Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trovi has highjacked browser

Started by peyote , Jun 06 2014 05:58 PM

  • This topic is locked This topic is locked

#1
peyote
Posted 06 June 2014 - 05:58 PM

peyote

    Member

  • Member
  • PipPipPip
  • 161 posts

I installed Firefox a day or two ago and have Google as my home page. But now when I open a new tab Bing search page comes up with a Trovi web address. How can I get rid of this?

 

Also, a few years ago I found  really good step by step on how to tweak fire fox about:config setting, what ad-ons to use, tweeking other setting in fire fox to make it very secure. I followed that step by step and I had my browser as tuff as nails and in two year had zero problems for viruses, malware, browser hijacking. I am sure the step by step was somewhere on Geekstogo but I can find it. Any idea what I am talking about?


  • 0

Advertisements

#2
zep516
Posted 06 June 2014 - 06:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First

Please download OTL to your Desktop
  • Double click on the OTLicon.jpg to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.
  • 0

#3
peyote
Posted 06 June 2014 - 06:30 PM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Thanks Zep516!,here they both are but right after posting, I paniced and uninstalled Firefox and reinstalled it through IE, IE is also hijacked. Sorry if this messes things up. Here they are and the Extras.txt is the first half;

 

 

 

 

 

 

 

 

 

 

OTL Extras logfile created on: 07/06/2014 01:06:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Will-PC\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
7.90 Gb Total Physical Memory | 6.65 Gb Available Physical Memory | 84.10% Memory free
9.78 Gb Paging File | 8.32 Gb Available in Paging File | 85.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.13 Gb Total Space | 199.31 Gb Free Space | 83.70% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 928.39 Gb Free Space | 99.67% Space Free | Partition Type: NTFS
 
Computer Name: NEWBUILD | User Name: Will-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13BE73E1-AC2D-4213-80C3-91BE68603AAF}" = lport=1900 | protocol=17 | dir=in | name=upnp udp 1900 |
"{BBE4D271-2A1E-457A-8EAA-73C379ADCD24}" = lport=2869 | protocol=6 | dir=in | name=upnp tcp 2869 |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002BC755-2108-4ED7-8690-FD85D10E4626}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{02DA7D8A-B977-476A-BD48-B4B135AD3796}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{087FF881-D4E8-470D-BBBF-CA7E0642447D}" = dir=out | name=@{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0C74CB51-0137-4313-84A3-9008D0AFE690}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{0FD2C90F-F4B4-402B-8599-9D8A0FDE6130}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{12702549-4DD4-40EA-864C-4F8CBB406C88}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{17EDB43C-E1A9-4C20-A215-3D5CF83C1E5D}" = protocol=17 | dir=in | app=c:\users\will-pc\appdata\roaming\utorrent\utorrent.exe |
"{1877DFE9-3909-4B2C-8249-2615C87E8DFC}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{220339E0-A3EE-44A6-806B-B5526665EF04}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\assisttools\wifi go! server.exe |
"{2209A73E-DC14-44BD-96C9-A3879596A30B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2A24FBB8-3C77-4518-B035-D4F7566DADD2}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{2A69F27B-258D-4100-BC58-4D42FC9A90F8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{2F20736B-D863-497F-B172-CE229FCC55E4}" = dir=out | name=@{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{38FDB316-176C-487D-A4BF-AA36BAF531C3}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\3dmarklauncher.exe |
"{3BCA3FA7-D114-4A68-A2B4-E677FE113DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{3DFCB0B0-4D9F-4C41-9693-917FFA177E4F}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\asusdms.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{47BF7F12-35A0-4F7A-B45D-1F2AC1319A1B}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{4800D660-3745-4D9C-85B3-97CEDA0A68B0}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{49FF35AC-40D4-4311-9E00-6E24A3BB1069}" = dir=out | name=@{microsoft.xboxlivegames_2.0.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4A6C4F85-1EB6-4122-94E9-F0881040D295}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4B057390-2097-40D5-9C84-AC07F36CED6F}" = dir=out | name=@{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5CE511F3-6109-45D6-BA6B-1098F09BA5F9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6322E918-FD52-4827-9934-FD17750F5E42}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6B3DDF88-C193-4DB9-95EF-E49702BFC703}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\3dmark\3dmarklauncher.exe |
"{73A72E93-3C1D-4B46-8BA0-4297743CBC4E}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7A530F2E-E884-450D-A18A-1640E8D75C7F}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{82E5D75B-6986-4486-9EE6-4F473B48CD22}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{8380452D-6110-45C8-9139-E7ED84461A1A}" = protocol=6 | dir=in | app=c:\users\will-pc\appdata\roaming\utorrent\utorrent.exe |
"{84A7A5D3-0ADE-4AD0-BF97-D1F948589B9D}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{86CF2473-F9AC-4B12-9F83-F92C13236652}" = dir=out | name=skype |
"{8E4407E7-B02E-47E1-A275-47FE9C370D3C}" = dir=out | name=@{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{97BF62BC-48F8-4E56-A78C-3682B5A84C7B}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\remote go!\asusdms.exe |
"{9BF65DE9-6224-48FA-A9F7-68A0001694F2}" = dir=out | name=@{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A691C9B5-DC4C-4CE6-BDB1-C305C83B8B52}" = dir=out | name=@{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B1DE3C62-2C39-4780-942B-BC492BFE9507}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{BC9C6315-7CCA-4F6A-AC0D-4F9B385B3496}" = dir=in | name=skype |
"{BDF9107D-04F3-4F2C-87C3-6E5330E127D2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{C81BB9F1-D31C-4B1C-841A-90804A5E36BA}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{CFAD8FA8-1407-4F5E-9107-2675E0A54305}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D35C051B-F85A-466D-9A92-C5E51F488B6C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBE38F5F-6A42-4DBF-8E55-55D78DE9D3E6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{DD8AE6A9-936B-4D84-931E-57A5F7CE84F1}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F89FD297-130B-4FEF-98EC-EA88CC8E599B}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"TCP Query User{040BE8A0-46F5-499F-A55A-015C313AB9C2}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{568CBE50-0F7D-46AB-8397-1BAAD8BC028D}C:\users\will-pc\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\will-pc\downloads\utorrent.exe |
"TCP Query User{75A31574-6B07-40ED-871B-C0DEB8482EE2}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe |
"UDP Query User{10C334A5-3529-44F6-A1B3-EFEE0865BCAF}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{9A7BE519-4AAD-46F6-AEFD-36210F8D5300}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe |
"UDP Query User{F24A9651-9D5C-4ACD-B4F6-A7CBFF46CFBB}C:\users\will-pc\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\will-pc\downloads\utorrent.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{149FBD36-6E9E-2035-42B0-59D91714138D}" = AMD Fuel
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}" = WinZip 17.5
"{D3485211-6ACA-8BC3-1AAB-29FC5552C454}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"CPUID ASUS CPU-Z_is1" = CPUID ASUS CPU-Z 1.65
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
"PerformanceTest 7_is1" = PerformanceTest v7.0 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031F80EB-1FE5-45EF-9DE2-E2F5AF01259F}" = CCC Help Spanish
"{0B15A8C3-3B8A-F229-A880-82EA62908425}" = CCC Help Dutch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1A6752E1-966B-9D1F-F6B7-DDBCA6FC87ED}" = CCC Help Russian
"{2058DA53-D5F2-D8D9-7325-39B0E367D1E1}" = CCC Help Swedish
"{2090B6D0-E025-5A67-9838-8F1D5768E643}" = CCC Help Chinese Standard
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D FurMark 1.13.0
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 60
"{2AD4FF67-43E9-77AD-D90C-584F950E2D12}" = CCC Help French
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{396230C1-0E92-10EC-4F53-615C666DA871}" = HydraVision
"{3A577334-7C90-55BC-1878-F5862FA268B2}" = CCC Help Korean
"{3BF289E3-933B-F421-3B59-F6BB0D285B09}" = CCC Help Hungarian
"{3CB6BA0C-6BC5-E543-221A-AA4DEBB6F4B5}" = CCC Help Polish
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{430E2D32-6EA9-E6E4-80A1-84047694A45B}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6A8D33-09CD-FD44-4BF0-999E8A6E93C8}" = CCC Help Italian
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.25
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{6EBDE2A2-0CFB-9134-A859-68A0002B3FA6}" = CCC Help Thai
"{769E98DC-2BB0-83A7-51C9-306F30232345}" = Catalyst Control Center Graphics Previews Common
"{7AAE9187-C24F-4073-A951-36C370E7A3A5}" = ASUS Boot Setting
"{8181B50E-0E33-DE07-AAB2-E71BBBDBF288}" = CCC Help Portuguese
"{83FB054C-7DA5-1C76-BFB2-423426DC35BB}" = AMD Catalyst Control Center
"{8A640069-9784-701E-AC8E-84F62C42D1A3}" = CCC Help English
"{93098E43-2743-1551-447F-2699E9591E9C}" = CCC Help Danish
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A3703A3B-FDCF-4349-4B2E-A189A2B90B51}" = CCC Help Chinese Traditional
"{A619A488-A4BA-F2A0-72FA-4C484B93DC0F}" = CCC Help Greek
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{C4799AAA-CE52-D2F1-63C8-E6D5106C78E0}" = CCC Help Norwegian
"{C6182116-5F2D-9949-B42B-06073E86A98A}" = CCC Help German
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{CC6C7F05-AF23-65BD-702D-705EAB723578}" = CCC Help Japanese
"{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}" = GPUTweakStreaming
"{D5B7F1A3-2CA6-4C5C-EFB6-4AA5772F5310}" = CCC Help Turkish
"{DBA6B3EF-A8C0-4EB2-9554-3A7879838580}" = Catalyst Control Center Localization All
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}" = Futuremark SystemInfo
"{F4A6308C-55E6-57DF-95BB-AEEF374B469A}" = CCC Help Finnish
"{F543B0F9-D1F9-25D1-993C-8430BEC9D889}" = Catalyst Control Center InstallProxy
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"DYMO Label v.8" = DYMO Label v.8
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}" = GPUTweakStreaming
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SearchProtect" = Search Protect
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam" = Steam
"Steam App 231350" = 3DMark Demo
"WebStorage" = WebStorage
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Search Protection" = Search Protection
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05/06/2014 15:36:12 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details.   hr=0x80072EE7
 
Error - 05/06/2014 15:36:12 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0x80072EE7  Sku Id=b080aea2-e6c5-4b22-838e-fa4a21c931e3
 
Error - 05/06/2014 15:36:12 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line
 arguments:  RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=b080aea2-e6c5-4b22-838e-fa4a21c931e3;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 05/06/2014 15:41:27 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details.   hr=0x80072EE7
 
Error - 05/06/2014 15:41:27 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0x80072EE7  Sku Id=b080aea2-e6c5-4b22-838e-fa4a21c931e3
 
Error - 05/06/2014 15:41:28 | Computer Name = NewBuild | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line
 arguments:  RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=b080aea2-e6c5-4b22-838e-fa4a21c931e3;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 05/06/2014 16:40:31 | Computer Name = NewBuild | Source = Application Error | ID = 1000
Description = Faulting application name: EzUpdt.exe, version: 0.0.0.0, time stamp:
 0x00000000  Faulting module name: EzUpdt.exe, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x000091b1  Faulting process ID: 0x9c4  Faulting application
 start time: 0x01cf80f6241c277b  Faulting application path: C:\Program Files (x86)\ASUS\AI
 Suite II\EasyUpdate\EzUpdt.exe  Faulting module path: C:\Program Files (x86)\ASUS\AI
 Suite II\EasyUpdate\EzUpdt.exe  Report ID: a270ab25-ecf1-11e3-8258-bcee7b5caf1b  Faulting
 package full name:   Faulting package-relative application ID:
 
Error - 05/06/2014 22:12:05 | Computer Name = NewBuild | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error
 in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on
line 2.  The manifest file root element must be assembly.
 
Error - 06/06/2014 06:37:15 | Computer Name = NewBuild | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error
 in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on
line 2.  The manifest file root element must be assembly.
 
Error - 06/06/2014 06:42:15 | Computer Name = NewBuild | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error
 in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on
line 2.  The manifest file root element must be assembly.
 
[ System Events ]
Error - 06/06/2014 11:23:10 | Computer Name = NewBuild | Source = DCOM | ID = 10010
Description =
 
Error - 06/06/2014 14:50:43 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
 Client Service service to connect.
 
Error - 06/06/2014 14:50:43 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
 error:   %%1053
 
Error - 06/06/2014 16:49:42 | Computer Name = NewBuild | Source = Microsoft-Windows-EnhancedStorage-EhStorTcgDrv | ID = 10
Description = A TCG Command has returned an error.  Desc: AuthenticateSession  Param1:
 0x1  Param2: 0x60000001c  Param3: 0x900000006  Param4: 0x0  Status: 0x1
 
Error - 06/06/2014 16:49:47 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.2.0 service failed to start due to the following error:
   %%3
 
Error - 06/06/2014 18:54:17 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7000
Description = The cpuz137 service failed to start due to the following error:   %%3
 
Error - 06/06/2014 18:59:34 | Computer Name = NewBuild | Source = Microsoft-Windows-EnhancedStorage-EhStorTcgDrv | ID = 10
Description = A TCG Command has returned an error.  Desc: AuthenticateSession  Param1:
 0x1  Param2: 0x60000001c  Param3: 0x900000006  Param4: 0x0  Status: 0x1
 
Error - 06/06/2014 18:59:39 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.2.0 service failed to start due to the following error:
   %%3
 
Error - 06/06/2014 19:04:43 | Computer Name = NewBuild | Source = Microsoft-Windows-EnhancedStorage-EhStorTcgDrv | ID = 10
Description = A TCG Command has returned an error.  Desc: AuthenticateSession  Param1:
 0x1  Param2: 0x60000001c  Param3: 0x900000006  Param4: 0x0  Status: 0x1
 
Error - 06/06/2014 19:04:50 | Computer Name = NewBuild | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.2.0 service failed to start due to the following error:
   %%3
 
 
< End of report >

 

OTL logfile created on: 07/06/2014 01:06:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Will-PC\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
7.90 Gb Total Physical Memory | 6.65 Gb Available Physical Memory | 84.10% Memory free
9.78 Gb Paging File | 8.32 Gb Available in Paging File | 85.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.13 Gb Total Space | 199.31 Gb Free Space | 83.70% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 928.39 Gb Free Space | 99.67% Space Free | Partition Type: NTFS
 
Computer Name: NEWBUILD | User Name: Will-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/07 01:04:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Will-PC\Downloads\OTL.exe
PRC - [2014/06/05 12:51:14 | 002,497,344 | ---- | M] (Client Connect LTD) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2014/05/21 16:30:50 | 000,846,696 | ---- | M] (Spigot, Inc.) -- C:\Users\Will-PC\AppData\Roaming\Search Protection\SearchProtection.exe
PRC - [2014/03/20 22:15:08 | 001,867,056 | ---- | M] (Sanford, L.P.) -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
PRC - [2013/09/17 11:58:57 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/09/17 11:58:57 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/09/11 21:43:44 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2013/08/26 10:46:04 | 000,967,480 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
PRC - [2013/08/26 09:55:06 | 000,696,632 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
PRC - [2013/08/19 17:21:40 | 001,108,992 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2013/01/28 15:58:52 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2013/01/14 20:04:14 | 001,199,416 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/11/09 08:51:04 | 001,632,256 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/06 13:46:20 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b66c3a9184d6f58a4ea4c9fda959ae1\System.Configuration.ni.dll
MOD - [2014/06/06 13:37:53 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\15647f7e2cb5149ea20c8baf4bde25d2\System.Core.ni.dll
MOD - [2014/06/06 13:37:52 | 005,463,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9e55130078215e51257977a651b0696b\System.Xml.ni.dll
MOD - [2014/06/06 13:37:50 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\eac55000ab752ad6469e74bc2031a3ef\System.Windows.Forms.ni.dll
MOD - [2014/06/06 13:37:45 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e846f72e7c00312a5d9c04e7f70fa4a8\System.Drawing.ni.dll
MOD - [2014/06/06 13:37:41 | 014,344,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\44eebbcf3fb58e5d66771af7a1d0cf38\PresentationFramework.ni.dll
MOD - [2014/06/06 13:37:33 | 012,239,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\6921fb614ff271761789cd826d140f34\PresentationCore.ni.dll
MOD - [2014/06/06 13:37:27 | 003,349,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\291fac5331dc56d809d6e902829b2e4f\WindowsBase.ni.dll
MOD - [2014/06/06 13:37:25 | 007,993,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5a86b00da9227fe7c9a1f6ca95c1850c\System.ni.dll
MOD - [2014/06/06 13:37:22 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0cc1da9cd31b490f4ec04cb6c2aa0519\mscorlib.ni.dll
MOD - [2014/03/20 21:50:44 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
MOD - [2013/08/19 17:21:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2013/08/19 10:23:16 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2013/08/06 20:04:58 | 002,502,656 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.dll
MOD - [2013/08/05 11:14:32 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
MOD - [2013/06/24 17:48:46 | 002,055,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
MOD - [2013/06/24 15:59:32 | 001,173,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2013/06/13 17:37:48 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
MOD - [2013/06/11 12:06:06 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
MOD - [2013/05/08 16:22:48 | 001,040,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2013/04/15 14:19:46 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2013/03/21 19:38:04 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
MOD - [2013/01/28 15:58:52 | 000,870,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2012/10/08 17:07:46 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/08/29 18:09:00 | 000,875,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2012/07/20 09:39:40 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
MOD - [2012/04/25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MOD - [2012/01/12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/12/14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
MOD - [2010/10/29 18:58:02 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
MOD - [2010/08/23 03:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/18 02:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/08/22 13:39:24 | 003,395,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:03:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:41:28 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:40:00 | 000,265,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:38:22 | 001,563,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/08/22 10:36:35 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/22 10:04:58 | 000,528,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 09:58:59 | 001,291,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/08/22 09:47:59 | 001,534,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV - [2014/06/06 02:21:58 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/05 12:51:14 | 002,497,344 | ---- | M] (Client Connect LTD) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/05/29 18:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/07 03:27:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- E:\CCC\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2014/03/20 22:22:56 | 000,033,072 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2014/02/28 02:41:42 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013/09/17 11:58:57 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/09/17 11:58:57 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/22 03:35:39 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/06/26 07:54:00 | 000,071,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012/11/09 08:51:04 | 001,632,256 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV:64bit: - [2014/04/18 03:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/04/18 02:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/03/11 15:20:04 | 000,222,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/08/22 21:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 21:59:34 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,175,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,234,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:49:29 | 000,039,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/08/22 13:45:37 | 000,135,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,466,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/08/22 13:43:34 | 000,325,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,370,528 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,056,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,086,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/16 15:37:12 | 000,424,192 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2013/08/16 15:37:12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/09 10:42:06 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:64bit: - [2013/02/21 04:40:38 | 000,032,840 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/09/23 00:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- E:\CCC\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV - [2012/12/29 21:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...442326B6A&SSPV=
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 66 80 84 C7 F7 80 CF 01  [binary data]
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\..\SearchScopes,DefaultScope = {616B5D3C-E4DC-4838-B46D-69CF7CD2BC13}
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\..\SearchScopes\{616B5D3C-E4DC-4838-B46D-69CF7CD2BC13}: "URL" = https://uk.search.ya...p={searchTerms}
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/06/07 00:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will-PC\AppData\Roaming\Mozilla\Extensions
[2014/06/07 01:00:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will-PC\AppData\Roaming\Mozilla\Firefox\Profiles\vzkblwak.default\extensions
[2014/06/07 00:51:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/07 00:51:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MouseDriver] C:\Windows\SysNative\TiltWheelMouse.exe (Pixart Imaging Inc)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" File not found
O4 - HKLM..\Run: [StartCCC] E:\CCC\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\ASUSWSLoader.exe ()
O4 - HKU\S-1-5-21-3255366530-3622484101-689240536-1001..\Run: [DymoQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
O4 - HKU\S-1-5-21-3255366530-3622484101-689240536-1001..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3255366530-3622484101-689240536-1001..\Run: [SearchProtection] C:\Users\Will-PC\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC3F00E6-A2AA-4D41-9AF7-0E0E095EEE75}: DhcpNameServer = 192.168.1.1
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Client Connect LTD)
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Client Connect LTD)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{73962c95-ecdd-11e3-824c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{73962c95-ecdd-11e3-824c-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\StarCraft II Setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/07 00:52:08 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Mozilla
[2014/06/07 00:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/07 00:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/06 23:47:52 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014/06/06 23:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014/06/06 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\SearchProtect
[2014/06/06 23:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/06/06 23:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2014/06/06 23:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014/06/06 23:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/06/06 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Futuremark
[2014/06/06 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\3DMark
[2014/06/06 20:01:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014/06/06 20:01:19 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014/06/06 20:01:19 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014/06/06 20:01:19 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014/06/06 20:01:19 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014/06/06 20:01:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014/06/06 20:01:18 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014/06/06 20:01:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014/06/06 20:01:18 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014/06/06 20:01:18 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014/06/06 20:01:18 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014/06/06 20:01:18 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014/06/06 20:01:18 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014/06/06 20:01:18 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014/06/06 20:01:17 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014/06/06 20:01:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/06/06 20:01:17 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014/06/06 20:01:17 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014/06/06 20:01:17 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014/06/06 20:01:17 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014/06/06 20:01:17 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014/06/06 20:01:17 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014/06/06 20:01:17 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014/06/06 20:01:17 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014/06/06 20:01:16 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014/06/06 20:01:16 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014/06/06 20:01:16 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014/06/06 20:01:16 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014/06/06 20:01:16 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014/06/06 20:01:16 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014/06/06 20:01:15 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014/06/06 20:01:15 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014/06/06 20:01:15 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014/06/06 20:01:15 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014/06/06 20:01:15 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014/06/06 20:01:15 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014/06/06 20:01:15 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014/06/06 20:01:15 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014/06/06 20:01:14 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014/06/06 20:01:14 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014/06/06 20:01:14 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014/06/06 20:01:14 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014/06/06 20:01:14 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014/06/06 20:01:14 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014/06/06 20:01:14 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014/06/06 20:01:14 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014/06/06 20:01:14 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014/06/06 20:01:14 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014/06/06 20:01:14 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014/06/06 20:01:14 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014/06/06 20:01:13 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014/06/06 20:01:13 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014/06/06 20:01:13 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014/06/06 20:01:13 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014/06/06 20:01:13 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014/06/06 20:01:13 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014/06/06 20:01:13 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014/06/06 20:01:13 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014/06/06 20:01:13 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014/06/06 20:01:13 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014/06/06 20:01:13 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014/06/06 20:01:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014/06/06 20:01:12 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014/06/06 20:01:12 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014/06/06 20:01:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014/06/06 20:01:12 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014/06/06 20:01:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014/06/06 20:01:12 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014/06/06 20:01:12 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014/06/06 20:01:12 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014/06/06 20:01:12 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014/06/06 20:01:12 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014/06/06 20:01:11 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014/06/06 20:01:11 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014/06/06 20:01:11 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014/06/06 20:01:11 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014/06/06 20:01:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014/06/06 20:01:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014/06/06 20:01:11 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014/06/06 20:01:11 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014/06/06 20:01:11 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014/06/06 20:01:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014/06/06 20:01:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014/06/06 20:01:10 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014/06/06 20:01:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014/06/06 20:01:10 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014/06/06 20:01:10 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014/06/06 20:01:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014/06/06 20:01:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014/06/06 20:01:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014/06/06 20:01:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014/06/06 20:01:09 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014/06/06 20:01:09 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014/06/06 20:01:09 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014/06/06 20:01:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014/06/06 20:01:09 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014/06/06 20:01:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014/06/06 20:01:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014/06/06 20:01:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014/06/06 20:01:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014/06/06 20:01:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014/06/06 20:01:08 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/06/06 20:01:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/06/06 20:01:08 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/06/06 20:01:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/06/06 20:01:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/06/06 20:01:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/06/06 20:01:08 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/06/06 20:01:08 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/06/06 20:01:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/06/06 20:01:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/06/06 20:01:07 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/06/06 20:01:07 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/06/06 20:01:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/06/06 20:01:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/06/06 20:01:07 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/06/06 20:01:07 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/06/06 20:01:06 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/06/06 20:01:06 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/06/06 20:01:06 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/06/06 20:01:06 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/06/06 20:01:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/06/06 20:01:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/06/06 20:01:06 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/06/06 20:01:06 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/06/06 20:01:06 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/06/06 20:01:06 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/06/06 20:01:06 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/06/06 20:01:06 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/06/06 20:01:05 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/06/06 20:01:05 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/06/06 20:01:05 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/06/06 20:01:05 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/06/06 20:01:05 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/06/06 20:01:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/06/06 20:01:05 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/06/06 20:01:05 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/06/06 20:01:05 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/06/06 20:01:05 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/06/06 20:01:04 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014/06/06 20:01:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014/06/06 20:01:04 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/06/06 20:01:04 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/06/06 20:01:04 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/06/06 20:01:04 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/06/06 20:01:04 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/06/06 20:01:04 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/06/06 20:01:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/06/06 20:01:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/06/06 20:01:03 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/06/06 20:01:03 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/06/06 20:01:03 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/06/06 20:01:03 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/06/06 20:01:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/06/06 20:01:03 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/06/06 20:01:03 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/06/06 20:01:02 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/06/06 20:01:02 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/06/06 20:01:02 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/06/06 20:01:02 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/06/06 20:01:00 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/06/06 20:01:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/06/06 20:00:59 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/06/06 20:00:59 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/06/06 20:00:59 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/06/06 20:00:59 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/06/06 20:00:59 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/06/06 20:00:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/06/06 20:00:59 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/06/06 20:00:59 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/06/06 20:00:59 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/06/06 20:00:59 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/06/06 20:00:58 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/06/06 20:00:58 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/06/06 20:00:58 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/06/06 20:00:58 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/06/06 20:00:58 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/06/06 20:00:58 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/06/06 20:00:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/06 20:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2014/06/06 19:55:40 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/06 19:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/06 19:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/06/06 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\PassMark
[2014/06/06 19:34:44 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\PassMark
[2014/06/06 19:34:35 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014/06/06 19:34:35 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014/06/06 19:34:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014/06/06 19:34:34 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/06/06 19:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest (64-bit)
[2014/06/06 19:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Passmark
[2014/06/06 13:14:51 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Sanford,_L.P
[2014/06/06 13:14:34 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\DYMO Label
[2014/06/06 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\DYMO
[2014/06/06 13:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/06/06 13:13:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/06/06 13:13:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/06/06 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/06/06 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/06/06 13:12:49 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2014/06/06 13:12:49 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2014/06/06 13:12:49 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/06/06 13:12:49 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/06/06 13:12:49 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/06/06 13:12:49 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/06/06 13:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DYMO
[2014/06/06 13:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DYMO
[2014/06/06 02:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/06/06 02:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/06/06 02:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/06/06 02:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/06/06 02:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/06/06 02:21:09 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Macromedia
[2014/06/06 01:57:20 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Search Protection
[2014/06/06 01:55:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\uTorrent
[2014/06/06 01:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/06 01:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/06 01:30:22 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/06 01:30:21 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/06/06 01:30:21 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/06/06 01:30:21 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/06 01:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/06 01:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2014/06/06 01:03:37 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Blizzard Entertainment
[2014/06/05 23:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2014/06/05 23:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014/06/05 23:34:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/06/05 22:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
[2014/06/05 22:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital Corporation
[2014/06/05 22:04:13 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Programs
[2014/06/05 20:55:38 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Mozilla
[2014/06/05 20:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/06/05 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Macromedia
[2014/06/05 20:15:38 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/06/05 19:52:53 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\AMD
[2014/06/05 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\ATI
[2014/06/05 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\ATI
[2014/06/05 19:46:25 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2014/06/05 19:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2014/06/05 19:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/06/05 19:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/06/05 19:45:44 | 000,000,000 | ---D | C] -- C:\AMD
[2014/06/05 19:45:39 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2014/06/05 19:45:04 | 000,021,160 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmafd.sys
[2014/06/05 19:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/06/05 19:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014/06/05 19:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/06/05 19:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/06/05 19:40:17 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\WebStorage
[2014/06/05 19:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014/06/05 19:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/06/05 19:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/06/05 19:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/06/05 19:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2014/06/05 19:38:18 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\Asus WebStorage
[2014/06/05 19:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\WebStorage
[2014/06/05 19:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS WebStorage
[2014/06/05 19:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AWS
[2014/06/05 19:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/06/05 19:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/06/05 19:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/06/05 19:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2014/06/05 19:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS PowerControl Profiles
[2014/06/05 19:35:33 | 000,000,000 | ---D | C] -- C:\Windows\AsusInstAll
[2014/06/05 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2014/06/05 19:35:19 | 000,046,152 | R--- | C] (MCCI Corporation) -- C:\Windows\SysWow64\drivers\ASUSFILTER.sys
[2014/06/05 19:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2014/06/05 19:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/06/05 19:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/05 19:34:01 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\ASUS Remote GO!
[2014/06/05 19:33:36 | 000,032,840 | R--- | C] (NT Kernel Resources) -- C:\Windows\SysNative\drivers\ndisrd.sys
[2014/06/05 19:32:26 | 000,014,848 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\drivers\AiChargerPlus.sys
[2014/06/05 19:32:19 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2014/06/05 19:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2014/06/05 19:31:33 | 000,929,844 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\MFDLL\MFC42D.DLL
[2014/06/05 19:31:33 | 000,385,100 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\MFDLL\MSVCRTD.DLL
[2014/06/05 19:31:33 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\MFDLL\msvcrt.dll
[2014/06/05 19:31:32 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\MFDLL\MFC42.DLL
[2014/06/05 19:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\MFDLL
[2014/06/05 19:31:14 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2014/06/05 19:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2014/06/05 19:31:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/06/05 19:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014/06/05 19:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/06/05 19:20:30 | 002,407,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PrintConfig.dll
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Searches
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/05 19:20:03 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Contacts
[2014/06/05 19:20:03 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\VirtualStore
[2014/06/05 19:20:03 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Adobe
[2014/06/05 19:20:02 | 000,000,000 | --SD | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Videos
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Saved Games
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Pictures
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Music
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Links
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Favorites
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Downloads
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Documents
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Desktop
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/05 19:20:02 | 000,000,000 | -H-D | C] -- C:\Users\Will-PC\AppData
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Temp
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Packages
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Microsoft
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/05 19:20:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/06/05 19:16:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/06/05 19:16:05 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/07 00:52:02 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/07 00:50:10 | 000,001,965 | ---- | M] () -- C:\Users\Will-PC\Desktop\Continue Installation.lnk
[2014/06/07 00:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/07 00:11:01 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/07 00:11:01 | 000,734,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/07 00:11:01 | 000,139,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/07 00:10:17 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
[2014/06/07 00:06:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/07 00:05:13 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2014/06/07 00:04:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/07 00:04:45 | 2493,382,655 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/06 23:53:47 | 000,000,563 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/06/06 23:47:52 | 000,000,555 | ---- | M] () -- C:\Users\Will-PC\Desktop\SpeedFan.lnk
[2014/06/06 23:47:51 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/06 20:01:52 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI
[2014/06/06 19:55:40 | 000,000,173 | ---- | M] () -- C:\Users\Will-PC\Desktop\3DMark Demo.url
[2014/06/06 19:49:21 | 000,000,523 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/06 15:22:10 | 000,344,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/06 13:14:17 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\DYMO Label v.8.lnk
[2014/06/06 01:57:15 | 000,000,861 | ---- | M] () -- C:\Users\Will-PC\Desktop\µTorrent.lnk
[2014/06/06 01:28:17 | 000,000,586 | ---- | M] () -- C:\Users\Will-PC\Desktop\FurMark.lnk
[2014/06/05 23:36:28 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2014/06/05 22:18:26 | 000,000,017 | ---- | M] () -- C:\Users\Will-PC\AppData\Local\resmon.resmoncfg
[2014/06/05 20:56:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_M5A97 EVO R2.0.alu
[2014/06/05 19:46:45 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\GPUTweakStreaming.lnk
[2014/06/05 19:46:29 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/06/05 19:45:45 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014/06/05 19:42:08 | 000,020,767 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2014/06/05 19:42:06 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2014/06/05 19:41:54 | 000,029,386 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2014/06/05 19:40:55 | 000,000,303 | ---- | M] () -- C:\Windows\scd.ini
[2014/06/05 19:40:54 | 000,000,000 | ---- | M] () -- C:\Windows\Ascd_err.ini
[2014/06/05 19:39:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/05 19:39:02 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
[2014/06/05 19:38:51 | 000,002,289 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/06/05 19:38:18 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\WebStorage.lnk
[2014/06/05 19:37:37 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/06/05 19:34:01 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\Remote GO!.lnk
[2014/06/05 19:31:13 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
[2014/06/05 19:16:32 | 000,048,176 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/06/05 19:16:32 | 000,048,176 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2014/06/07 00:52:02 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/07 00:52:02 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/07 00:50:10 | 000,001,965 | ---- | C] () -- C:\Users\Will-PC\Desktop\Continue Installation.lnk
[2014/06/06 23:53:47 | 000,000,563 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/06/06 23:47:52 | 000,000,555 | ---- | C] () -- C:\Users\Will-PC\Desktop\SpeedFan.lnk
[2014/06/06 23:47:51 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/06 20:01:52 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2014/06/06 19:55:40 | 000,000,173 | ---- | C] () -- C:\Users\Will-PC\Desktop\3DMark Demo.url
[2014/06/06 19:49:21 | 000,000,523 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/06 13:14:17 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\DYMO Label v.8.lnk
[2014/06/06 02:20:10 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/06 01:57:15 | 000,000,861 | ---- | C] () -- C:\Users\Will-PC\Desktop\µTorrent.lnk
[2014/06/06 01:28:17 | 000,000,586 | ---- | C] () -- C:\Users\Will-PC\Desktop\FurMark.lnk
[2014/06/05 23:09:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2014/06/05 22:18:26 | 000,000,017 | ---- | C] () -- C:\Users\Will-PC\AppData\Local\resmon.resmoncfg
[2014/06/05 20:56:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_M5A97 EVO R2.0.alu
[2014/06/05 19:46:45 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\GPUTweakStreaming.lnk
[2014/06/05 19:46:29 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/06/05 19:45:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/06/05 19:45:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/05 19:45:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/05 19:45:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/05 19:45:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/05 19:45:39 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/06/05 19:45:39 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014/06/05 19:45:38 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2014/06/05 19:45:38 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2014/06/05 19:45:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/06/05 19:45:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/06/05 19:45:38 | 000,047,427 | ---- | C] () -- C:\Windows\atiogl.xml
[2014/06/05 19:44:56 | 000,000,000 | ---- | C] () -- C:\Windows\Path.idx
[2014/06/05 19:39:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/05 19:39:02 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
[2014/06/05 19:38:51 | 000,002,289 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/06/05 19:38:18 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\WebStorage.lnk
[2014/06/05 19:37:37 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/06/05 19:37:37 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/06/05 19:36:26 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2014/06/05 19:33:52 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\Remote GO!.lnk
[2014/06/05 19:32:35 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2014/06/05 19:31:32 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014/06/05 19:31:32 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2014/06/05 19:31:14 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014/06/05 19:31:13 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
[2014/06/05 19:30:21 | 000,029,386 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2014/06/05 19:30:21 | 000,000,303 | ---- | C] () -- C:\Windows\scd.ini
[2014/06/05 19:30:21 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
[2014/06/05 19:27:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014/06/05 19:27:31 | 000,020,767 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2014/06/05 19:27:30 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2014/06/05 19:22:39 | 000,863,592 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/05 19:20:03 | 000,001,442 | ---- | C] () -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/05 19:16:56 | 2493,382,655 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/05 19:16:05 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/04/18 03:14:26 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/06/06 20:00:53 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/22 13:40:00 | 021,192,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/22 06:25:39 | 018,634,248 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 


  • 0

#4
zep516
Posted 06 June 2014 - 07:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Please from now on download everything to the desk top and run things from there, not the downloads folder...
Every tool gets right clicked and "Run as Administrator"

Please remove these programs from your Programs an Features list: Start> control panel> Programs&Features
1- Search Protect.
2- µTorrent.

Next

We need to do a fix to delete some files using OTL
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :COMMANDS
[CREATERESTOREPOINT]

:OTL
SRV - [2014/06/05 12:51:14 | 002,497,344 | ---- | M] (Client Connect LTD) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
IE - HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...442326B6A&SSPV=
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
2014/06/06 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\SearchProtect
[2014/06/06 23:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/06/06 23:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/06/06 01:57:20 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Search Protection
[2014/06/06 01:55:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\uTorrent
[2014/06/06 01:57:15 | 000,000,861 | ---- | M] () -- C:\Users\Will-PC\Desktop\µTorrent.lnk

:Files

ipconfig /flushdns /c
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
C:\Users\Will-PC\AppData\Roaming\Search Protection\SearchProtection.exe

:Commands
[emptytemp]
[resethosts]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
  • Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner
    Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Your Next reply please post:

    1- OTL Fix Log, that should pop up in front of you, if it does not it's located here->C:\_OTL\Moved Files
    2- Post a new OTL After quick scan.
    3- Post the adwCleaner [SO].TXT
    4- JRT Log file

    5- How is the computer now?

    Thanks
    Joe :)

  • 0

#5
peyote
Posted 06 June 2014 - 07:30 PM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Really sorry to waste your time zep516 but I also just got a programme called "zip opener packages" installed and it will not uninstall the normal way and is proabaly malware. It installed after I did the first scan so it want be on either of the .txt files I posted above. Shall I rerun the scan above and start again ? 

 

I have uninstalled utorrent and search protector and will not even download anything or even browse the web until you say everything is removed, sorry again. I only wanted software to read my CPU temps :upset:


Edited by peyote, 06 June 2014 - 07:31 PM.

  • 0

#6
zep516
Posted 06 June 2014 - 07:36 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts

will not even download anything or even browse the web until you say everything is removed,


That's what you're supposed to do :)

I know it's late there so take your time, I'll be here all day Tomorrow too. Keep following my instructions I have provided.
  • 0

#7
peyote
Posted 07 June 2014 - 01:25 AM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

The "zip opener packages" has gone from the programmes and features and IE and Mozilla seem to be back to normal :yeah:

 

Here are all the reports requested, in order;

 

 

 

 

 

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service CltMngSvc stopped successfully!
Service CltMngSvc deleted successfully!
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe moved successfully.
HKU\S-1-5-21-3255366530-3622484101-689240536-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Program Files (x86)\SearchProtect\SearchProtect\rep folder moved successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin folder moved successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect folder moved successfully.
C:\ProgramData\APN\APN-Stub folder moved successfully.
C:\ProgramData\APN folder moved successfully.
Folder C:\Users\Will-PC\AppData\Roaming\Search Protection\ not found.
C:\Users\Will-PC\AppData\Roaming\uTorrent folder moved successfully.
File C:\Users\Will-PC\Desktop\µTorrent.lnk not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Will-PC\Downloads\cmd.bat deleted successfully.
C:\Users\Will-PC\Downloads\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe not found.
File\Folder C:\Users\Will-PC\AppData\Roaming\Search Protection\SearchProtection.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Will-PC
->Temp folder emptied: 41884795 bytes
->Temporary Internet Files folder emptied: 27390049 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 27021383 bytes
->Flash cache emptied: 2557 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 240245 bytes
RecycleBin emptied: 1017076487 bytes
 
Total Files Cleaned = 1,062.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 06072014_022619

Files\Folders moved on Reboot...
C:\Users\Will-PC\AppData\Local\Temp\winstore.log moved successfully.
C:\Users\Will-PC\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

 

 

 

 

 

OTL logfile created on: 07/06/2014 08:06:35 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Will-PC\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
7.90 Gb Total Physical Memory | 6.50 Gb Available Physical Memory | 82.30% Memory free
9.78 Gb Paging File | 8.14 Gb Available in Paging File | 83.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.13 Gb Total Space | 199.03 Gb Free Space | 83.58% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 928.39 Gb Free Space | 99.67% Space Free | Partition Type: NTFS
 
Computer Name: NEWBUILD | User Name: Will-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2014/06/07 07:59:58 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Will-PC\Downloads\JRT.exe
PRC - [2014/06/07 02:05:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Will-PC\Downloads\OTL(1).exe
PRC - [2014/05/07 03:26:43 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/03/20 22:15:08 | 001,867,056 | ---- | M] (Sanford, L.P.) -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
PRC - [2013/10/21 09:56:38 | 003,282,680 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
PRC - [2013/10/16 10:20:24 | 002,701,048 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
PRC - [2013/09/17 11:58:57 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2013/09/17 11:58:57 | 000,920,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2013/09/11 21:43:44 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2013/08/26 10:46:04 | 000,967,480 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
PRC - [2013/08/26 09:55:06 | 000,696,632 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
PRC - [2013/08/22 03:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2013/08/19 17:21:40 | 001,108,992 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2013/01/28 15:58:52 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2013/01/14 20:04:14 | 001,199,416 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
PRC - [2012/11/09 08:51:04 | 001,632,256 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/05/03 12:17:36 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/07 03:27:09 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/20 21:50:44 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
MOD - [2013/10/24 05:38:44 | 004,554,752 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2013/10/07 10:30:08 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
MOD - [2013/09/24 17:22:48 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
MOD - [2013/08/19 17:21:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2013/08/19 10:23:16 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2013/08/17 01:06:32 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/17 01:06:31 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2013/08/17 01:06:30 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/08/17 01:06:30 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2013/08/17 01:06:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/17 01:06:23 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2013/08/06 20:04:58 | 002,502,656 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.dll
MOD - [2013/08/05 11:14:32 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
MOD - [2013/08/03 05:41:51 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2013/08/03 05:41:50 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2013/08/03 05:41:50 | 004,218,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2013/08/03 05:40:14 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2013/06/24 17:48:46 | 002,055,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
MOD - [2013/06/24 15:59:32 | 001,173,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2013/06/13 17:37:48 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
MOD - [2013/06/11 12:06:06 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.dll
MOD - [2013/05/08 16:22:48 | 001,040,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
MOD - [2013/04/15 14:19:46 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2013/03/21 19:38:04 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
MOD - [2013/01/28 15:58:52 | 000,870,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2012/10/08 17:07:46 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012/08/29 18:09:00 | 000,875,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2012/07/20 09:39:40 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/06/19 12:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
MOD - [2012/04/25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
MOD - [2012/01/12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/12/14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
MOD - [2010/10/29 18:58:02 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
MOD - [2010/08/23 03:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/18 02:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 10:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 05:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/08 04:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/10/31 01:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/10/31 01:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/10/22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/10/04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/21 06:38:15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/21 06:34:45 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/08/31 11:00:10 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/06/06 02:21:58 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/29 18:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/07 03:27:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- E:\CCC\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2014/03/20 22:22:56 | 000,033,072 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2014/02/28 02:41:42 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013/09/17 11:58:57 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/09/17 11:58:57 | 000,920,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2013/08/31 10:25:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/06/26 07:54:00 | 000,071,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012/11/09 08:51:04 | 001,632,256 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV:64bit: - [2014/04/18 03:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/04/18 02:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/03/11 15:20:04 | 000,222,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2014/03/10 11:35:53 | 000,377,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/01/08 02:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/11/11 03:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 12:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/31 01:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/31 01:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/31 01:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/10/31 01:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/26 02:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/21 13:10:51 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/17 10:18:30 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/14 15:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 21:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 21:59:34 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/16 15:37:12 | 000,424,192 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2013/08/16 15:37:12 | 000,140,032 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 15:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/09 10:42:06 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\t_mouse.sys -- (t_mouse.sys)
DRV:64bit: - [2013/02/21 04:40:38 | 000,032,840 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012/09/23 00:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- E:\CCC\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV - [2012/12/29 21:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1056230449&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 66 80 84 C7 F7 80 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1056230449&ir=
IE - HKCU\..\SearchScopes\{616B5D3C-E4DC-4838-B46D-69CF7CD2BC13}: "URL" = https://uk.search.ya...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/06/07 01:48:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will-PC\AppData\Roaming\Mozilla\Extensions
[2014/06/07 01:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will-PC\AppData\Roaming\Mozilla\Firefox\Profiles\j25dlfal.default\extensions
[2014/06/07 01:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/07 01:47:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/06/07 02:26:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MouseDriver] C:\Windows\SysNative\TiltWheelMouse.exe (Pixart Imaging Inc)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" File not found
O4 - HKLM..\Run: [StartCCC] E:\CCC\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\ASUSWSLoader.exe ()
O4 - HKCU..\Run: [DymoQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC3F00E6-A2AA-4D41-9AF7-0E0E095EEE75}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{73962c95-ecdd-11e3-824c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{73962c95-ecdd-11e3-824c-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\StarCraft II Setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/07 08:00:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/07 07:48:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/07 02:45:14 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2014/06/07 02:43:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/06/07 02:26:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/06/07 01:48:09 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Mozilla
[2014/06/07 01:48:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/07 01:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/07 01:33:18 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\WorldofTanks
[2014/06/07 01:33:00 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Soldiers
[2014/06/07 01:32:58 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\StormFall
[2014/06/06 23:47:52 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014/06/06 23:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2014/06/06 23:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2014/06/06 23:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014/06/06 20:01:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Futuremark
[2014/06/06 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\3DMark
[2014/06/06 20:00:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/06 20:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2014/06/06 19:55:40 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/06 19:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/06/06 19:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/06/06 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\PassMark
[2014/06/06 19:34:44 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\PassMark
[2014/06/06 19:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest (64-bit)
[2014/06/06 19:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Passmark
[2014/06/06 13:14:51 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Sanford,_L.P
[2014/06/06 13:14:34 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\DYMO Label
[2014/06/06 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\DYMO
[2014/06/06 13:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/06/06 13:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/06/06 13:13:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/06/06 13:13:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/06/06 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/06/06 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/06/06 13:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DYMO
[2014/06/06 13:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DYMO
[2014/06/06 02:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/06/06 02:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/06/06 02:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/06/06 02:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/06/06 02:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/06/06 02:21:09 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Macromedia
[2014/06/06 01:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/06 01:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/06 01:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/06 01:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[2014/06/06 01:03:37 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Blizzard Entertainment
[2014/06/05 23:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2014/06/05 23:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014/06/05 23:34:33 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014/06/05 23:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014/06/05 22:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
[2014/06/05 22:04:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital Corporation
[2014/06/05 22:04:13 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Programs
[2014/06/05 20:55:38 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Mozilla
[2014/06/05 20:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/06/05 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Macromedia
[2014/06/05 20:15:38 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/06/05 19:52:53 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\AMD
[2014/06/05 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\ATI
[2014/06/05 19:52:48 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\ATI
[2014/06/05 19:46:25 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2014/06/05 19:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2014/06/05 19:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/06/05 19:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/06/05 19:45:44 | 000,000,000 | ---D | C] -- C:\AMD
[2014/06/05 19:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/06/05 19:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014/06/05 19:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/06/05 19:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/06/05 19:40:17 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\WebStorage
[2014/06/05 19:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014/06/05 19:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/06/05 19:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/06/05 19:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/06/05 19:38:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2014/06/05 19:38:18 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\Asus WebStorage
[2014/06/05 19:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\WebStorage
[2014/06/05 19:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS WebStorage
[2014/06/05 19:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AWS
[2014/06/05 19:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/06/05 19:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/06/05 19:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/06/05 19:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2014/06/05 19:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS PowerControl Profiles
[2014/06/05 19:35:33 | 000,000,000 | ---D | C] -- C:\Windows\AsusInstAll
[2014/06/05 19:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2014/06/05 19:35:19 | 000,046,152 | R--- | C] (MCCI Corporation) -- C:\Windows\SysWow64\drivers\ASUSFILTER.sys
[2014/06/05 19:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2014/06/05 19:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/06/05 19:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/05 19:34:01 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\Documents\ASUS Remote GO!
[2014/06/05 19:33:36 | 000,032,840 | R--- | C] (NT Kernel Resources) -- C:\Windows\SysNative\drivers\ndisrd.sys
[2014/06/05 19:32:26 | 000,014,848 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\drivers\AiChargerPlus.sys
[2014/06/05 19:32:19 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2014/06/05 19:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2014/06/05 19:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\MFDLL
[2014/06/05 19:31:14 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2014/06/05 19:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2014/06/05 19:31:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/06/05 19:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014/06/05 19:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Searches
[2014/06/05 19:20:04 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/05 19:20:03 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Contacts
[2014/06/05 19:20:03 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\VirtualStore
[2014/06/05 19:20:03 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Adobe
[2014/06/05 19:20:02 | 000,000,000 | --SD | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Videos
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Saved Games
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Pictures
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Music
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Links
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Favorites
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Downloads
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Documents
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\Desktop
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/05 19:20:02 | 000,000,000 | R--D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/05 19:20:02 | 000,000,000 | -H-D | C] -- C:\Users\Will-PC\AppData
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Temp
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Packages
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Local\Microsoft
[2014/06/05 19:20:02 | 000,000,000 | ---D | C] -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/05 19:20:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/06/05 19:16:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/06/05 19:16:05 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/07 08:04:25 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/07 08:04:25 | 000,734,492 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/07 08:04:25 | 000,139,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/07 08:03:09 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx
[2014/06/07 07:59:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/07 07:58:05 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2014/06/07 07:57:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/07 07:57:25 | 2493,382,655 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/07 03:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/07 02:32:51 | 000,344,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/07 02:26:53 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/06/07 01:48:04 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/07 00:50:10 | 000,001,965 | ---- | M] () -- C:\Users\Will-PC\Desktop\Continue Installation.lnk
[2014/06/06 23:53:47 | 000,000,563 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/06/06 23:47:52 | 000,000,555 | ---- | M] () -- C:\Users\Will-PC\Desktop\SpeedFan.lnk
[2014/06/06 23:47:51 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/06 20:01:52 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI
[2014/06/06 19:55:40 | 000,000,173 | ---- | M] () -- C:\Users\Will-PC\Desktop\3DMark Demo.url
[2014/06/06 19:49:21 | 000,000,523 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/06 13:14:17 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\DYMO Label v.8.lnk
[2014/06/06 01:28:17 | 000,000,586 | ---- | M] () -- C:\Users\Will-PC\Desktop\FurMark.lnk
[2014/06/05 23:36:28 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2014/06/05 22:18:26 | 000,000,017 | ---- | M] () -- C:\Users\Will-PC\AppData\Local\resmon.resmoncfg
[2014/06/05 20:56:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_M5A97 EVO R2.0.alu
[2014/06/05 19:46:45 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\GPUTweakStreaming.lnk
[2014/06/05 19:46:29 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/06/05 19:45:45 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014/06/05 19:42:08 | 000,020,767 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2014/06/05 19:42:06 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2014/06/05 19:41:54 | 000,029,386 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2014/06/05 19:40:55 | 000,000,303 | ---- | M] () -- C:\Windows\scd.ini
[2014/06/05 19:40:54 | 000,000,000 | ---- | M] () -- C:\Windows\Ascd_err.ini
[2014/06/05 19:39:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/05 19:39:02 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
[2014/06/05 19:38:51 | 000,002,289 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/06/05 19:38:18 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\WebStorage.lnk
[2014/06/05 19:37:37 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/06/05 19:34:01 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\Remote GO!.lnk
[2014/06/05 19:31:13 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
[2014/06/05 19:16:32 | 000,048,176 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/06/05 19:16:32 | 000,048,176 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2014/06/07 01:48:04 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/07 01:48:04 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/07 00:50:10 | 000,001,965 | ---- | C] () -- C:\Users\Will-PC\Desktop\Continue Installation.lnk
[2014/06/06 23:53:47 | 000,000,563 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/06/06 23:47:52 | 000,000,555 | ---- | C] () -- C:\Users\Will-PC\Desktop\SpeedFan.lnk
[2014/06/06 23:47:51 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/06/06 20:21:47 | 000,138,240 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2014/06/06 20:21:47 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/06/06 20:05:22 | 000,386,722 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/06/06 20:03:11 | 000,009,701 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-results.searchconnector-ms
[2014/06/06 20:03:11 | 000,009,701 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-results.searchconnector-ms
[2014/06/06 20:01:52 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2014/06/06 19:55:40 | 000,000,173 | ---- | C] () -- C:\Users\Will-PC\Desktop\3DMark Demo.url
[2014/06/06 19:49:21 | 000,000,523 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/06 13:14:17 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\DYMO Label v.8.lnk
[2014/06/06 02:20:10 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/06 01:28:17 | 000,000,586 | ---- | C] () -- C:\Users\Will-PC\Desktop\FurMark.lnk
[2014/06/05 23:09:38 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2014/06/05 22:18:26 | 000,000,017 | ---- | C] () -- C:\Users\Will-PC\AppData\Local\resmon.resmoncfg
[2014/06/05 20:56:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_M5A97 EVO R2.0.alu
[2014/06/05 19:46:45 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\GPUTweakStreaming.lnk
[2014/06/05 19:46:29 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/06/05 19:45:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/06/05 19:45:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/06/05 19:45:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014/06/05 19:45:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/06/05 19:45:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014/06/05 19:45:39 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/06/05 19:45:39 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014/06/05 19:45:38 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2014/06/05 19:45:38 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2014/06/05 19:45:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/06/05 19:45:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/06/05 19:45:38 | 000,047,427 | ---- | C] () -- C:\Windows\atiogl.xml
[2014/06/05 19:44:56 | 000,000,000 | ---- | C] () -- C:\Windows\Path.idx
[2014/06/05 19:39:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/05 19:39:02 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
[2014/06/05 19:38:51 | 000,002,289 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/06/05 19:38:18 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\WebStorage.lnk
[2014/06/05 19:37:37 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/06/05 19:37:37 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/06/05 19:36:26 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2014/06/05 19:33:52 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\Remote GO!.lnk
[2014/06/05 19:32:35 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2014/06/05 19:31:32 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014/06/05 19:31:32 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2014/06/05 19:31:14 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014/06/05 19:31:13 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Boot Setting 1.00.17.lnk
[2014/06/05 19:30:21 | 000,029,386 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2014/06/05 19:30:21 | 000,000,303 | ---- | C] () -- C:\Windows\scd.ini
[2014/06/05 19:30:21 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
[2014/06/05 19:27:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014/06/05 19:27:31 | 000,020,767 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2014/06/05 19:27:30 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2014/06/05 19:22:39 | 000,863,592 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/05 19:20:03 | 000,001,442 | ---- | C] () -- C:\Users\Will-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/05 19:16:56 | 2493,382,655 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/05 19:16:05 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/04/18 03:14:26 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/06/06 20:00:53 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/19 12:15:54 | 021,186,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/19 07:49:39 | 018,644,072 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/05 19:40:17 | 000,000,000 | ---D | M] -- C:\Users\Will-PC\AppData\Roaming\WebStorage
 
========== Purity Check ==========
 
 

< End of report >

 

 

 

 

 

# AdwCleaner v3.212 - Report created 07/06/2014 at 07:53:42
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Will-PC - NEWBUILD
# Running from : C:\Users\Will-PC\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Users\Will-PC\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Will-PC\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Deleted : C:\Users\Will-PC\AppData\Roaming\DigitalSites
File Deleted : C:\Windows\Tasks\Digital Sites.job
File Deleted : C:\Windows\System32\Tasks\Digital Sites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0.1 (en-GB)

[ File : C:\Users\Will-PC\AppData\Roaming\Mozilla\Firefox\Profiles\j25dlfal.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3244 octets] - [07/06/2014 07:51:32]
AdwCleaner[S0].txt - [2228 octets] - [07/06/2014 07:53:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2288 octets] ##########

 

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Will-PC on 07/06/2014 at  8:00:54.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/06/2014 at  8:04:01.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Edited by peyote, 07 June 2014 - 01:31 AM.

  • 0

#8
zep516
Posted 07 June 2014 - 07:16 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Very good peyote,

Lets double check things with an on line scan,

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Thanks
Joe :)

What Anti Virus program do you use?
  • 0

#9
peyote
Posted 07 June 2014 - 08:46 AM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

I followed the instructions to turn Windows Defender off but in the action centre there is no on/off icon to click, it just says "on" next to Windows Defender. Are there setting that need to be changed to allow this ?


  • 0

#10
zep516
Posted 07 June 2014 - 08:52 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
OK.

As long as windows defender is running that's fine.

Run the ESET scan and post the log. This is just a double check for Malware.

Joe
  • 0

Advertisements

#11
peyote
Posted 07 June 2014 - 09:48 AM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Here's the report but I had stop it at 80 'ish % becuase I realised the remove found threats was select. At 80'ish % 11 threats were found. I re-run it exactly as instructed above and it completed with only 7 threats;

 

 

 

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=26557ce285f43447bdae7c2501bf2746
# engine=18609
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-07 03:06:36
# local_time=2014-06-07 04:06:36 (+0000, GMT Summer Time)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 3598 19469893 0 0
# scanned=189128
# found=11
# cleaned=4
# scan_time=894
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\cbsidlm-cbsi188-SpeedFan-SEO-10067444.exe"
sh=B21DEEE148BF7C325BB65A57F9B369B181A88460 ft=1 fh=a10244e442f145b7 vn="a variant of Win32/InstallIQ.A potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\CoreTemp_1.0.exe"
sh=BE704593459E65858200013241585C354E5A0BBD ft=1 fh=c71c00119765b78d vn="a variant of Win32/InstallCore.NN potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\ZipSetup.exe"
sh=5B692FAC0BFEE8DE9CC83E0DC2F5DFA12E15E702 ft=1 fh=9cdbb654185e03c8 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
sh=665E2E954FAF12608E5DA49B995DA16B6217E368 ft=1 fh=267d83521f8bf79c vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=6A1FAC6D732FE5802025DB2204FAF0BD5BD4C3FA ft=1 fh=5a8314f0d2839b27 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=613318D39F4556172DC50E3900EC198CDC10D39B ft=1 fh=a92d16242a1eddb2 vn="a variant of Win64/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"
sh=C1C723067CE078FBB46100ADAFA04EC8B970D33B ft=1 fh=d2071d8e9c6b1de9 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=9780E38EBC2D7EA2AB42A88EDE2B3EBF7107DBD6 ft=1 fh=3a49362a559c1bed vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=C41BC74ABB38FC9848F05AD411EA817FAC2D68F8 ft=1 fh=de21860bcfc985e3 vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Will-PC\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Zip Opener Packages\uninstaller.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=26557ce285f43447bdae7c2501bf2746
# engine=18609
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-07 03:30:28
# local_time=2014-06-07 04:30:28 (+0000, GMT Summer Time)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 5030 19471325 0 0
# scanned=189045
# found=7
# cleaned=0
# scan_time=1266
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\cbsidlm-cbsi188-SpeedFan-SEO-10067444.exe"
sh=B21DEEE148BF7C325BB65A57F9B369B181A88460 ft=1 fh=a10244e442f145b7 vn="a variant of Win32/InstallIQ.A potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\CoreTemp_1.0.exe"
sh=BE704593459E65858200013241585C354E5A0BBD ft=1 fh=c71c00119765b78d vn="a variant of Win32/InstallCore.NN potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\ZipSetup.exe"
sh=5B692FAC0BFEE8DE9CC83E0DC2F5DFA12E15E702 ft=1 fh=9cdbb654185e03c8 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
sh=665E2E954FAF12608E5DA49B995DA16B6217E368 ft=1 fh=267d83521f8bf79c vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=6A1FAC6D732FE5802025DB2204FAF0BD5BD4C3FA ft=1 fh=5a8314f0d2839b27 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=613318D39F4556172DC50E3900EC198CDC10D39B ft=1 fh=a92d16242a1eddb2 vn="a variant of Win64/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"
 


  • 0

#12
zep516
Posted 07 June 2014 - 10:01 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,
 

sh=5B692FAC0BFEE8DE9CC83E0DC2F5DFA12E15E702 ft=1 fh=9cdbb654185e03c8 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
sh=665E2E954FAF12608E5DA49B995DA16B6217E368 ft=1 fh=267d83521f8bf79c vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe"
sh=6A1FAC6D732FE5802025DB2204FAF0BD5BD4C3FA ft=1 fh=5a8314f0d2839b27 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll"
sh=613318D39F4556172DC50E3900EC198CDC10D39B ft=1 fh=a92d16242a1eddb2 vn="a variant of Win64/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\_OTL\MovedFiles\06072014_022619\C_Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"


See how it say's moved files, they already have been moved. When we remove OTL they will go away.
 

sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\cbsidlm-cbsi188-SpeedFan-SEO-10067444.exe"
sh=B21DEEE148BF7C325BB65A57F9B369B181A88460 ft=1 fh=a10244e442f145b7 vn="a variant of Win32/InstallIQ.A potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\CoreTemp_1.0.exe"
sh=BE704593459E65858200013241585C354E5A0BBD ft=1 fh=c71c00119765b78d vn="a variant of Win32/InstallCore.NN potentially unwanted application" ac=I fn="C:\Users\Will-PC\Downloads\ZipSetup.exe"


See how it says downloads folder, ESET does not like exe's in the downloads folder so it flags them. You can clear out the downloads folder if you want.

If there are no further issues we will clean up our tools.

Next

Since your log reports are clean and free of malware, lets clean up after ourselves.


OTL Clean-Up

Right click on the OTLicon.jpg icon on your desktop and choose Run as administrator to open the main window.

Next click on the CleanUpButtonOTL.jpg button.

Once clean up is complete you will be prompted to reboot your computer. Please do so.

This will remove most of the programs we have used including itself.


Next

Double-click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
Right click on the JRT Icon and select delete.
If there are any left over tools or logs on your computer please delete them now.


Next

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
disc%20clean.JPG


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Thanks
Joe :)
  • 0

#13
peyote
Posted 07 June 2014 - 11:06 AM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

Almost done but can't follow "Go Start > All Programmes > Accessories > System tools Right click Disc Cleanup and select run as administrator". Using Windows 8.1 and struggling to navigate to specific files, completely different layout from Vista. I have found system tools but there is no "disc clean up", would i need to go to "disc managment" ???

 

 

Attached Thumbnails

  • Untitled.png
  • Untitled2.png

Edited by peyote, 07 June 2014 - 11:08 AM.

  • 0

#14
zep516
Posted 07 June 2014 - 11:34 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

We need to disable system restore, then reinable.

Disabling System Restore

Tip: The one time it is suggested that you disable and then enable System Restore is after you clean infections from your computer. By disabling System Restore after an infection cleanup you will disable all restore points that may reinfect you if you restore them in the future. Enabling System Restore after these potentially infected restore points are deleted allows you to start with a clean slate.



http://www.bleepingc...-guide/#disable

Thanks
Joe :)
  • 0

#15
peyote
Posted 07 June 2014 - 12:01 PM

peyote

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 161 posts

All done! Thank you so much for help!

 

One very last question, not noticed this before the last days events but my Google home page is " https://www.google.c...DoCA&gws_rd=ssl ". Is this normal as I am sure it used to be just "https://www.google.co.uk". If normal and nothing to worry about then thanks again !


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP