21:18 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-11 14:45 - 2014-07-24 00:20 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 14:45 - 2014-07-24 00:20 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2014-09-10 20:30 - 2014-10-07 01:24 - 00000027 _____ () C:\ProgramData\lcsuc_prof.cfg
2014-09-10 03:38 - 2014-09-12 18:10 - 00000000 ____D () C:\Users\marc__000\Downloads\X-Men.Days.of.Future.Past.2014.1080p.WEB-DL.DD5.1.H264-RARBG
2014-09-08 16:03 - 2014-10-01 00:48 - 00001456 _____ () C:\Users\marc__000\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-09-08 14:53 - 2014-09-18 21:11 - 00297088 _____ () C:\windows\SysWOW64\PnkBstrB.xtr
2014-09-08 14:53 - 2014-09-08 14:53 - 00000000 ____D () C:\Users\marc__000\Documents\Battlefield 3
2014-09-08 14:53 - 2014-09-08 14:53 - 00000000 ____D () C:\Users\marc__000\AppData\Local\PunkBuster
2014-09-08 14:52 - 2014-09-08 14:52 - 01402920 _____ () C:\Users\marc__000\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-08 14:52 - 2014-09-08 14:52 - 00000000 ____D () C:\Users\marc__000\AppData\Local\ESN
2014-09-08 14:52 - 2014-09-08 14:52 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-08 14:50 - 2014-09-08 14:50 - 00000000 ____D () C:\ProgramData\EA Core
2014-09-08 13:40 - 2014-09-08 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2014-09-08 13:07 - 2014-09-08 13:40 - 00000000 ____D () C:\Program Files (x86)\Dead Rising 3
2014-09-08 07:37 - 2014-09-18 21:11 - 00297088 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2014-09-08 07:37 - 2014-09-18 21:11 - 00280904 _____ () C:\windows\SysWOW64\PnkBstrB.ex0
2014-09-08 07:37 - 2014-09-08 14:58 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-09-08 07:37 - 2014-09-08 07:37 - 00001201 _____ () C:\Users\Public\Desktop\Battlefield 3.lnk
2014-09-08 07:37 - 2014-09-08 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-09-08 02:51 - 2014-09-08 02:57 - 422073271 _____ () C:\Users\marc__000\Downloads\[Hegre-Art] Emily, Tigra - Girl Girl Body Massage Body (2013).mp4
2014-09-08 02:26 - 2014-09-08 02:26 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\El_Berry
2014-09-08 02:23 - 2014-09-08 02:23 - 00000000 ____D () C:\Users\marc__000\Downloads\Elcomsoft Blackberry Backup Explorer Professional v9.05
2014-09-08 02:21 - 2014-09-08 02:23 - 10600352 _____ () C:\Users\marc__000\Downloads\Elcomsoft Blackberry Backup Explorer Professional v9.05.rar
2014-09-08 01:44 - 2009-03-24 12:52 - 01069376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscomctl.ocx
2014-09-08 01:37 - 2014-09-08 01:37 - 00889416 _____ (Microsoft Corporation) C:\Users\marc__000\Downloads\dotNetFx40_Full_setup.exe
2014-09-08 01:26 - 2014-09-08 02:19 - 00000000 ____D () C:\Program Files (x86)\MagicBerry for Blackberry
2014-09-08 01:22 - 2014-09-08 01:23 - 00000077 _____ () C:\Users\marc__000\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-09-08 01:22 - 2014-09-08 01:23 - 00000077 _____ () C:\Users\marc__000\AppData\Roaming\Rim.Desktop.Exception.log
2014-09-08 01:22 - 2014-09-08 01:23 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Amrak phoneMiner
2014-09-08 01:22 - 2014-09-08 01:22 - 00003071 _____ () C:\Users\marc__000\Desktop\phoneMiner.lnk
2014-09-08 01:22 - 2014-09-08 01:22 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Research In Motion
2014-09-08 01:22 - 2014-09-08 01:22 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amrak Software
2014-09-08 01:22 - 2014-09-08 01:22 - 00000000 ____D () C:\Users\marc__000\AppData\Local\Research In Motion
2014-09-08 01:22 - 2014-09-08 01:22 - 00000000 ____D () C:\Program Files (x86)\Amrak Software
2014-09-08 01:21 - 2014-09-08 01:21 - 00002258 _____ () C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
2014-09-08 01:21 - 2014-09-08 01:21 - 00001111 _____ () C:\Users\marc__000\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-09-08 01:21 - 2014-09-08 01:21 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2014-09-08 01:21 - 2014-09-08 01:21 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-09-08 01:21 - 2014-09-08 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
2014-09-08 01:21 - 2014-09-08 01:21 - 00000000 ____D () C:\Program Files (x86)\Research In Motion
2014-09-08 01:21 - 2012-12-10 15:48 - 00044544 _____ (Research in Motion Ltd) C:\windows\system32\Drivers\RimSerial_AMD64.sys
2014-09-08 01:20 - 2014-09-08 01:21 - 19064832 _____ () C:\Users\marc__000\Downloads\Amrak.PhoneMiner.Setup.v.2.3.51.msi
2014-09-08 01:18 - 2014-09-08 01:20 - 119528976 _____ () C:\Users\marc__000\Downloads\710_b042_multilanguage.exe
2014-09-08 01:16 - 2014-09-08 01:16 - 00439957 _____ () C:\Users\marc__000\Downloads\IpdDump 0.3 RC4.jar
2014-09-08 01:08 - 2004-03-09 00:00 - 00224016 _____ (Microsoft Corporation) C:\windows\SysWOW64\tabctl32.ocx
2014-09-08 01:08 - 2004-03-09 00:00 - 00152848 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-09-08 01:03 - 2014-09-08 01:11 - 02650984 _____ (Reincubate Ltd) C:\Users\marc__000\Downloads\bbbe-latest.exe
2014-09-08 00:07 - 2014-09-08 00:08 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-08 00:06 - 2014-09-09 11:05 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Origin
2014-09-08 00:06 - 2014-09-08 00:07 - 00000000 ____D () C:\Users\marc__000\AppData\Local\Origin
2014-09-08 00:05 - 2014-10-07 01:26 - 00000000 ____D () C:\ProgramData\Origin
2014-09-08 00:05 - 2014-10-07 01:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-08 00:05 - 2014-09-08 14:50 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-08 00:05 - 2014-09-08 00:05 - 00001006 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-08 00:05 - 2014-09-08 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-07 18:28 - 2014-09-08 04:57 - 00000000 ____D () C:\Users\marc__000\Downloads\Dead.Rising 3 by xatab
2014-09-07 16:35 - 2014-09-22 20:28 - 00000000 ___RD () C:\Users\marc__000\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 01:35 - 2014-08-30 23:32 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1873908055-2179700353-3391590569-1001
2014-10-07 01:30 - 2014-03-18 06:53 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-07 01:29 - 2014-09-01 00:52 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS
2014-10-07 01:26 - 2014-08-31 20:18 - 00000000 ___RD () C:\Users\marc__000\Dropbox
2014-10-07 01:26 - 2014-08-31 20:14 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Dropbox
2014-10-07 01:24 - 2014-07-05 16:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-07 01:24 - 2013-08-22 11:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-07 01:23 - 2014-03-18 06:44 - 00026696 _____ () C:\windows\PFRO.log
2014-10-07 01:23 - 2013-08-22 10:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-07 01:19 - 2014-08-30 23:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-07 01:00 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\system32\sru
2014-10-07 00:42 - 2014-08-31 00:03 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-07 00:09 - 2014-09-01 03:31 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\vlc
2014-10-06 23:42 - 2014-07-05 16:03 - 01817435 _____ () C:\windows\WindowsUpdate.log
2014-10-06 23:37 - 2013-08-22 12:20 - 00000000 ____D () C:\windows\CbsTemp
2014-10-06 23:22 - 2014-08-31 21:30 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\uTorrent
2014-10-06 22:10 - 2014-08-31 10:03 - 00098258 _____ () C:\windows\DirectX.log
2014-10-06 21:58 - 2014-09-03 16:41 - 00000950 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-10-06 21:58 - 2014-09-03 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-10-06 21:58 - 2014-09-03 16:41 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-10-06 13:18 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\AppReadiness
2014-10-06 12:52 - 2014-08-31 10:58 - 00385024 ___SH () C:\Users\marc__000\Downloads\Thumbs.db
2014-10-06 02:00 - 2014-08-31 22:16 - 00000000 ____D () C:\Users\marc__000\AppData\Local\Adobe
2014-10-05 23:29 - 2014-08-30 23:42 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-05 19:57 - 2014-08-30 23:25 - 00000000 ____D () C:\Users\marc__000\AppData\Local\Packages
2014-10-03 01:30 - 2013-08-22 10:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-10-02 21:51 - 2014-08-31 10:42 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-02 21:51 - 2014-08-30 23:28 - 00000000 ___DO () C:\Users\marc__000\OneDrive
2014-10-02 21:49 - 2014-08-31 10:43 - 00001993 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-02 21:49 - 2014-08-30 23:23 - 00000000 ____D () C:\Users\marc__000
2014-10-02 02:13 - 2014-08-31 15:00 - 00000000 ____D () C:\Users\marc__000\Documents\My Games
2014-10-02 02:08 - 2014-07-05 16:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-02 02:08 - 2014-07-05 16:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-02 02:08 - 2013-08-22 11:46 - 00026481 _____ () C:\windows\setupact.log
2014-09-30 22:51 - 2014-09-01 19:41 - 00000000 ____D () C:\Users\marc__000\Documents\Schoolwork
2014-09-29 04:13 - 2014-09-01 00:17 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\DAEMON Tools Lite
2014-09-28 23:57 - 2014-08-30 23:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-27 20:47 - 2014-08-31 11:07 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Apple Computer
2014-09-26 02:29 - 2014-08-31 21:43 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\OBS
2014-09-26 01:52 - 2014-08-31 21:35 - 00001136 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-09-26 01:52 - 2014-08-31 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-09-26 01:50 - 2014-08-31 21:34 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-09-26 01:49 - 2014-08-31 21:34 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\SplitMediaLabs
2014-09-26 01:39 - 2014-08-31 21:43 - 00000962 _____ () C:\Users\marc__000\Desktop\Open Broadcaster Software.lnk
2014-09-25 23:39 - 2014-08-31 20:18 - 00001092 _____ () C:\Users\marc__000\Desktop\Dropbox.lnk
2014-09-25 23:39 - 2014-08-31 20:15 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-24 16:40 - 2014-08-30 23:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-22 19:54 - 2014-09-01 18:59 - 00000000 ____D () C:\Users\marc__000\Documents\Visual Studio 2012
2014-09-16 23:10 - 2014-08-31 00:17 - 01715224 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2014-09-16 23:10 - 2014-08-31 00:17 - 01291280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2014-09-16 23:10 - 2014-07-05 16:15 - 02799784 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-09-16 23:10 - 2014-07-05 16:15 - 02193560 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-09-15 23:20 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\rescache
2014-09-15 16:03 - 2014-09-03 15:13 - 00000000 ____D () C:\Users\marc__000\AppData\Roaming\.minecraft
2014-09-15 03:16 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\LiveKernelReports
2014-09-14 23:08 - 2014-07-05 16:52 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-09-14 23:02 - 2013-08-22 11:44 - 05114512 _____ () C:\windows\system32\FNTCACHE.DAT
2014-09-14 23:00 - 2014-03-18 06:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ___RD () C:\windows\ToastData
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\WinStore
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\SysWOW64\setup
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod
2014-09-14 23:00 - 2013-08-22 12:36 - 00000000 ____D () C:\windows\system32\setup
2014-09-14 23:00 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\oobe
2014-09-14 22:54 - 2014-08-30 23:32 - 00003926 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{9215575A-5E97-48BE-BB68-DD625FB4E6CF}
2014-09-14 21:24 - 2014-09-01 00:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-14 21:23 - 2014-09-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-13 20:48 - 2014-08-31 00:14 - 00026956 _____ () C:\windows\system32\nvinfo.pb
2014-09-13 20:48 - 2014-07-05 16:14 - 03223120 _____ () C:\windows\system32\nvapi64.dll
2014-09-13 20:48 - 2014-07-05 16:14 - 02838424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 06890696 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 03529872 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 02557640 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 01087688 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 00934216 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-09-13 18:53 - 2014-07-05 16:14 - 00619208 _____ (NVIDIA Corporation) C:\windows\SysWOW64\oemdspif.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 00385168 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 00067072 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-09-13 18:53 - 2014-07-05 16:14 - 00062608 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-09-11 15:01 - 2014-09-01 03:11 - 00000000 ____D () C:\windows\system32\MRT
2014-09-11 14:52 - 2014-09-01 03:11 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-11 12:37 - 2014-07-05 16:14 - 03961833 _____ () C:\windows\system32\nvcoproc.bin
2014-09-09 15:42 - 2014-08-31 00:03 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 00:45 - 2014-08-31 10:01 - 00000000 ____D () C:\Users\marc__000\Documents\DolbyAxon
2014-09-09 00:44 - 2014-09-06 00:31 - 00000000 ____D () C:\Users\marc__000\Downloads\Godzilla (2014) [1080p]
2014-09-08 02:25 - 2014-08-30 23:25 - 00000000 ____D () C:\Users\marc__000\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\marc__000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv7gxyu.dll
C:\Users\marc__000\AppData\Local\Temp\nstD51D.exe
C:\Users\marc__000\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\marc__000\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\marc__000\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\marc__000\AppData\Local\Temp\nvStInst.exe
C:\Users\marc__000\AppData\Local\Temp\Quarantine.exe
C:\Users\marc__000\AppData\Local\Temp\SHSetup.exe
C:\Users\marc__000\AppData\Local\Temp\SPSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-04 03:35

==================== End Of Log ============================

TheSaiyan · Oct 7, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by marc__000 at 2014-10-07 01:36:44
Running from C:\Users\marc__000\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Rising 3 v.1.0 (HKLM-x32\...\Dead Rising 3_is1) (Version: - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9719DFA1-7CB0-422E-98AE-C77FD3426BE8}) (Version: - Microsoft)
Dolby Axon - 1.5.1.1 (HKLM-x32\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Git version 1.9.4-preview20140815 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140815 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 17.00.0000.1347 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 17.0.0.0332 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metro 2033 Redux (HKLM-x32\...\Metro 2033 Redux_is1) (Version: - )
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{c268086c-18ee-4c0d-b057-1f49530d413a}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Naruto Shippuden Ultimate Ninja Storm Revolution (HKLM-x32\...\Naruto Shippuden Ultimate Ninja Storm Revolution_is1) (Version: - )
NewsLeecher v5.0 Beta 16 ( RC 1 ) (HKLM-x32\...\NewsLeecher_is1) (Version: - )
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
phoneMiner (HKLM-x32\...\{C3E1489F-E285-4892-B27E-8E155646AEA4}) (Version: 2.3.51 - Amrak Software)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Ultra Street Fighter IV (HKLM-x32\...\Steam App 45760) (Version: - Capcom)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F8580E12-045B-471B-AF74-98C977347F4E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version: - Microsoft)

TheSaiyan · Oct 7, 2014

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881081) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3BE27413-9FFE-4AB1-9013-344E111E718F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version: - Microsoft)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{F8A47958-47CC-4B57-AE7D-7DDC0A86BEF5}) (Version: 1.3.1311.1201 - SplitMediaLabs)
Zombies Monsters Robots (HKLM-x32\...\Steam App 306830) (Version: - En Masse Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1873908055-2179700353-3391590569-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\marc__000\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

07-10-2014 01:02:28 Installed DirectX
07-10-2014 04:03:29 Before malware bytes

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {032AA2B8-1CFA-444D-AF69-45786CB37826} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DCEAE5A-45F9-465A-9076-2A3F7AD6239F} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-09-01] ()
Task: {18AD8E8A-F77D-40FF-8639-EEAEC2D6C993} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {196A128C-5FD8-4B68-BFC0-5376B56DA24D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-marc_hosang@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37017C1B-0BBF-40AD-84E6-3B8C7B51A3D1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3BD4708D-DF53-48FD-B354-6BCC9AC49AE3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-31] (AVAST Software)
Task: {40580EED-EF8F-4A81-85D1-DE26D9ED03BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4073ECA4-E751-4D54-B6E1-9DAA3BCBF179} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6640F4CA-2EC6-4525-BBCE-69131BD09AA5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A689F68-537B-4DD0-94BD-9B1FD30ADE37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7CB1C992-E560-45E7-88D5-D54C54E642A0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8753097E-64E7-47E7-9C8D-267AC36E4CD5} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ADEC7F16-B143-46C4-AEA2-B857C6C1123C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B6276A7B-4458-40BB-9AD0-0E91A63AFCDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21] (Google Inc.)
Task: {B98DDB9B-E76E-4C82-87AC-EB48E4B531B4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {C2B3717B-0B58-4F55-9237-4D353032A5FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF2D225-A323-4EEA-8684-CDD53E02BA70} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {E2FAD22A-E1F6-41D3-B08F-5338ED7C89C7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-08 07:37 - 2014-09-08 14:58 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-07-05 16:22 - 2013-10-01 06:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-31 10:41 - 2014-08-31 10:41 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-06 17:45 - 2014-10-06 17:45 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100601\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-09-08 00:06 - 2014-09-18 21:07 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-10-07 01:26 - 2014-10-07 01:26 - 00043008 _____ () c:\Users\marc__000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv7gxyu.dll
2013-08-23 16:01 - 2013-08-23 16:01 - 25100288 _____ () C:\Users\marc__000\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-31 10:41 - 2014-08-31 10:41 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-05 16:10 - 2013-09-16 16:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-30 23:32 - 2014-09-24 16:40 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:B3503B59
AlternateDataStreams: C:\Users\marc__000\Cookies:kpWkto7voPwSzUPwroXYodVdR4wh
AlternateDataStreams: C:\Users\marc__000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\marc__000\AppData\Local\Temp:XYjqZlE4enlYhc67z2tVaVV4ByJU
AlternateDataStreams: C:\Users\marc__000\AppData\Local\Temporary Internet Files:FX8IN4WR0YGbrvcJnb8cET049M

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1873908055-2179700353-3391590569-500 - Administrator - Disabled)
Guest (S-1-5-21-1873908055-2179700353-3391590569-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1873908055-2179700353-3391590569-1003 - Limited - Enabled)
marc__000 (S-1-5-21-1873908055-2179700353-3391590569-1001 - Administrator - Enabled) => C:\Users\marc__000

==================== Faulty Device Manager Devices =============

Name: Intel(R) Wireless Bluetooth(R) 4.0
Description: Intel(R) Wireless Bluetooth(R) 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/07/2014 01:35:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-10-06 23:25:15.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-06 23:21:26.871
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-04 14:20:03.549
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-01 23:28:31.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-01 00:34:18.972
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-29 01:18:42.007
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-29 00:19:14.658
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 00:58:56.913
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-28 00:07:43.997
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-27 16:22:19.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16296.27 MB
Available physical RAM: 13610.56 MB
Total Pagefile: 32680.27 MB
Available Pagefile: 29822.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:887.88 GB) (Free:446.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.95 GB) NTFS
Drive e: (Castlevania2) (CDROM) (Total:6.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 796B02F8)

Partition: GPT Partition Type.

==================== End Of Log ============================

TheSaiyan · Oct 7, 2014

That's all. FRST.txt and Addition.txt we're huge. Took a few posts to get all with the character limit

Broni · Oct 7, 2014

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

TheSaiyan · Oct 7, 2014

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by marc__000 at 2014-10-07 20:20:23 Run:1
Running from C:\Users\marc__000\Downloads
Loaded Profile: marc__000 (Available profiles: marc__000)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\...\MountPoints2: {e5aa175d-30b5-11e4-825b-e82aeab5644e} - "E:\setup.exe"
S2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [X]
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [X]
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
C:\Users\marc__000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv7gxyu.dll
C:\Users\marc__000\AppData\Local\Temp\nstD51D.exe
C:\Users\marc__000\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\marc__000\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\marc__000\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\marc__000\AppData\Local\Temp\nvStInst.exe
C:\Users\marc__000\AppData\Local\Temp\Quarantine.exe
C:\Users\marc__000\AppData\Local\Temp\SHSetup.exe
C:\Users\marc__000\AppData\Local\Temp\SPSetup.exe
AlternateDataStreams: C:\ProgramData\Temp:B3503B59
AlternateDataStreams: C:\Users\marc__000\Cookies:kpWkto7voPwSzUPwroXYodVdR4wh
AlternateDataStreams: C:\Users\marc__000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\marc__000\AppData\Local\Temp:XYjqZlE4enlYhc67z2tVaVV4ByJU
AlternateDataStreams: C:\Users\marc__000\AppData\Local\Temporary Internet Files:FX8IN4WR0YGbrvcJnb8cET049M

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
"HKU\S-1-5-21-1873908055-2179700353-3391590569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5aa175d-30b5-11e4-825b-e82aeab5644e}" => Key deleted successfully.
"HKCR\CLSID\{e5aa175d-30b5-11e4-825b-e82aeab5644e}" => Key not found.
DAMSvc => Service deleted successfully.
TESHelper => Service deleted successfully.
rtsuvc => Service deleted successfully.
C:\Users\marc__000\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv7gxyu.dll => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\nstD51D.exe => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\nv3DVStreaming.dll => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\marc__000\AppData\Local\Temp\SPSetup.exe => Moved successfully.
C:\ProgramData\Temp => ":B3503B59" ADS removed successfully.
"C:\Users\marc__000\Cookies" => ":kpWkto7voPwSzUPwroXYodVdR4wh" ADS not found.
C:\Users\marc__000\OneDrive => ":ms-properties" ADS removed successfully.
C:\Users\marc__000\AppData\Local\Temp => ":XYjqZlE4enlYhc67z2tVaVV4ByJU" ADS removed successfully.
"C:\Users\marc__000\AppData\Local\Temporary Internet Files" => ":FX8IN4WR0YGbrvcJnb8cET049M" ADS not found.

==== End of Fixlog ====

Broni · Oct 7, 2014

How is computer doing?

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Other Services
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Internet Explorer users - Click on this link to open ESET OnlineScan.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on ESET Smart Installer to download the ESET Smart Installer. Save it to your desktop.
- Double click on the http://www.bleepstatic.com/fhost/uploads/0/esetsmartinstaller_enu.png][/url] icon on your desktop.
  [/LIST]
  [*]Check [I]"YES, I accept the Terms of Use."[/I]
  [*]Click the [b]Start[/b] button.
  [*]Accept any security warnings from your browser.[/*]
  [*]Check [I]"Enable detection of potentially unwanted applications"[/I].
  [*]Click [I]Advanced settings[/I] and make sure all 4 boxes are checkmarked (two of them are already checkmarked by default).
  Do NOT checkmark [I]"Use custom proxy settings"[/I]
  [*]Click the [b]Start[/b] button.
  [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  [*]When the scan completes, click [b]List Threats[/b][/*]
  [*]Click [b]Export[/b], and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  [*]Click the [b]Back[/b] button.
  [*]Click the [b]Finish[/b] button.
  [/LIST]

TheSaiyan · Oct 7, 2014

Still getting the Bad Image Error, when launching apps and games. Can attach screenshot if needed. Same general message for all files.

About to start the next set of scans. Thank you very much by the way. I really appreciate the time spent helping me.

TheSaiyan · Oct 7, 2014

Got an unsupported operating system error for Security Check.exe. Running Windows 8.1

Broni · Oct 7, 2014

Go on for now...

Broni · Oct 7, 2014

NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

TheSaiyan · Oct 7, 2014

Farbar Service Scanner Version: 21-07-2014
Ran by marc__000 (administrator) on 07-10-2014 at 20:28:13
Running from "C:\Users\marc__000\Downloads"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

Farbar Service Scanner

TheSaiyan · Oct 7, 2014

Running the scan now. It seems like its gonna be a while again, so I'll report back asap

Inactive Bad Image - Malware/Virus

Posts: 24 +0

Posts: 56,041 +516

Posts: 24 +0

Posts: 24 +0

Posts: 56,041 +516

Posts: 24 +0

Posts: 24 +0

Posts: 56,041 +516

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 24 +0

Posts: 56,041 +516

Attachments

Posts: 24 +0

Posts: 56,041 +516

Posts: 24 +0

Posts: 24 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 24 +0

Posts: 24 +0

Similar threads