Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-11-2015 02
Ran by Arman (administrator) on ALADIN (25-11-2015 18:09:17)
Running from C:\Users\Arman\Downloads
Loaded Profiles: Arman (Available Profiles: Arman)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Farbar) C:\Users\Arman\Downloads\FRST64 (1).exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-11] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-24] ()
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [14448 2014-01-28] (ASUS)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-09-23] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\...\Run: [Discord] => C:\Users\Arman\AppData\Local\Discord\app-0.0.283\Discord.exe [51716784 2015-11-17] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\...\MountPoints2: {9586664e-3cae-11e5-8300-543530d94ae4} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\...\MountPoints2: {af7b8213-8553-11e4-8273-543530d94ae4} - "F:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\Users\Arman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-10-06]
ShortcutTarget: Curse.lnk -> C:\Users\Arman\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C18D81B-D1A9-4140-9C41-F97776C63E32}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4BBC6E82-5BA6-4D35-943D-7D6FB20C5355}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1162603160-520621064-4255279686-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-1162603160-520621064-4255279686-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-05] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=709216&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=709216&fr=yo-yhp-ch"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=709216&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Google Sheets) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-24] (ASUS Cloud Corporation) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-21] (BitRaider, LLC)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-02-01] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-11] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-11] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-11] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-27] (Electronic Arts)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4368808 2015-10-14] (AVG Technologies CZ, s.r.o.)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-11-19] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-08-05] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2015-01-06] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204936 2014-02-11] (Ralink Technology, Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-11-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-10-14] (TuneUp Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-25 18:08 - 2015-11-25 18:08 - 02348544 _____ (Farbar) C:\Users\Arman\Downloads\FRST64 (1).exe
2015-11-24 19:40 - 2015-11-24 21:24 - 00000000 ____D C:\Users\Arman\AppData\Roaming\discord
2015-11-24 19:40 - 2015-11-24 19:41 - 00002170 _____ C:\Users\Arman\Desktop\Discord.lnk
2015-11-24 19:40 - 2015-11-24 19:41 - 00000000 ____D C:\Users\Arman\AppData\Local\SquirrelTemp
2015-11-24 19:40 - 2015-11-24 19:40 - 00000000 ____D C:\Users\Arman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2015-11-24 19:40 - 2015-11-24 19:40 - 00000000 ____D C:\Users\Arman\AppData\Local\Discord
2015-11-24 19:39 - 2015-11-24 19:40 - 49419440 _____ (Hammer & Chisel, Inc.) C:\Users\Arman\Downloads\DiscordSetup.exe
2015-11-22 15:46 - 2015-11-25 16:16 - 00000073 _____ C:\Users\Arman\AppData\Roaming\sp_data.sys
2015-11-20 14:36 - 2015-11-20 14:36 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-11-20 14:16 - 2015-11-20 14:16 - 01732096 _____ C:\Users\Arman\Downloads\adwcleaner_5.021 (2).exe
2015-11-20 14:16 - 2015-11-20 14:16 - 00000845 _____ C:\Users\Arman\Desktop\JRT.txt
2015-11-20 14:15 - 2015-11-20 14:15 - 00003185 _____ C:\Users\Arman\Desktop\AdwCleaner[C1].txt
2015-11-20 14:13 - 2015-11-20 14:13 - 01732096 _____ C:\Users\Arman\Downloads\adwcleaner_5.021 (1).exe
2015-11-20 14:13 - 2015-11-20 14:13 - 01599080 _____ (Malwarebytes) C:\Users\Arman\Downloads\JRT.exe
2015-11-20 14:05 - 2015-11-20 14:15 - 00000000 ____D C:\AdwCleaner
2015-11-20 14:04 - 2015-11-20 14:04 - 01732096 _____ C:\Users\Arman\Downloads\adwcleaner_5.021.exe
2015-11-20 14:03 - 2015-11-20 14:03 - 00002732 _____ C:\Users\Arman\Desktop\RKlog.txt
2015-11-20 13:43 - 2015-11-20 13:43 - 00001727 _____ C:\Users\Arman\Desktop\scanlog.txt
2015-11-20 03:18 - 2015-11-20 13:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 03:17 - 2015-11-20 03:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-20 03:17 - 2015-11-20 03:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-20 03:17 - 2015-11-20 03:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-20 03:17 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 03:17 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 03:17 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-20 03:16 - 2015-11-20 03:17 - 22908888 _____ (Malwarebytes ) C:\Users\Arman\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-20 02:58 - 2015-11-20 13:45 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-20 02:58 - 2015-11-20 03:20 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-19 22:51 - 2015-11-19 22:51 - 19740232 _____ C:\Users\Arman\Downloads\RogueKiller.exe
2015-11-19 19:53 - 2015-11-19 19:53 - 00048505 _____ C:\Users\Arman\Downloads\Addition.txt
2015-11-19 19:52 - 2015-11-25 18:10 - 00022802 _____ C:\Users\Arman\Downloads\FRST.txt
2015-11-19 19:52 - 2015-11-25 18:09 - 00000000 ____D C:\FRST
2015-11-19 19:51 - 2015-11-19 19:51 - 02020352 _____ (Farbar) C:\Users\Arman\Downloads\FRST64.exe
2015-11-19 19:34 - 2015-11-19 19:34 - 00000000 ____D C:\Users\Arman\AppData\Local\AVG Web TuneUp
2015-11-19 19:34 - 2015-11-19 19:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-19 19:33 - 2015-11-19 19:34 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-11-19 19:33 - 2015-11-19 19:33 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-11-19 19:33 - 2015-11-19 19:33 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-11-19 12:37 - 2015-11-19 12:37 - 00002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2015-11-19 12:37 - 2015-11-19 12:37 - 00002230 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2015-11-19 12:37 - 2015-10-14 11:05 - 00045992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2015-11-19 12:37 - 2015-10-14 10:59 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2015-11-19 12:37 - 2015-10-14 10:59 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2015-11-19 12:36 - 2015-11-19 12:36 - 02894864 _____ (AVG Technologies) C:\Users\Arman\Downloads\AVG_PCTuneUp_879.exe
2015-11-19 03:15 - 2015-11-19 12:37 - 00000000 ____D C:\Users\Arman\AppData\Roaming\AVG
2015-11-19 03:15 - 2015-11-19 03:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-19 03:14 - 2015-11-19 03:14 - 00000954 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2015-11-19 03:14 - 2015-11-19 03:14 - 00000000 ____D C:\Users\Arman\AppData\Roaming\TuneUp Software
2015-11-19 03:14 - 2015-11-19 03:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-11-19 03:13 - 2015-11-19 03:13 - 00000000 ___HD C:\$AVG
2015-11-19 03:12 - 2015-11-25 18:09 - 00000000 ____D C:\ProgramData\MFAData
2015-11-19 03:12 - 2015-11-19 12:37 - 00000000 ____D C:\Users\Arman\AppData\Local\Avg
2015-11-19 03:12 - 2015-11-19 12:37 - 00000000 ____D C:\ProgramData\Avg
2015-11-19 03:12 - 2015-11-19 12:37 - 00000000 ____D C:\Program Files (x86)\AVG
2015-11-19 03:12 - 2015-11-19 12:36 - 00000000 ____D C:\Users\Arman\AppData\Local\AvgSetupLog
2015-11-19 03:12 - 2015-11-19 03:12 - 00000000 ____D C:\Users\Arman\AppData\Local\MFAData
2015-11-19 03:12 - 2015-11-19 03:12 - 00000000 ____D C:\Users\Arman\AppData\Local\Avg2015
2015-11-19 03:11 - 2015-11-19 03:11 - 05091576 _____ (AVG Technologies) C:\Users\Arman\Downloads\avg_isc_stb_all_2015_ltst_737.exe
2015-11-17 19:50 - 2015-11-17 19:50 - 00000021 _____ C:\Users\Arman\Desktop\TS SERVER.txt
2015-11-17 15:51 - 2015-11-17 15:51 - 00000340 _____ C:\Users\Arman\Desktop\Ubiquitous2.appref-ms
2015-11-17 15:51 - 2015-11-17 15:51 - 00000000 ____D C:\Users\Arman\Documents\Ubiquitous2
2015-11-17 15:51 - 2015-11-17 15:51 - 00000000 ____D C:\Users\Arman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xedoc
2015-11-17 15:50 - 2015-11-17 15:50 - 00429168 _____ () C:\Users\Arman\Downloads\setup (2).exe
2015-11-17 15:44 - 2015-11-17 15:47 - 00000000 ____D C:\Users\Arman\AppData\Roaming\vlc
2015-11-17 15:37 - 2015-11-17 15:37 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-17 15:37 - 2015-11-17 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-11-17 15:36 - 2015-11-17 15:36 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-11-17 15:35 - 2015-11-17 15:35 - 28849904 _____ C:\Users\Arman\Downloads\vlc-2.2.1-win32.exe
2015-11-17 14:55 - 2015-11-17 14:55 - 01221856 _____ C:\Windows\Minidump\111715-26406-01.dmp
2015-11-17 13:43 - 2015-11-17 13:43 - 01070256 _____ C:\Windows\Minidump\111715-30125-01.dmp
2015-11-17 13:00 - 2015-11-17 14:55 - 647655012 _____ C:\Windows\MEMORY.DMP
2015-11-17 13:00 - 2015-11-17 13:00 - 01074040 _____ C:\Windows\Minidump\111715-31906-01.dmp
2015-11-16 23:44 - 2015-11-16 23:44 - 00000000 ____D C:\Users\Arman\Downloads\clrbrowser4_repack
2015-11-16 23:43 - 2015-11-16 23:43 - 102983184 _____ C:\Users\Arman\Downloads\clrbrowser4_repack.zip
2015-11-16 21:17 - 2015-11-16 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kinoni
2015-11-16 21:17 - 2015-11-16 21:17 - 00000000 ____D C:\ProgramData\Apple
2015-11-16 21:17 - 2015-11-16 21:17 - 00000000 ____D C:\Program Files (x86)\Kinoni
2015-11-16 21:14 - 2015-11-16 21:14 - 03567256 _____ (Kinoni) C:\Users\Arman\Downloads\KinoniWinInstaller281.exe
2015-11-16 20:35 - 2015-11-16 20:35 - 01704224 _____ (Overwolf) C:\Users\Arman\Downloads\Twitch-OverwolfInstaller.exe
2015-11-16 17:40 - 2015-11-19 00:45 - 00000000 ____D C:\Users\Arman\AppData\Roaming\OBS
2015-11-16 17:40 - 2015-11-16 23:58 - 00000000 ____D C:\Program Files (x86)\OBS
2015-11-16 17:40 - 2015-11-16 20:51 - 00000949 _____ C:\Users\Arman\Desktop\Open Broadcaster Software.lnk
2015-11-16 17:40 - 2015-11-16 17:40 - 00000000 ____D C:\Users\Arman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-11-16 17:40 - 2015-11-16 17:40 - 00000000 ____D C:\Program Files\OBS
2015-11-16 17:38 - 2015-11-16 17:38 - 07277632 _____ C:\Users\Arman\Downloads\OBS_0_656b_Installer.exe
2015-11-16 00:52 - 2015-11-16 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2015-11-16 00:52 - 2015-11-16 00:52 - 00000000 ____D C:\Program Files (x86)\Mumble
2015-11-16 00:51 - 2015-11-16 00:51 - 16722432 _____ C:\Users\Arman\Downloads\mumble-1.2.10.msi
2015-11-12 23:42 - 2015-11-12 23:42 - 00101572 _____ C:\Users\Arman\Downloads\recap_v3.35.zip
2015-11-12 23:42 - 2015-11-12 23:42 - 00000000 ____D C:\Users\Arman\Downloads\recap_v3.35
2015-11-12 16:40 - 2015-11-12 16:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-12 16:40 - 2015-11-12 16:40 - 00000000 ____D C:\Users\Arman\Tracing
2015-11-12 16:40 - 2015-11-12 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-11 15:22 - 2015-11-05 11:13 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 22308656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 18362160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 17515208 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 15121784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 13527248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-11 15:22 - 2015-11-05 11:13 - 02870392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 02490488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435891.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435891.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00877360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00500872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00177600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-11 15:22 - 2015-11-05 11:13 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-11 13:41 - 2015-11-11 13:42 - 00001089 _____ C:\Users\Arman\Desktop\WoW - Shortcut.lnk
2015-11-11 13:30 - 2015-11-11 13:30 - 00386453 _____ C:\Users\Arman\Desktop\System_Information_By_Tweaking.com.txt
2015-11-11 13:29 - 2015-11-11 13:29 - 00225296 _____ C:\Users\Arman\Downloads\Tweaking.com-System_Information.exe
2015-11-11 13:29 - 2015-11-11 13:29 - 00000000 ____D C:\Users\Arman\Downloads\Tweaking.com - System Information
2015-11-10 12:53 - 2015-11-12 08:17 - 00383648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-10 12:46 - 2015-10-15 10:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 12:46 - 2015-10-15 09:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 12:46 - 2015-10-13 11:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 12:46 - 2015-10-13 11:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 12:46 - 2015-10-13 09:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 12:46 - 2015-10-13 09:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-10 12:46 - 2015-10-13 09:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 12:46 - 2015-10-13 09:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 12:46 - 2015-10-13 09:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-10 12:46 - 2015-10-13 09:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-10 12:46 - 2015-10-11 00:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 12:46 - 2015-10-11 00:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 12:46 - 2015-10-10 12:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 12:46 - 2015-10-10 12:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 12:46 - 2015-10-10 12:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-10 12:46 - 2015-10-10 11:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 12:46 - 2015-10-10 11:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 12:46 - 2015-10-10 11:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-10 12:46 - 2015-10-10 10:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 12:46 - 2015-09-12 07:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-10 12:45 - 2015-10-20 15:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 12:45 - 2015-10-20 08:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 12:45 - 2015-10-20 08:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 12:45 - 2015-10-20 08:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 12:45 - 2015-10-20 08:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-10 12:45 - 2015-10-20 08:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 12:45 - 2015-10-20 08:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 12:45 - 2015-10-20 08:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 12:45 - 2015-10-20 08:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 12:45 - 2015-10-20 08:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 12:45 - 2015-10-20 08:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 12:45 - 2015-10-20 08:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 12:45 - 2015-10-14 17:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 12:45 - 2015-10-14 17:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-10 12:45 - 2015-10-14 17:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-10 12:45 - 2015-10-14 17:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-10 12:45 - 2015-10-14 17:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-10 12:45 - 2015-09-07 10:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-10 12:45 - 2015-09-07 09:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-10 12:45 - 2015-09-07 09:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-10 12:45 - 2015-09-04 13:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-10 12:45 - 2015-08-28 16:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-10 12:45 - 2014-11-04 19:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-10 12:45 - 2014-11-04 19:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-10 12:44 - 2015-10-30 17:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 12:44 - 2015-10-30 17:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 12:44 - 2015-10-30 17:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 12:44 - 2015-10-30 17:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 12:44 - 2015-10-30 17:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 12:44 - 2015-10-30 16:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 12:44 - 2015-10-30 16:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 12:44 - 2015-10-30 16:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 12:44 - 2015-10-30 16:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-10 12:44 - 2015-10-30 16:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 12:44 - 2015-10-30 16:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 12:44 - 2015-10-30 16:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 12:44 - 2015-10-30 16:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 12:44 - 2015-10-30 16:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 12:44 - 2015-10-30 16:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 12:44 - 2015-10-30 16:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-10 12:44 - 2015-10-30 16:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 12:44 - 2015-10-30 16:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 12:44 - 2015-10-30 16:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 12:44 - 2015-10-30 15:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 12:44 - 2015-10-30 15:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 12:44 - 2015-10-30 15:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 12:44 - 2015-10-30 15:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 12:44 - 2015-10-17 08:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 12:44 - 2015-10-08 10:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-10 12:44 - 2015-09-29 06:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-10 12:44 - 2015-08-20 14:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-10 12:44 - 2015-08-20 11:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-10 12:44 - 2015-08-10 12:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-10 12:44 - 2015-08-10 12:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-10 12:44 - 2015-08-10 11:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-10 12:44 - 2015-08-10 10:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-10 12:44 - 2015-08-10 10:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-10 12:44 - 2014-11-10 12:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-11-10 12:43 - 2015-11-10 12:43 - 00000000 ____D C:\Users\Arman\Downloads\Leatrix latency fix
2015-11-10 12:36 - 2015-11-10 12:36 - 04195233 _____ C:\Users\Arman\Downloads\Leatrix latency fix.rar
2015-11-10 00:41 - 2015-11-10 00:41 - 00000000 ____D C:\Users\Arman\Downloads\Questie-2.0.12
2015-11-10 00:40 - 2015-11-10 00:40 - 02017877 _____ C:\Users\Arman\Downloads\Questie-2.0.12.zip
2015-11-09 17:56 - 2015-11-09 17:56 - 15382984 _____ C:\Users\Arman\Downloads\QuestieDev-Questie_3.0.zip
2015-11-09 17:56 - 2015-11-09 17:56 - 00000000 ____D C:\Users\Arman\Downloads\QuestieDev-Questie_3.0
2015-11-05 21:04 - 2015-11-05 21:04 - 00003134 _____ C:\Windows\System32\Tasks\{195C45BA-B840-4FD3-9528-055922815F7D}
2015-11-05 19:21 - 2015-11-05 19:21 - 00000000 ____D C:\Users\Arman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
2015-11-05 19:18 - 2015-11-05 19:21 - 00000000 ____D C:\World of Warcraft Classic
2015-11-05 19:15 - 2015-11-05 19:15 - 00000000 ____D C:\Users\Arman\Downloads\Nostalrius-WoW-Classic
2015-11-05 19:09 - 2015-11-05 19:14 - 1095345587 _____ C:\Users\Arman\Downloads\Nostalrius-WoW-Classic.zip
2015-11-05 17:27 - 2015-11-05 11:13 - 03158736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-05 17:27 - 2015-11-02 11:10 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435887.dll
2015-11-05 17:27 - 2015-11-02 11:10 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435887.dll
2015-11-05 17:27 - 2015-08-10 22:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-05 17:27 - 2015-08-10 22:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-05 17:26 - 2015-11-05 17:26 - 00000000 ____D C:\NVIDIA
2015-11-05 17:18 - 2015-11-05 17:18 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-05 17:18 - 2015-11-05 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-05 16:37 - 2015-11-05 16:37 - 00000000 ____D C:\Users\Arman\AppData\Roaming\Sun
2015-11-05 16:37 - 2015-11-05 16:37 - 00000000 ____D C:\Users\Arman\.oracle_jre_usage